First of all, for those who don't know what the Zeebo is, it is a Brazilian console released by TecToy, it is extremely rare and was only released in Brazil, Mexico, China and India, despite this it has some interesting games like a one of the best remakes of Double Dragon and one of the most competent ports of Quake 1 and 2 for a console.
Here every game made for the console:
The Zeebo hack scene is extremely scarce, from my research the only homebrews developed for it that I found were:
* A port of Doom (Because obviously, Doom has to run on everything):
* A port of Tomb Raider/Open Lara (it's actually a port for BREW that also works on Zeebo):
* Street Fighter Alpha:
*A Homebrew called ZeeUtils that allows you to manage some things from Zeebo and even use other controllers like DualShock 4 on the console:
And that's it, as far as I know nothing else has been developed in terms of hacks/homebrews for Zeebo, its operating system is a customized version of the BREW 4.0.2 SDK which allows it to also run other applications developed for BREW cell phones (which doesn't run as well as games actually developed for Zeebo hardware, but it's interesting that it can run)
Zeebo does not yet have an emulator (there is Infuse which is in development but this will probably take a few years to be completed) and to make matters worse the only method of jailbreaking Zeebo is extremely complicated and requires opening the console and soldering a JTAG to extract a file called 61u.key, I don't need to say that because it is a delicate method that can damage the console, not many people want to take the risk of doing this, especially since it is a very rare console.
There's actually a lot of things documented about Zeebo, including its complete SDK, but it's all in Portuguese, which ends up getting in the way:
https://www.tripleoxygen.net/wiki/console/zeebo/start
But the most important part is:
The Zeebo has a file called 61u.key, the current unlocking method consists of extracting this file from the console and placing it in the root of an SD Card, at boot time if the console detects the presence of this file on the SD it will release access to the diagnostic port and developer options in Zeebo's EMMAPLET, in short, with this file in hand you basically managed to unlock all the functions of your Zeebo console.
The trick part is that no one has ever been able to identify how this file is formed, the algorithm it uses or if it uses any type of encryption and that's what I'm trying to find out.
The information I have so far:
1st: Talking to a person who worked internally at TecToy and another person who worked in maintenance of Zeebo consoles in Brazil, I discovered that there was a program for Windows where they basically entered the console's IMEI and this program generated a 61u.key valid for that console, employees would place this file on an SD Card and use Zeebo in "Dev Mode", obviously this program was lost in time and was only for internal employees, but this means that the 61u.key is linked to the console's IMEI. some way.
2nd: 61u.key is formed by a sequence of 14 alphanumeric characters (a-zA-Z0-9), case-sensitive, which serves as a key to activate the Rear Diagnostic Port via an SD card. An SD card inserted into the console at boot time containing this same file with the key, will activate the port until the next reboot, if you create a document in notepad, enter the correct numerical sequence, name it to 61u and change the extension of .txt to .key it will work on Zeebo just fine.
3nd: The 61u.key is not random, each Zeebo console has a specific 61u.key (as well as a specific IMEI and Serial), I believe that this program that the employees/developers used only identified the correct 61u.key through the IMEI since it was unique for each console, obviously using the 61u.key from one console on another will not work. ( I tried )
After talking to some Brazilians I was able to obtain the IMEI and Serial of 7 different Zeebo consoles where 5 of them were extracted from 61u.key:
Despite all the information I have obtained I have not had any success in creating a "61u.key generator" I have tried several different methods and algorithms but nothing seems to work.
That's precisely why I'm here trying to ask for some help or some tips that could help me try to understand how the 61u.key is formed on each console.
Here every game made for the console:
The Zeebo hack scene is extremely scarce, from my research the only homebrews developed for it that I found were:
* A port of Doom (Because obviously, Doom has to run on everything):
* A port of Tomb Raider/Open Lara (it's actually a port for BREW that also works on Zeebo):
* Street Fighter Alpha:
*A Homebrew called ZeeUtils that allows you to manage some things from Zeebo and even use other controllers like DualShock 4 on the console:
And that's it, as far as I know nothing else has been developed in terms of hacks/homebrews for Zeebo, its operating system is a customized version of the BREW 4.0.2 SDK which allows it to also run other applications developed for BREW cell phones (which doesn't run as well as games actually developed for Zeebo hardware, but it's interesting that it can run)
Zeebo does not yet have an emulator (there is Infuse which is in development but this will probably take a few years to be completed) and to make matters worse the only method of jailbreaking Zeebo is extremely complicated and requires opening the console and soldering a JTAG to extract a file called 61u.key, I don't need to say that because it is a delicate method that can damage the console, not many people want to take the risk of doing this, especially since it is a very rare console.
There's actually a lot of things documented about Zeebo, including its complete SDK, but it's all in Portuguese, which ends up getting in the way:
https://www.tripleoxygen.net/wiki/console/zeebo/start
But the most important part is:
The Zeebo has a file called 61u.key, the current unlocking method consists of extracting this file from the console and placing it in the root of an SD Card, at boot time if the console detects the presence of this file on the SD it will release access to the diagnostic port and developer options in Zeebo's EMMAPLET, in short, with this file in hand you basically managed to unlock all the functions of your Zeebo console.
The trick part is that no one has ever been able to identify how this file is formed, the algorithm it uses or if it uses any type of encryption and that's what I'm trying to find out.
The information I have so far:
1st: Talking to a person who worked internally at TecToy and another person who worked in maintenance of Zeebo consoles in Brazil, I discovered that there was a program for Windows where they basically entered the console's IMEI and this program generated a 61u.key valid for that console, employees would place this file on an SD Card and use Zeebo in "Dev Mode", obviously this program was lost in time and was only for internal employees, but this means that the 61u.key is linked to the console's IMEI. some way.
2nd: 61u.key is formed by a sequence of 14 alphanumeric characters (a-zA-Z0-9), case-sensitive, which serves as a key to activate the Rear Diagnostic Port via an SD card. An SD card inserted into the console at boot time containing this same file with the key, will activate the port until the next reboot, if you create a document in notepad, enter the correct numerical sequence, name it to 61u and change the extension of .txt to .key it will work on Zeebo just fine.
3nd: The 61u.key is not random, each Zeebo console has a specific 61u.key (as well as a specific IMEI and Serial), I believe that this program that the employees/developers used only identified the correct 61u.key through the IMEI since it was unique for each console, obviously using the 61u.key from one console on another will not work. ( I tried )
After talking to some Brazilians I was able to obtain the IMEI and Serial of 7 different Zeebo consoles where 5 of them were extracted from 61u.key:
Console Nº1:
IMEI: 355800020159335
Serial: BQAAF0150B2158102502038
61u.key: yP6GCJp4lNGCFV
Console Version: 1.2
Console Nº2:
IMEI: 355800020098020
Serial: BQAAF0150B2158102402209
61u.key: 3ulp223EpFKhDT
Console Version: 1.2
Console Nº3:
IMEI: 355800020100685
Serial: BQAAF0150B2158102403330
61u.key: 8a1uGYV4N64OMN
Console Version: 1.2
Console Nº4:
IMEI: 355800020094888
Serial: BQAAF0150B2158101900050
61u.key: 6lQNLJ4TJ99pGh
Console Version: 1.2
Console Nº5:
IMEI: 355800020050880
Serial: BQAAF0150B2158102403706
61u.key: WDGbpO0F9aJNOI
Console Version: 1.2
Console Nº6:
IMEI: 355800020137588
Serial: BQAAF0150B2158101801591
61u.key: This person's Zeebo isn't unlocked, so he hasn't been able to get the 61u.key yet
Console Version: 1.2
Console Nº7:
IMEI: 355800020132753
Serial: BQAAF0150B2158102306465
61u.key: This person's Zeebo isn't unlocked, so he hasn't been able to get the 61u.key yet
Console Version: 1.2
* Console Nº8:
IMEI: 355800020252080
Serial: TT0YMA0912000310
61u.key: This person's Zeebo isn't unlocked, so he hasn't been able to get the 61u.key yet
Console Version: 1.0
Note: Zeebo's consoles that are in version 1.0 or 1.1 have a different and shorter Serial, all other consoles that are in version 1.2 follow the same standard, the console's IMEI follows the same standard on all consoles regardless of the version.
* Note 2: Zeebo's consoles that are on version 1.1 do not need the 61u.key for some reason, just place a completely empty file called usb.key in the root of an SD card and place this SD card in the console at boot time and you will being able to open the diagnostic door and unlock it without any problem.
IMEI: 355800020159335
Serial: BQAAF0150B2158102502038
61u.key: yP6GCJp4lNGCFV
Console Version: 1.2
Console Nº2:
IMEI: 355800020098020
Serial: BQAAF0150B2158102402209
61u.key: 3ulp223EpFKhDT
Console Version: 1.2
Console Nº3:
IMEI: 355800020100685
Serial: BQAAF0150B2158102403330
61u.key: 8a1uGYV4N64OMN
Console Version: 1.2
Console Nº4:
IMEI: 355800020094888
Serial: BQAAF0150B2158101900050
61u.key: 6lQNLJ4TJ99pGh
Console Version: 1.2
Console Nº5:
IMEI: 355800020050880
Serial: BQAAF0150B2158102403706
61u.key: WDGbpO0F9aJNOI
Console Version: 1.2
Console Nº6:
IMEI: 355800020137588
Serial: BQAAF0150B2158101801591
61u.key: This person's Zeebo isn't unlocked, so he hasn't been able to get the 61u.key yet
Console Version: 1.2
Console Nº7:
IMEI: 355800020132753
Serial: BQAAF0150B2158102306465
61u.key: This person's Zeebo isn't unlocked, so he hasn't been able to get the 61u.key yet
Console Version: 1.2
* Console Nº8:
IMEI: 355800020252080
Serial: TT0YMA0912000310
61u.key: This person's Zeebo isn't unlocked, so he hasn't been able to get the 61u.key yet
Console Version: 1.0
Note: Zeebo's consoles that are in version 1.0 or 1.1 have a different and shorter Serial, all other consoles that are in version 1.2 follow the same standard, the console's IMEI follows the same standard on all consoles regardless of the version.
* Note 2: Zeebo's consoles that are on version 1.1 do not need the 61u.key for some reason, just place a completely empty file called usb.key in the root of an SD card and place this SD card in the console at boot time and you will being able to open the diagnostic door and unlock it without any problem.
Despite all the information I have obtained I have not had any success in creating a "61u.key generator" I have tried several different methods and algorithms but nothing seems to work.
That's precisely why I'm here trying to ask for some help or some tips that could help me try to understand how the 61u.key is formed on each console.
