Restoring xRegistry.sys , backup injection

Discussion in 'General PS3 Discussion' started by NewFile, Oct 11, 2017.

  1. 10
    6
    3
    NewFile

    NewFile New Member

    Joined:
    Oct 11, 2017
    Messages:
    10
    Likes Received:
    6
    Trophy Points:
    3
    Gender:
    Male
    Hello,
    Has anyone tried to restore a modifed xRegistry.sys using the backup injection method?
    I have already created a backup and can extract both parts(protected and unprotected .dat) files of the backup.
    I do have the IDPS.bin and PSID.bin. Both should be ok since TABR is properly extracting the backup (using X option).
    I would like to edit a field in the registry file and then reinsert in the backup. Problem is, I am running into some problems.
    If I use PS3Export with AddProtected command it says that the file exists and ignores it instead of overwriting it.
    I tried CreateBackup with the proper IDPS, PSID and it generated fine but when trying to extract with the TABR (testing if the backup is ok) it only extracted the unprotected archive and the idps was wrong.
    Aps3xportGUI would strangely allow me to create a proper backup which does extract properly. But when trying to restore I get this: (at around 98-100%) :
    Code:
    The restore operation could not be completed. The system will restart. (80010037)
    Only info I could find:
    https://github.com/kakaroto/ps3xport/issues/9
     
    esc0rtd3w likes this.
  2. 5,210
    3,093
    123
    kozarovv

    kozarovv Super Moderator

    Joined:
    Nov 8, 2014
    Messages:
    5,210
    Likes Received:
    3,093
    Trophy Points:
    123
    Home Page:
    Can you post direct command you are use in ps3export to create archive?
     
    NewFile likes this.
  3. 877
    843
    103
    Berion

    Berion Developer

    Joined:
    Feb 3, 2015
    Messages:
    877
    Likes Received:
    843
    Trophy Points:
    103
    Gender:
    Male
    Location:
    rom0:/
    I fighting with ps3export some time and IMO it's somehow broken. It's good only for unprotected data as with them I have never any issues. All those GUIs based on ps3xport, so probably all are broken...
     
    NewFile likes this.
  4. 10
    6
    3
    NewFile

    NewFile New Member

    Joined:
    Oct 11, 2017
    Messages:
    10
    Likes Received:
    6
    Trophy Points:
    3
    Gender:
    Male
    Thanks everyone!
    I did get it to work after a lot of hair pulling and numerous trial and error.

    * You need your IDPS.
    * I have tried to add as much details as possible but some experience with TABR, backup/restore, idps and general batch is needed.
    *Keep backup of your xRegistry.sys file.
    *Follow the filenames properly, capitalization is important.


    1. Get TABR v2.20
    2. Create folder for extracting the program files: TABR (can be any name)
    3. Extract the program files in the root of the folder.
    4. Execute retailer.exe, wait 1-2 seconds until you see a lot of folders being created.
    5. Close retailer.

    *PS3Xport will not overwrite existing files so you must firstly delete the xRegistry yourself. To do this:

    6. Place your idps.bin , psid.bin and the backup folder in the TABR/tool
    folder. Let's call your backup folder REGEDIT (inside that folder should be your .dat files)
    7. Create a batch file in the tool folder (google for this in case you do not know how) , name it delete_registry.bat (or whatever) and inside it copy this:
    Code:
    ps3xport.exe SetDeviceID idps.bin SetPSID psid.bin DeleteFile REGEDIT /dev_flash2/etc/xRegistry.sys
    pause
    
    8. Save and execute once. If you get no error then you are good to go.
    9. Copy the REGEDIT folder from TABR/tool to TABR/backup
    10. In the root of TABR folder create a new folder named dev_flash2
    11. Inside dev_flash2 create a new folder etc
    12. Copy the modified xRegistry.sys into TABR/dev_flash2/etc folder. In the end you should have:
    Code:
    TABR/dev_flash2/etc/xRegistry.sys
    13. Run retailer.exe
    14. Press 1 and then press enter. Choose your backup folder , REGEDIT
    15. Press F and then press enter.
    16. Press Y and then press enter. Check the switch section, Final confirmation switch should now be [ON]
    17. Press P and then press enter.
    18. Press Y and then press enter. Check the switch section, Injection section switch should now be [PROTECTED]
    You should now have both :
    Code:
    Final confirmation [ON]
    Injection section [PROTECTED]
    Current Backup [REGEDIT]
    
    19. Press S and then enter.
    20. Type OK and then enter.
    21. Wait for the files to be copied to the workspace (that is if your backup is really big). You will be asked to type OK. Do NOT do it.
    22. Copy the dev_flash2 folder from the root of the TABR folder to TABR/workspace.
    You should now have:
    Code:
    TABR/workspace/dev_flash2/etc/xRegistry.sys
    23. Type OK and enter.
    24. Wait for it to finish.
    25. Check the retailer program for the generated output folder in TABR/output
    26. Proceed with restoring.
     
    Last edited: Oct 12, 2017 at 8:34 PM
  5. 10
    6
    3
    NewFile

    NewFile New Member

    Joined:
    Oct 11, 2017
    Messages:
    10
    Likes Received:
    6
    Trophy Points:
    3
    Gender:
    Male
    Sorry for double posting but I wanted to leave the previous post as a small tutorial and not clog it much. Perhaps someone will make a batch that works with TABR and automate the entire replacing process. Can TABR used in a batch?

    I am not sure how much this should help the OFW users but it was successfully restored and xRegistry.sys must have been loaded fine. Proof for this was the System Name which I changed with Xregistry Editor v0.75 by stoker.
    I strongly recommend changing a letter in the system name when changing other things in the registry because this way you can easily check if the registry was properly loaded and that is properly modified and restored. The system name can then easily be change in the XMB.

    I know that there is not much one can do with the registry but perhaps some poor souls with asian consoles can use it to swap the button on OFW.

    I also enabled (changed value to ....001) of many fields but did not notice anything sadly.
    Tried homeQa, debugBootPath , and edy/debug, browserDebug and numerous other. Nothing new or strange happened.

    Anyone willing to discuss on what other fields we can poke with? BD USB Emulator. Some PS1/PS2/PSP emu fields in there. I have originals for PS1 & PS2 to see what happens.

    We have access to all these:
    https://rebug.me/debug-settings/rebug-settings/

    But nothing shows when enabled. The one I am most interested with is :

    /setting/system/bootMode set to PS3

    There seem to be 3 boot modes:
    Code:
    * Boot Mode
    Choose which mode to boot the console.
    – ”Debugger Mode” : boot on the debugger, for debugging purpose.
    – ”System Software Mode” : boot on system software mode, for developing purpose.
    – ”Release Mode” : boot on release mode, the same than retail console, for finals tests purpose.
    PS3 should be for Release Mode.
    What are the other possible values that /setting/system/bootMode should take for Debugger Mode and System Software Mode ?

    Any guru or can someone with a debug system check the xRegistry/sys?
     
  6. 742
    159
    53
    No0bZiLLa

    No0bZiLLa Moderator Developer

    Joined:
    Oct 1, 2014
    Messages:
    742
    Likes Received:
    159
    Trophy Points:
    53
    unless you have a converted or legit debug unit, then those settings shouldnt matter, and actually if you set any of them to true, it may cause you to brick so dont do it!
     
    NewFile likes this.
  7. 10
    6
    3
    NewFile

    NewFile New Member

    Joined:
    Oct 11, 2017
    Messages:
    10
    Likes Received:
    6
    Trophy Points:
    3
    Gender:
    Male
    Thanks for the reply. I am aware I need a debug system but I am taking the risk of editing values. What other interesting stuff can we change with editing xRegistry.sys?
    Is there any method to convert to DEX without CFW, hardware tools, just OFW and IDPS? Pretty sure the answer is no but worth trying.
     
  8. 6,025
    2,040
    123
    pinky

    pinky Bitsiboo's Other Half Developer

    Joined:
    Mar 8, 2015
    Messages:
    6,025
    Likes Received:
    2,040
    Trophy Points:
    123
    Gender:
    Male
    Location:
    The Great Gig in the Sky
    u can change any option in the xregistry such as the confirm button, which won't be visible on ofw since it's part of debug settings. u can even make install pkg appear. it won't work though..

    no, there's no way to convert to dex without cfw.
     
    NewFile likes this.
  9. 10
    6
    3
    NewFile

    NewFile New Member

    Joined:
    Oct 11, 2017
    Messages:
    10
    Likes Received:
    6
    Trophy Points:
    3
    Gender:
    Male
    How can I make the install package option appear?
    It's ok if it does not work, what field should I change to enable it?
     
  10. 6,025
    2,040
    123
    pinky

    pinky Bitsiboo's Other Half Developer

    Joined:
    Mar 8, 2015
    Messages:
    6,025
    Likes Received:
    2,040
    Trophy Points:
    123
    Gender:
    Male
    Location:
    The Great Gig in the Sky
    that I don't know. I just remember reading about it, possibly somewhere on psdevwiki.
     
  11. 6,025
    2,040
    123
    pinky

    pinky Bitsiboo's Other Half Developer

    Joined:
    Mar 8, 2015
    Messages:
    6,025
    Likes Received:
    2,040
    Trophy Points:
    123
    Gender:
    Male
    Location:
    The Great Gig in the Sky
    I've done a lot of reading on the ps3, so it's difficult to know where I found out about install pkgs being in the xregistry. there r a lot of unknowns in there according to psdevwiki. I remember once reading an interview with geohot in which he claimed that the ps3 was actually hacked in five weeks. I don't remember where I read that either.
     
  12. 10
    6
    3
    NewFile

    NewFile New Member

    Joined:
    Oct 11, 2017
    Messages:
    10
    Likes Received:
    6
    Trophy Points:
    3
    Gender:
    Male
    The only one I could think of is: /setting/xmb/homeInstaller

    But I doubt that would work.
     
  13. 6,025
    2,040
    123
    pinky

    pinky Bitsiboo's Other Half Developer

    Joined:
    Mar 8, 2015
    Messages:
    6,025
    Likes Received:
    2,040
    Trophy Points:
    123
    Gender:
    Male
    Location:
    The Great Gig in the Sky
    unknown. I don't know what that goes to. I don't know y u'd want install packages on ur system though since it would be of no benefit to u. I think install pkgs is governed by the nas_plugin.sprx. making install packages and app_home appear is in the category_game.xml. I don't know y install packages would be in there, but it's supposed to be. with the xregistry, the values r either always true, sometimes true, and never, so 0, 1, and 2. the values r the same throughout. I don't know which is which though. psdevwiki might have that information.
     
  14. 6,025
    2,040
    123
    pinky

    pinky Bitsiboo's Other Half Developer

    Joined:
    Mar 8, 2015
    Messages:
    6,025
    Likes Received:
    2,040
    Trophy Points:
    123
    Gender:
    Male
    Location:
    The Great Gig in the Sky
    here's what I'm referring to (from psdevwiki) the suppositions I think I read on psdevwiki somewhere:
    0 = Unlocked / In use
    1 = Locked / Inactive
    2 = Hidden / Never used

    my guess is that install packages is a 1 (sometimes true) since it's locked by default and only used by the system when u install something downloaded from psn.
     
    Last edited: Oct 13, 2017 at 10:18 AM
    NewFile likes this.
  15. 10
    6
    3
    NewFile

    NewFile New Member

    Joined:
    Oct 11, 2017
    Messages:
    10
    Likes Received:
    6
    Trophy Points:
    3
    Gender:
    Male
    Pinky, thank you for your answers. I have tried chaning some values and nothing changes.

    0/1/2 principle i not true for all fields. Some of them have only 0/1 (enable/disable or mode1/mode2).
    Waiting for someone to shed more info on the xRegistry.

    I tried too add some files to dev_flash but the restore won't work. Adding on dev_flash2 always works though.
     
  16. 6,025
    2,040
    123
    pinky

    pinky Bitsiboo's Other Half Developer

    Joined:
    Mar 8, 2015
    Messages:
    6,025
    Likes Received:
    2,040
    Trophy Points:
    123
    Gender:
    Male
    Location:
    The Great Gig in the Sky
    I'm sorry I couldn't be of more help there. I'm really not sure which variable is install pkg, if iit's even in there. I couldn't find any info on it on psdevwiki, so I may be mistaken and wherever I read about it was wrong.
     
  17. 779
    655
    103
    sandungas

    sandungas Developer

    Joined:
    Dec 31, 2014
    Messages:
    779
    Likes Received:
    655
    Trophy Points:
    103
    Time ago i was talking with TheDarkProgrammer (who made pexploit), not sure if is the same tool or if there are several tools sharing code, but we was talking about this xregistry.sys hacks
    My main worry was to know at which point (and how) the system "merges" several xregistry.sys in one, and how selective this mergins are (if are discriminated the areas for "common", "peruser", and "debug" settings)
    His worry was to try to use this import/export feature to enable some of the debug settings (and maybe some other useful tricks but im not sure what)

    I was not making any tests, and his tests was not succesfull... iirc some of the settings are "ignored" at the time of importing (btw @NewFile check that, you said nothing is changed, maybe is because nothing is being copyed :P)

    So well... this road of investigation finished soon, we never tolk about it more, and im not sure if he continued investigating that

    That one called my attention too :)
    I think it enables a "install packages" icon... but is not the one we are used in cfw... is located at bottom of XMB settings column
    This is the location of "install package files" on kiosk/shop PS3 models when are unlocked
    But the settings column is strongly regulated by some code inside the .sprx so maybe enabling the settings in xregistry.sys (alone without any other change) doesnt works because the .sprx refuses to display it
     
    Last edited: Oct 15, 2017 at 4:57 PM
  18. 6,025
    2,040
    123
    pinky

    pinky Bitsiboo's Other Half Developer

    Joined:
    Mar 8, 2015
    Messages:
    6,025
    Likes Received:
    2,040
    Trophy Points:
    123
    Gender:
    Male
    Location:
    The Great Gig in the Sky
    I was not aware that that's where it would appear. I believe install pkgs can be in any column except maybe the tv one. it's in the game's since that's what it's usually for.
     
    Last edited: Oct 15, 2017 at 4:39 PM
  19. 779
    655
    103
    sandungas

    sandungas Developer

    Joined:
    Dec 31, 2014
    Messages:
    779
    Likes Received:
    655
    Trophy Points:
    103
    In ofw appears in that 2 places... in game column (for debug and reference tool ps3 models), and in settings column (for shop... and not sure if for arcade too)
    Im not sure if there are differences in how them works, i guess works in the same way but not sure because i could never try it

    But well is just speculation, i dont know what does the /setting/xmb/homeInstaller... maybe is just some obsolete stuff related with the "home" online service (that was actually an app, but had lot of files, settings, and functions as part of the firmware)
     
  20. 6,025
    2,040
    123
    pinky

    pinky Bitsiboo's Other Half Developer

    Joined:
    Mar 8, 2015
    Messages:
    6,025
    Likes Received:
    2,040
    Trophy Points:
    123
    Gender:
    Male
    Location:
    The Great Gig in the Sky
    I'm not sure. I did A LOT of reading on the ps3 when I was a part of a certain site. that's where I got the interview with geohot in which he claimed that the ps3 was hacked in five weeks. I'm not sure of which time to which time that was, because fail0verflow claimed it was hacked in a year I believe, not several years. it wasn't something that caught hackers' eyes 'til they removed linux. huge mistake by sony. I believe geohot was using linux to get inside the system hence the reason for removing it. he was using the usb's to get inside to see the keys. then, I believe, he used the software updater to call any file in an update. I believe this method is something @habib was going to use to hack later systems. however, there's now two software updaters to prevent this sort of thing.
     

Share This Page