[Help Wanted] Try that dangerous downgrade method...

Discussion in 'PS Vita - Hacking & Homebrew' started by yifan_lu, Aug 24, 2016.

  1. yifan_lu
    OP

    yifan_lu @yifanlu

    Member
    660
    1,376
    Apr 28, 2007
    United States
    I heard rumors of people downgrading by corrupting vs0 (can someone link to the source of the rumors?). Regardless if the original poster is lying or not, there is a possibility that if you corrupt vs0, safe mode would allow you to install any FW version. If that's the case, it means you can downgrade with hardware: connect the nand to your computer, corrupt vs0, and downgrade.

    Of course I don't want to test this theory but if anyone wants to risk their vita for science... Use VitaRW and delete ALL of vs0 (do NOT touch os0). Let us know what happens.
     
    Last edited by yifan_lu, Aug 24, 2016
  2. DinohScene

    DinohScene Feed Dino to the Sharks

    Member
    GBAtemp Patron
    DinohScene is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    16,348
    12,951
    Oct 11, 2011
    Antarctica
    В небо
    Would it be possible to dump the entire NAND of a Vita by hardware and restore it later on in case something bricks?
    Might be asked before but couldn't find it that quickly.
     
  3. Voxel

    Voxel Fable Junkie

    Member
    GBAtemp Patron
    Voxel is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    5,209
    5,958
    Jun 27, 2015
    United Kingdom
    England, UK
    So let me get this straight; someone would delete the entire contents of vs0, and then attempt to use a lower-firmware PUP update file afterwards?
    You said there was some hardware involved. ("downgrade with hardware"), through corrupting the vs0 partition by connecting the NAND to a PC. That bit I don't quite understand, as I would have already deleted vs0 before-hand using VitaRW, so there is nothing really to corrupt...

    If someone could give me a brief explanation about that, that would be really appreciated.
     
  4. yifan_lu
    OP

    yifan_lu @yifanlu

    Member
    660
    1,376
    Apr 28, 2007
    United States
    You would have to hardware mod first and dump the nand encrypted. If you dump from software it is decrypted already.
     
  5. yifan_lu
    OP

    yifan_lu @yifanlu

    Member
    660
    1,376
    Apr 28, 2007
    United States
    Thanks @dkabot for taking the risk! We can confirm that even if you delete ALL of vs0, vita still boots to safe mode. Still haven't tried updating yet but at least now you can mod your vs0 at will without fear of permabrick
     
  6. usraek

    usraek Member

    Newcomer
    16
    2
    Jan 14, 2016
    Canada
    Yikes, I was on the edge of my seat there. *whew*

    Neat.
     
  7. demounit

    demounit GBAtemp Regular

    Member
    257
    153
    Aug 18, 2016
  8. dkabot

    dkabot Better With Others' Systems Than Their Own

    Member
    1,000
    349
    Sep 9, 2014
    United States
    Alright, at least on a PSTV, I can't do it at all. Denies me every step.
    The thought may still be valid, as it involved editing XMLs and using a proxy, so we have agents working on that.

    Still good to know we can break vs0 without too much harm it seems.
    Had to hold power 30 secs to hit safemode, though.
     
    VinsCool, ihaveamac and demounit like this.
  9. yifan_lu
    OP

    yifan_lu @yifanlu

    Member
    660
    1,376
    Apr 28, 2007
    United States
    Unfortunately the vita still knows that it is 3.60 so the book ends there. However we have empirical evidence that vs0 hacks will not hard brick you so that's a great discovery.
     
  10. nero99

    nero99 GBAtemp Advanced Maniac

    Member
    1,997
    922
    Sep 18, 2014
    United States
    Why is there a fake yifan_lu here?
     
  11. VitaType

    VitaType GBAtemp Advanced Fan

    Member
    767
    345
    Jul 16, 2016
    Germany
    This is the real one. How do you come to the idea that this is a fake acc?
     
  12. satan89

    satan89 GBAtemp Fan

    Member
    389
    135
    Jan 30, 2014
    India
    Limbo
  13. dkabot

    dkabot Better With Others' Systems Than Their Own

    Member
    1,000
    349
    Sep 9, 2014
    United States
  14. AlexTCGPro

    AlexTCGPro Member

    Newcomer
    19
    3
    Jul 10, 2013
    Uruguay
    Montevideo, Uruguay
    This topic http://forum.hackinformer.com/viewtopic.php?f=19&t=783, while mistranslated, the guy affirmed he was able to downgrade his Vita by semi bricking the console and then doing some hex edits and charles, now with this method we can bypass half the instructions, could this work?
     
  15. yifan_lu
    OP

    yifan_lu @yifanlu

    Member
    660
    1,376
    Apr 28, 2007
    United States
    No I think they were mistaken. If you brick a vita DURING an update from 3.60 to 3.61 you can install 3.60 again. If you brick it AFTER a successful update then you can only install 3.61. I think the poster only witnessed the former result.
     
  16. AlexTCGPro

    AlexTCGPro Member

    Newcomer
    19
    3
    Jul 10, 2013
    Uruguay
    Montevideo, Uruguay
    I see, perhaps that's why he takes so long to answer, he was unable to do it again after he updated to 3.61, well, at least we learned something I guess
     
  17. dkabot

    dkabot Better With Others' Systems Than Their Own

    Member
    1,000
    349
    Sep 9, 2014
    United States
    Some further testing from @xy2_ revealed that Safe Mode and Recovery Mode are separate, and Safe Mode may be slightly more liberal than Recovery.
    The method outlined on HackInformer may be possible, after all?

    However, they can't test further, it seems, so that sucks.
     
  18. NicholasCullihal

    NicholasCullihal GBAtemp Regular

    Member
    162
    19
    Jul 28, 2012
    try this

    1. download these files
    https://mega.nz/#!yQVACArR!2KK4lNrsPO_gnoh1q6EDgFXRDEJru5O6WcCcGvknq1o
    2.add the psp2updat.pup from 3.60/full/ to your qcma update folder as well as a web hosting server on your ip
    3.edit your psp2-updatelist.xml so it says this:


    Code: Select all

    <?xml version="1.0" encoding="UTF-8"?>
    <update_data_list>
    <region id="us">
    <np level0_system_version="01.600.000" level1_system_version="03.600.000" level2_system_version="03.600.000" map="03.600.000" />
    <np_d level0_system_version="01.600.000" level1_system_version="03.600.000" level2_system_version="03.600.000" map="03.600.000" />
    <version system_version="04.600.000" label="3.60">
    <update_data update_type="full">
    <image size="133676544">*your ip server address here*/3.60/full/PSP2UPDAT.PUP</image>
    </update_data>
    </version>
    </region>
    </update_data_list>
    4.enable flight mode on psvita and select "system update", then select "update by connecting to a pc"
    5. it will show the new version screen with "version 3.60" so go through the steps for a normal update
    6. the system update will start and then go to an error stating "This system software cannot be used with this system (c1-6562-9)"

    if anyone could reproduce this maybe try hex editing the update pup or something. i don't know how hex editing works though. [​IMG] i am sure however if we all band together we can get a working downgrade! [​IMG]
    ...
    simplyphat is my hackinformer account
     
    AlexTCGPro likes this.