PS3 How does Hybrid FW modify the detection mechanism through the PS3 upgrade program?
- Thread starter qiurigao
- Start date
RandomDude
Member
All I can add to this is if you're installing a cfw onto the ps3 it will verify until 60-70%. Not all files on cfw is resigned. So that means the ps3 doesn't have a pup check rather it has a version check and checks the signature of the files.
The hfw replaces the 4.84 silk_webkit.sprx with the original 4.82 silk_webkit.sprx. Which is obviously originally signed and will install onto the ofw.
If there was keys required for the pup signature then we would have cfw for all consoles right now itself & it would put han to shame.
You mean that the PUP file integrity check does not exist. The version.txt file contains the version information displayed by the host after upgrading the firmware. Does it mean that you can modify it to achieve the beautification effect (for example, leave your own signature ID)?
The key file signature verification inside exists, so the file dev_flash_006.tar.aa2019_01_08_210254 is the original file directly copied fromw4.8.2, and the file signature verification is still passed.
There is also a file version check, but how the low version of 4.82 silk_webkit.sprx is installed in the version of the 4.48 high version through the version check.
In addition, the UNK_501 file is modified.
Thank you very much for your answer.
Edw590
Formely known as DADi590
Sorry if this is a dumb question (and it doesn't have much to do with the main question), but... do you think it's possible to modify the update, so the system is a modded OFW? For example, change the coldboot and those things. It can be done with HAN, so I thought just now it could be done by modifying the PUP file. Or the colors, like Rebug has. Just the appearence. But I don't know if those files are signed too (at least some won't be, or it wouldn't be possible to do some of those things with HAN, I think).
Last edited by a moderator:
Edw590
Formely known as DADi590
Oh right. I thought that because they were able to replace the files on the update (a signed one for a signed one, but older), that could be possible to change files not signed in the PUP file (but I don't know if the coldboot and those files are signed, so there's that too). And as HAN allows to change the coldboot and those things, I thought that they could be modified already in the PUP file, so it wouldn't be necessary to do it with HAN. But being that way, it's a pity... Really wanted to make my own COFW haha.
Louay
Senior Member
I talk about this with dev you can't replace any of those i mainly have that idea of like example injecting HAN RCOs in the PUP cause there is no resiging for them but when the file being encrypted there is verification of spkg,pkg so if there is a 1 that was 0 then the update install will fail show error code like its CFW (even if there is no module touched , even the modules stay signed by s#ny)
and he tells me if that was possible he could include the HAN Support File in the PUP to avoid HAN Installer usage so users will directly boot ps3 then use HAN Enabler but that's not possible in fact 
Edw590
Formely known as DADi590
Sorry if I mistunderstood what you said, but wouldn't that be add the files (the HAN files)? I'm saying this because of what RandomDude said of they having replaced the 4.84 silk_webkit.sprx with the 4.82 silk_webkit.sprx, and they are both signed by SÂşny. That's why I thought this. Changing for example the coolbot.raf would just be swaping the original file with another, like they may have done with the HFW (swaping a file for another). But I don't understand enough of this, so that's why I thought this (swaping a RAF file of the coldboot with another, modified by be to be my own coldboot as I have in my CFW PS3, like they did with the SPRX file, which was already different - unless they changed more than that file to make it think it's the 4.84 file or something like that).I talk about this with dev you can't replace any of those i mainly have that idea of like example injecting HAN RCOs in the PUP cause there is no resiging for them but when the file being encrypted there is verification of spkg,pkg so if there is a 1 that was 0 then the update install will fail show error code like its CFW (even if there is no module touched , even the modules stay signed by s#ny)
Louay
Senior Member
Yes i know coldboot and rco aren't signed with a scetool doesn't have a header SCE but they are checked with spkg encryption
and as i say you can't change coldboot (yours) you can change coldboot from 4.70 to that of 4.84 since they are both checked with original spkg and when you talk about sprx they are both signed by s#ny and there no changing in silk_webkit.sprx you can compare both with hex it will say identical
cause if there is something edited if its a letter it will kick to a black screen saying you must update your ps3 with firmware 4.84 or higher cause you can't change sprx without decrypting it first anyone can decrypt sprx but the signature of s#ny will gone so no way for that
Edw590
Formely known as DADi590
Right... Now I got it! Thanks! So... I could just put in the update, the old gameboot sound? (that would be add files to the update, which I don't know if it would work) I like more the old boot sound than the new one. And I could put the files to have the old gameboot animation and sound too. Right? All of those are made by SÂşny. Except maybe the gameboot sound which would add files to the PUP file?Yes i know coldboot and rco aren't signed with a scetool doesn't have a header SCE but they are checked with spkg encryption
and as i say you can't change coldboot (yours) you can change coldboot from 4.70 to that of 4.84 since they are both checked with original spkg and when you talk about sprx they are both signed by s#ny and there no changing in silk_webkit.sprx you can compare both with hex it will say identical
Louay
Senior Member
hhhhh no you can't add any file that doesn't exist already so no gameboot.ac3 and you can't use animation and sound cause its need game_ext_plugin.sprx to be patched to allow sounds to be activated so noo you can just see the gameboot image but use gameboot-installer in ps3xploit website put your custom_render_plugin.rco inject it your ps3 will reboot when ever you start an app,homebrew,game the gameboot will show up
I want to know if the effect of replacing a lower version file from 4.84 silk_webkit.sprx to 4.82 silk_webkit.sprx is that all files are applicable. If so, wouldn't it prevent the downgrade from working?Yes i know coldboot and rco aren't signed with a scetool doesn't have a header SCE but they are checked with spkg encryption
and as i say you can't change coldboot (yours) you can change coldboot from 4.70 to that of 4.84 since they are both checked with original spkg and when you talk about sprx they are both signed by s#ny and there no changing in silk_webkit.sprx you can compare both with hex it will say identical
Edw590
Formely known as DADi590
I thought that the game_ext_plugin.sprx version I had on the PS3 was an older original version of it ajd not a modded file. Craps... Thanks!hhhhh no you can't add any file that doesn't exist already so no gameboot.ac3 and you can't use animation and sound cause its need game_ext_plugin.sprx to be patched to allow sounds to be activated so noo you can just see the gameboot image but use gameboot-installer in ps3xploit website put your custom_render_plugin.rco inject it your ps3 will reboot when ever you start an app,homebrew,game the gameboot will show up
Louay
Senior Member
no not all the files are applicable cause there is a vsh.self which a signed offical module try vsh.self 4.82 to OFW 4.84 you will brick console as i think so not all the files are applicable
RandomDude
Member
Yeah firstly its from firmware 1.90 or lower but they remove the gameboot patches from that sprx and made checker in the PUP so even if you copy the old game_ext_plugin.sprx from 1.90 to 4.84 it will be considered like a patch even if both are official signed
I'm not sure about that. Is that true @sandungas, You've told me once that files that were too old wouldn't work?
Replacing Original sprx files with a bit older one does work but I don't think getting the game_ext_plugin.sprx from v1.90 will suffice for 4.84. Has anyone tested this?
Louay
Senior Member
i saw a thread Old Gameboot [4.80-4.84 CFW Only] and i thank it will not work i test it last year but its worth tryin again
RandomDude
Member
Cfw only can't be used for ofw, Obviously. I'm talking about v1.90 original sprx on newer firmware.
Louay
Senior Member
Yes but old firmware doesn't have check on sprx like 4.XX 3.55 was exploitable and 1.90 is lower than 3.55 verification start from 3.56+ 3.60+ so i think (me only not sure ) they put verification for the hex to be sure that they are exist the same as they create it
RandomDude
Member
That's the thing. If V1.90 sprx has no checks then it isn't signed. So how can unsigned exectuables run on OFW 4.84?
Similar threads
-
PS3HEN I don't know how to properly run a PS2 .pkg file through PS3 HEN
- Started by LionRider
- Replies: 14
-
PS3 PS3 Firmware 4.93 - Update is Live! (CFW and HFW Released)- Started by LuanTeles
- Replies: 38
-
PS3 4.85 CFW & PS3HEN (Homebrew / Tools / CFW Releases / PS3HEN Updates)- Started by STLcardsWS
- Replies: 307
