PS3 Metldr Exploit Leaked

Discussion in 'GBAtemp & Scene News' started by Devin, Nov 8, 2011.

  1. Devin
    OP

    Devin "Local Hardware Wizard"

    Member
    5,712
    2,179
    Aug 17, 2009
    United States
    The Nexus
    [​IMG]

    From GaryOPA: We received an 'an0nymous email' from some random one-time dropbox, containing a weird little attachment, with a simple note:

    Program: metldr838exploit
    Author: Unknown
    Usage: Unknown
    Reason: Unknown

    Before posting we had one our PS3 crunching developers look it over, and it seems to be a set of 'C' code and headers and an compiled ELF and SELF that exploits the 'chain of trust' to dump an 'unecrypted' version of your PS3 'metldr'.

    Now of course this is not really 'useful' for the average PS3 Jailbreak end-user, but we think it just might be the long waited for 'golden tickets' in the right hard-working hands of some talented 'developers' that are willing to try to help everyone out by pushing the PS3 'scene' to the next level, that almost everyone here has all have been waiting for!



    Guide

    [​IMG] N/A Provides Download Link

    Sorry guys, didn't know if it contained any of Sony's coding, or whatnot so I left out the source. If I get a a-okay from a higher up, then I'll be sure to post the source containing the download link. If not, a quick Google search should do fine.
     


  2. DrOctapu

    DrOctapu Magnificent Bastard

    Member
    1,207
    300
    Dec 23, 2008
    United States
    Hell.
    Uh, Devin...

    Looks cool, btw. No idea what this means, though :3
     
  3. mercluke

    mercluke ‮҉

    Member
    3,163
    172
    Dec 2, 2007
    Perth
    'strange' amount of 'quotations' in this 'article'

    awesome news, though :3 (3.72+ cfw tiem?)
     
  4. GameWinner

    GameWinner Take your heart

    Member
    4,190
    1,689
    Jun 14, 2009
    United States
    I don't know what all of this means but hopefully it's something I can use.
     
  5. DinohScene

    DinohScene Capture the Dino

    Member
    GBAtemp Patron
    DinohScene is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    15,149
    11,549
    Oct 11, 2011
    Antarctica
    В небо
    This is interesting.

    Even though I don't own a PS3..
     
  6. coolness

    coolness PSN: Dutch_DarkLord

    Banned
    2,016
    13
    Jun 14, 2009
    Netherlands
    Rotterdam Bitches!!
    what can this thing do?
     
  7. Ron

    Ron somehow a weeb now.

    Member
    2,840
    388
    Dec 10, 2009
    Canada
    here
    Wow.. I smell another chain of suits and flamewars..

    ..Sony.. :glare:


     
  8. Necron

    Necron Lurking~

    Member
    868
    116
    Dec 29, 2008
    Chile
    Mi casa
    ^This. Also, I don't own a PS3, but it would be nice to know what it does.
     
  9. Devin
    OP

    Devin "Local Hardware Wizard"

    Member
    5,712
    2,179
    Aug 17, 2009
    United States
    The Nexus
     
  10. godreborn

    godreborn GBAtemp Addict

    Member
    2,407
    381
    Oct 10, 2009
    United States
    from what I understand, the metldr contains the master key for the system. if discovered, sony can't do anything to prevent piracy, homebrew, etc.
     
  11. GameWinner

    GameWinner Take your heart

    Member
    4,190
    1,689
    Jun 14, 2009
    United States
    If all of this come back to someone whos on 3.70 (me), and they are able to hack it then that person will be extremely happy (me again).
     
  12. gameandmatch

    gameandmatch GBAtemp Fan

    Member
    490
    62
    Apr 29, 2009
    United States
    Everywhere and Nowhere
    Dear Sony,

    BWAAAAAHAHAHAHAHAHAHAHAHAHAHAHAHAHA!!!!!!!!

    Sincerely,
    gameandmatch

    With that out of my system, it seems that this will be what godreborn said.
     
  13. DJPlace

    DJPlace P!ssed OFF Pyscho of GBA!!

    Member
    4,515
    367
    Apr 16, 2008
    United States
    i so don't understand this... but if this is true then i can maybe just maybe priate ps3 games LOL!!
     
  14. jamesaa

    jamesaa The Prince of Insufficient Light

    Member
    GBAtemp Patron
    jamesaa is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    664
    46
    Jan 8, 2006
    So does this lead to newer firmware CFW? or signing like with the PSP? or is it more of a "just for developers" kind of find?

    In other words - is there any reason for me go and blow the layer of dust off my PS3 yet?
     
  15. Gh0sti

    Gh0sti iOS Guru

    Member
    1,317
    49
    Aug 19, 2009
    United States
    Inside you, all around you
    i thought the master key was found a long time ago by Geohot?? that was the metldr keys so everything could be signed to make unofficial code look real and create cfw??


    i guess im not fluent in PS3 hacking to fully understand since i dont own one

    im only good at iOS, Wii, DSi, language
     
  16. Foxi4

    Foxi4 On the hunt...

    pip Reporter
    23,509
    21,432
    Sep 13, 2009
    Poland
    Gaming Grotto
    To those who don't understand what this means:

    In human language, all applications ran on a PS3 under OFW have to be signed to be booted. Said "key" is not universal and it is used to decrypt data. It is hard to find the "master key" which "fits" to every single PS3, it could literally take years and bear no fruitful results.

    This "exploit" allows you to skip the sign-checking phase entirely - the file is being decrypted without even using one, the PS3 recognizes the application as its own and uses the embedded key.

    If that were true, all of Sony's OFW's would be PWND by now, since Homebrew could be signed. He only found an exploit to run unsigned code on certain Firmwares.
     
  17. godreborn

    godreborn GBAtemp Addict

    Member
    2,407
    381
    Oct 10, 2009
    United States
    I could be wrong, but I think he decrypted bootldr--which is where specific firmware keys r stored. sony redesigned the bootldr with firmware 3.6 which is why the keys haven't been found, it can't be hacked, and newer games don't work...or maybe they do in private. metldr is where the master key is stored. it is kept separate from everything else within the ps3 and is the backbone of its security. if the key is discovered, it is impossible for sony to patch since the system's firmware has no direct contact with that sector. it's essentially known as level 0 of ps3 encryption, and one of the ps3's seven cores is completely dedicated to it.
     
  18. Jehuty25

    Jehuty25 GBAtemp Regular

    Member
    244
    2
    Apr 25, 2011
    United States
    Will this lead to putting CFW on 3.73 or making a cfw based on any OFW but you still need 3.55 to install it?
     
  19. JPhantom

    JPhantom GBAtemp Regular

    Member
    113
    5
    Sep 12, 2009
    United States
    so can this be patched by Sony?
     
  20. Foxi4

    Foxi4 On the hunt...

    pip Reporter
    23,509
    21,432
    Sep 13, 2009
    Poland
    Gaming Grotto
    Technically, "yes, in newer revisions of hardware", practically - not really.