• Official PS3 Toolset is now supporting 4.92 Firmware

    View Official Release Post for additional information HERE

PS3 (Guide) Jailbreaking With Bgtoolset

NiQ said:
it's not unreasonable that at some point in the future there won't be anyone left to support it and if there's no offline tool available people would have to rely on clones that have a 50% chance of bricking your console cause there would be no alternative.
Click to expand...
Well, yes, but that's where the problem lies with "Where is bguerville when we need him?". Where are "we" when he needs us? "We" are making copycats and giving support to people who profit of his hard work.

Meanwhile, I'm trying to catch people who pass by on chats and ask "Is it really risky to use clones when I can borrow E3 flasher from my friend in case that it fails?". I ask them to give me 15 minutes, so I can compile and upload the package I've been working on for the past several weeks. And they ping me 10 minutes later, saying that the clone worked for them and there is no need for my tool anymore. Well screw them then! The simple fact is that people like that don't care at all who the developer is or how hard it was to program it. They just want to get it instantly, no matter the costs. And if they are willing to use clones, why the cries about bguerville taking time off? They seem to survive just "fine" without him.

So in the end, with the community that we have (just a generalization, there are good subsets inside of it), the future of outdated and unmaintained tools is more or less inevitable. Unless there is a big shift of understanding from the side of users, so they start to work with developers and not against them, it is hard to imagine the future of PS3 jailbreaks.
 
kostirez1 said:
Well, yes, but that's where the problem lies with "Where is bguerville when we need him?". Where are "we" when he needs us? "We" are making copycats and giving support to people who profit of his hard work.

Meanwhile, I'm trying to catch people who pass by on chats and ask "Is it really risky to use clones when I can borrow E3 flasher from my friend in case that it fails?". I ask them to give me 15 minutes, so I can compile and upload the package I've been working on for the past several weeks. And they ping me 10 minutes later, saying that the clone worked for them and there is no need for my tool anymore. Well screw them then! The simple fact is that people like that don't care at all who the developer is or how hard it was to program it. They just want to get it instantly, no matter the costs. And if they are willing to use clones, why the cries about bguerville taking time off? They seem to survive just "fine" without him.

So in the end, with the community that we have (just a generalization, there are good subsets inside of it), the future of outdated and unmaintained tools is more or less inevitable. Unless there is a big shift of understanding from the side of users, so they start to work with developers and not against them, it is hard to imagine the future of PS3 jailbreaks.
Click to expand...
You you the one who develops the WebManMod flasher or the flasher app? If you want then next month I could just buy a cheap 2nd hand ps3 and e3 to help you test.
 
PS3MASTERS said:
That's you being silly and silly.

Honestly, to hell with bgville with its bgtoolset. We don't need to be begging for one person.

Use Russian clone or continue on HEN. If bgville really cared about people, he would have the HUGE herculean WORK to dedicate 30 seconds of his PRECIOUS TIME and send a public message stating something real and definitive. Not just mere assumptions and uncertainties.
Click to expand...

Man... The nerve of some people. Acting like spoiled children that didn't get the thing they wanted for Christmas. I know most of the community have a love for the consoles and helping others but if I was BG and read the disrespectful sh*t some of you mouthbreathers spew without using your noggin I wouldn't release it at all.

My ps3 has been collecting dust for months and you don't see me crying about it. Sh*t happens. Life happens. Dude will release it when he's ready.

For everyone else : yall keep spreading the good word.

For everything else : there's mastercard :biggrin2:
 
aldostools said:
My reply was not an attack against you. I only was clearing some of your arguments.

You can use HEN or a hardware flasher until bgtoolset comes back or until a solid software flasher is released.

Everyone with 4.85 or lower still can use the ps3xploit. Although it is not as reliable as bgtoolset and also could result in a brick on some scenarios.
Click to expand...
Just a quick question, as I am searching for some days now: My new PS3 Slim is on 4.84. Which tutorial can I use to install CFW without using bgtoolset?
 
hoyohoo said:
Just a quick question, as I am searching for some days now: My new PS3 Slim is on 4.84. Which tutorial can I use to install CFW without using bgtoolset?
Click to expand...
I recently installed CFW on my PS3 FAT 4.85 using the old official flash writer. I hosted it on my network using miniweb and it worked perfectly. You can study this, it's much safer than using bgtoolset clone.
You can do this by just installing HFW 4.84 as well, I'll leave here the forum page about this flash writer, and the link to a video I found so I can guide you. Just use the ps3xploit files and remember to change the URL from .com to .me. You can wait for other forum members to comment here as well.

REMEMBER TO CHECK THE FACTORY VERSION OF YOUR CONSOLE TO MAKE SURE IT IS CFW COMPATIBLE

https://www.psx-place.com/threads/p...mpers-v2-0-1-now-install-cfw-from-4-84.23123/

https://ps3xploit.me/hfw/release/NOR_NAND_writer_release_2.0.1_PS3Xploit.zip

 
Mello_1993 said:
I recently installed CFW on my PS3 FAT 4.85 using the old official flash writer. I hosted it on my network using miniweb and it worked perfectly. You can study this, it's much safer than using bgtoolset clone.
You can do this by just installing HFW 4.84 as well, I'll leave here the forum page about this flash writer, and the link to a video I found so I can guide you. Just use the ps3xploit files and remember to change the URL from .com to .me. You can wait for other forum members to comment here as well.

REMEMBER TO CHECK THE FACTORY VERSION OF YOUR CONSOLE TO MAKE SURE IT IS CFW COMPATIBLE

https://www.psx-place.com/threads/p...mpers-v2-0-1-now-install-cfw-from-4-84.23123/

https://ps3xploit.me/hfw/release/NOR_NAND_writer_release_2.0.1_PS3Xploit.zip

Click to expand...

Thank you mate. I checked my Version and the lowest is 2.7, so no worries there. But, I cant seem to find a download link to the 4.84.2 HFW any longer... Is it obsolete? Should I use 4.85.1 HFW instead?
Can I just install the 4.85.1 HFW over my 4.84 OWF? Or do I need to update the system to 4.85 first? If so, where can I get the sony update from??
Sorry for these questions, never did this without the bg toolset before.
 
hoyohoo said:
Thank you mate. I checked my Version and the lowest is 2.7, so no worries there. But, I cant seem to find a download link to the 4.84.2 HFW any longer... Is it obsolete? Should I use 4.85.1 HFW instead?
Can I just install the 4.85.1 HFW over my 4.84 OWF? Or do I need to update the system to 4.85 first? If so, where can I get the sony update from??
Sorry for these questions, never did this without the bg toolset before.
Click to expand...
I have a mirror here. Remember to use a wired internet connection, I never really relied on wifi for certain things.

4.84 HFW:
https://mega.nz/file/mJtmXIAI#p8b8CT_j5PgZOKOTG-sOfAmj_m522Hi0K-54PJQDCD0

You need to be using HFW for the procedure to go well.
 
Ok, one little problem here: on the ps3xploit.me website, the Flash writers and dumpers are now on version 2.0.2, which only support FW Version 4.85. I downloaded the self hosting files from ps3xplot for Version 2.0.1, but I cant get miniweb to find my hosted website... I would try it via LAN, but I dont have the possibility for LAN right now.
So I guess, I need to update to 4.85.1 HFW then?
 
hoyohoo said:
Ok, one little problem here: on the ps3xploit.me website, the Flash writers and dumpers are now on version 2.0.2, which only support FW Version 4.85. I downloaded the self hosting files from ps3xplot for Version 2.0.1, but I cant get miniweb to find my hosted website... I would try it via LAN, but I dont have the possibility for LAN right now.
So I guess, I need to update to 4.85.1 HFW then?
Click to expand...
The NOR dump I made directly from ps3xploit.me. I just did the hosting to perform the flash, the flash file (.hex) I moved to my FAT32 external HD. Disable antivirus with firewall protection. Run miniweb on disk C as administrator. Type IPV4 from my PC into my PS3 and followed by 8000, example: 192.168.1.3:8000
 
aldostools said:
A donation is not a PAYMENT FOR A SERVICE... you are not obligated to donate. Same rights has the other party.

Bguerville has given more than he has received from the community.
Probably I could extend that statement for most developers in this community.

Because the community has a need, it doesn't mean that it has the right to use a STOLEN software. Even worse, one INCOMPLETE and dangerous.
Click to expand...
I agree completely and to the post above this one, what a jerk.... Some people are so greedy and ungreatful. I've been with the scene for over 15 years.. I learned by soldering wires and then the E3 Flasher. This software/server is a gift from above and should be treated as such. My eyes don't work the greatest anymore so soldering is out, I don't have the time for the E3 Flasher and I risk damaging the board every time I open the console.... I'm super greatful that you and the team put together this for the community.Maybe people don't know that Bguerville is sitting in a room somewhere 24/7 busting his hump trying to create something even BETTER and more fullproof... For now, I have a workaround for myself but it takes 10 times as long however, I am patiently waiting for the next release or the turn up of the fix. I wish you and the whole team the best of luck getting things back on track. Thank you for the years of dedication to the cause. Cheers!
 
Coro said:
3. Dump your Flash Memory onto a USB device by clicking on "Flash Memory" and then "Save Flash Memory Backup" option. Check the dump using littlebalup's PyPS3checker on your computer. Keep the dump somewhere safe! You might need it in the future to repair your PS3.
Click to expand...

Everyone says "dump your backup and check it in pyps3checker before you patch and jailbreak." Every tutorial I've seen anyway. But NEVER do they explain how to actually recover using it.

The resulting NAND dump is 239MB as reported by windows. Whereas a full NAND dump from Rebugtoolbox results in a 256MB file. From what I gather, the reason is that BGToolSet doesn't dump the bootloader (which I guess is because it doesn't have that low level access yet). So be it. That's the issue that led me to do this all day...
:sang banghead:

I did find out how to actually split the 256MB full dump into the 2 NAND0 and NAND1 files I need to actually hardware flash. That was no easy feat either.
  1. Use Rebug Toolbox to dump NAND. Did twice to be sure they were identical.
  2. Use PS3DumpChecker to see if the dump was good. Which in my case had 2 errors out of 114 checks. IDK why, but I re-dumped and it said the same thing. The console works and is stable (albeit already jailbroken). This was just for testing to see how to do it.
  3. Use HxD to create 132MB Dummy NAND0 and NAND1. Make a new file in HxD then go to Edit --> Insert Bytes --> put "8400000" in the "Bytecount field" and "FF" in the "fill pattern." That will add 083FFFF0 offsets all filled with FF. And when saved will be 132MB, same MD5 checksum as if you replaced all the data in an actual NAND bank dump with FF's.
  4. Use FlowRebuilder to "Rescramble" the dump from step 1 into 2 new flash bank dumps. Using the dummy NAND0 and NAND1 file filled with empty data. This was annoying to figure out!
  5. The resulting Patched NAND0 and NAND1 are what I would use to flash the NAND if I ever needed to. I confirmed the process went fin by unscrambling using the newly created files and the resulting unified NAND was identical to the one dumped in step 1. And PS3DumpChecker gave the same 2 errors and called it a bad dump.
However:
That process does not work with the 239MB dump BGToolSet creates. And for the life of me I cannot find the answer anywhere, despite it being the way 99% of people go about doing it! Great I saved it! NOW WHAT?

Sorry if this has been answered before and if I sound exasperated. I bet it has, and I am.
 
Coldheart2236 said:
CFW can only be installed with a MinVer of 3.56 at most, due to metldr2 implementation in 3.60 onwards.
Click to expand...
with 3.56 and 3.60 in mind, ERK could be impossible to do on Metldr2 CFW right? Since lv0ldr.2 is being dumped at the moment already by zer0tolerance. Also I donated zecoxao long ago. Hopefully I should be able to support psxplace too if i make enough $
 
RoboKing's Cosmos said:
with 3.56 and 3.60 in mind, ERK could be impossible to do on Metldr2 CFW right? Since lv0ldr.2 is being dumped at the moment already by zer0tolerance.
Click to expand...

Its not being dumped, its attempted to being dump and then they will see if its a valid dump and they will have to research the dump and from there we will learn more on what can be done with lv0ldr.2 . Until it does and is a valid dump and the research is done there is no reason for lv0ldr.2 talk in all these threads, you already have one talking about the same things.
 
RIP-Felix said:
Everyone says "dump your backup and check it in pyps3checker before you patch and jailbreak." Every tutorial I've seen anyway. But NEVER do they explain how to actually recover using it.
Click to expand...
To be fair, this is more of a NAND only problem, which also makes it somewhat rare to encounter for most users. Also, the extra hardware and modifications required make me believe the number of successfully unbricked consoles is low too. I'm not saying that the current situation is perfect, but the barrier for entry is high already, even before you get to the flash contents restore point. :indecisiveness:
RIP-Felix said:
From what I gather, the reason is that BGToolSet doesn't dump the bootloader (which I guess is because it doesn't have that low level access yet).
Click to expand...
Yes, the hypervisor denies access to some parts of the flash. And given that we can't patch HV at runtime (not at this moment), it can be only (partially?) dumped using CFW. Similar limitations also prevent us from reading and changing the currently active ROS bank flag. (the flag itself might not be enough to actually switch it, Syscon has still some secrets)

Source: PS3 Dev Wiki - Software Dumping
RIP-Felix said:
I did find out how to actually split the 256MB full dump into the 2 NAND0 and NAND1 files I need to actually hardware flash. That was no easy feat either...
Click to expand...
The same page also mentions some "NAND patch method", which seems to describe a similar process of converting a software dump into a hardware one. I didn't have any success with that in my tests, however. It looks like the physical NAND flash at offset 0x0040000 is mapped to 0x0000000 in software, so the first 256 KiB are missing (bootldr). PyPS3checker is "happy" once I padded both sides of the file (256 KiB at the beginning, ~16 MiB at the end):
******* Getting flash type *******
Flash type : NAND (full dump, 256MB)

...

Total number of checks = 131
Number of dangers = 20
Number of warnings = 2
Following check(s) returned a
DANGER!
001.01 bootldr0 (Top)
001.02 bootldr1 (Top)
001.03 bootldr Rev key (Top)
001.04 bootldr Statistics (Top)
001.05 bootldr (Top) 0xFF Filled Area
012.01 bootldr0 (Bottom)
012.02 bootldr1 (Bottom)
012.03 bootldr Rev key (Bottom)
012.04 bootldr Statistics (Bottom)
012.05 bootldr 0xFF Filled Area
datamatches : per console nonce
repcheck : Header Magic Repetition
repcheck : asecure_loader Repetition
repcheck : eEID Repetition
repcheck : cISD Repetition
repcheck : cCSD Repetition
repcheck : trvk_prg Repetition
repcheck : trvk_pkg Repetition
repcheck : ros Repetition
repcheck : cvtrm Repetition

Following check(s) returned a
WARNING!
SKU identification
009.02 ROS0 Hash
Sources: PS3 Dev Wiki - Software Dumping (NAND patch method), Dev Wiki - NAND flash layout
RIP-Felix said:
That process does not work with the 239MB dump BGToolSet creates. And for the life of me I cannot find the answer anywhere, despite it being the way 99% of people go about doing it! Great I saved it! NOW WHAT?
Click to expand...
As far as I understand, this is the closest we can get to a "working" dump. Perhaps the user should be instructed to make a hardware dump (with bootldr) before writing anything? They could then place the bootldr at the two offsets (0x0000000, 0xF000000) to pass all the checks in PyPS3checker ("full dump, 256MB").

Another thing is that all flashers/patchers (BGToolset (browser), HFW Flash Writer (browser), HEN Flash Patcher (GameOS app)) should never touch any other regions except for the two ROS banks. Ideally, as long as there are not any bugs in the code, a "brick" in this case should mean only corrupted ROS/CoreOS. Meaning it can be fixed by replacing only that part (2x 7 MiB).

If anyone is interested in writing instructions for a brick recovery in the form of a PDF, it would be great to include them together with a flash backup output from BGToolset / HEN FP. :encouragement:
 
kostirez1 said:
As far as I understand, this is the closest we can get to a "working" dump. Perhaps the user should be instructed to make a hardware dump (with bootldr) before writing anything? They could then place the bootldr at the two offsets (0x0000000, 0xF000000) to pass all the checks in PyPS3checker ("full dump, 256MB").

Another thing is that all flashers/patchers (BGToolset (browser), HFW Flash Writer (browser), HEN Flash Patcher (GameOS app)) should never touch any other regions except for the two ROS banks. Ideally, as long as there are not any bugs in the code, a "brick" in this case should mean only corrupted ROS/CoreOS. Meaning it can be fixed by replacing only that part (2x 7 MiB).

If anyone is interested in writing instructions for a brick recovery in the form of a PDF, it would be great to include them together with a flash backup output from BGToolset / HEN FP. :encouragement:
Click to expand...
Well, I recently got a Flashcat (HW flasher) and am interested in learning how to recover from a brick in case I need to. And I agree there should be a tutorial about it, given it's reccomended you do this before jailbreaking.

@vyktormvmpay25 tells me he always installs HEN 1st so he can use use rebugtoolbox to dump 256mb flash. Then installs CFW...to avoid this problem.
 
Last edited:
You must log in or register to reply here.

Similar threads

Back
Top