PS3 SYSCON Firmware key is now public (release by zecoxao) - What does it mean?

Developer @zecoxao has recently released something that the dev has been working on obtaining for 10 years now and that obstacle that has now been cleared is the SYSCON Firmware Key and zecoxao has now released it to the public. First off we must erase some misconceptions as this is not going to directly lead us to a CFW on nonCFW PS3's anytime soon. As the dev stated on twitter "needless and pointless to say that the confusion being created around these keys that they will be useful for cfw on ps3 3k and superslim is a very farfetched idea. unless we have access to the TSOP 78K0R models, we will not be able to obtain anything else" and then when @kozarovv provided a follow-up question about 3k models here the developer responded with "don't expect miracles, is all i'm saying ". Now the question (which was asked by @DeViL303) "So what can we do with this as of now, what is possible with just this key alone and current knowledge? Then @zecoxao provides an explanation seen in this post (and also seen below). So this is a great feat that has been made, but its still being investigated and something that will need to be explored in the weeks to come to fully understand what we can be uncovered,. .

​

Release

• 
  
  i got the syscon firmware key, a dream i've been pursuing for the past 10 years. now that i have it i feel like i've acomplished my goal. the rest will follow naturally.
  - https://twitter.com/notzecoxao/status/1168954036541935616​
  
  What can developer's do with this key?
  

  So what can we do with this as of now, what is possible with just this key alone and current knowledge? Custom fan speed profiles? Multiple boot sequences depending on flags or something, or does everything need more work?

  
  via @zecoxao : With this key the following has happened:
  
  14 syscon firmwares for the BGA models (CXR) were decrypted.
  from them, keys for PATCHES and FULL FW signing and encryption, as well as decryption and validation were found. we can now sign our own patches and fws for the following models:
  
  
  • TMU-510
  • COK-001
  • COK-002
  • SEM-001
  • DIA-001
  • DIA-002 or DEB-001 (same soft id)
  
  Additionally we found the initialization key for eid1 as well as the process of initializing it from factory
  We also found 7 extra keys (we still don't know what they do)
  Finally, we found out there is a secret keyslot function that generates keys for
  
  • SNVS
  • AUTH1/AUTH2
  • Regions of EEPROM
  • PATCH keys xoring (to generate the final keys)
  • Relationship with the other 7 Keys
  
  What still has to be done:
  
  • Hack the 78K0R chips (the TSOP ones found in later models)
  • Dump the firmware of those chips
  • Get the DYN-001 patch keys
  • Find an exploit on arm firmware that works in 78k0r firmware
  
  Edit: and yes, you can do all that fun kinky shit of fan boosting at max speeds, led disco panic attack, and star wars theme ON A DECR-1000! THIS is a devkit, so THIS is the ONLY device that supports FULL FUCKING FIRMWARES! DO NOT CONFUSE IT with a DECR-1400, that is a HALF devkit!
  
  

Release Source: twitter.com/notzecoxao
Discussion: psx-place.com

Thanks to @NathanHale for the news alert ​

 

Hmm, just noticed something supercool
https://mobile.twitter.com/MinaRalwasser/status/1168963039456059392?p=v
https://pastebin.com/0C7ghMak

All this commands are related with the fan control... and the command named fantbl looks like...

fanconpolicy         0xc9bb0000L  0xDD0C0000
fanconmode           0x35bf0000   0xDD0C0000
fanconautotype       0x75c00000   0xDD0C0000
fantbl               0x87c00000L  0xDD0C0000

If someone is looking at this fan table, please take some time to compare with the values of this table in wiki
https://www.psdevwiki.com/ps3/Thermal#Fan_settings_per_PS3_model_based_on_syscon_data_reads
I made that table in wiki because i thought one day could be handy to compare with the values stored inside syscon... and thats exactly what it seems to be happening, now is posible to do it

I can see that you are excited that this is happening, so independent is syscon that is handled with its own firmware?

 

I can see that you are excited that this is happening, so independent is syscon that is handled with its own firmware?

Yes, syscon have his own firmware. Inside a standard PS3UPDAT.PUP there are a few PKG's to update the firmware of some components of the motherboard (syscon, bluray, the bt/wifi module, and the multicard reader of the first retail PS3 model)
For the syscon are this PKG's: https://www.psdevwiki.com/ps3/System_Controller_Firmware#Known_Retail_syscon_update_packages

You can check the syscon firmware/patch version you have installed in your PS3 in this screen (available with a secret button combo)
https://www.psdevwiki.com/ps3/More_System_Information
https://www.psdevwiki.com/ps3/Talk:More_System_Information

When you install a PS3UPDAT.PUP the installer does a check to this chips to know his revision and firmware versions, and incase one of the PKG's is "applicable" to your syscon is installed... otherway (if your syscon firmware is updated) then is not installed

Spoiler

This is why some people with a damaged bt/wifi module, or without the bluray daughterboard are trapped in a infinite blackscreen loop when they tryed to install a PS3 firmware... the installer cant pass that point of the check
In plain words... the installer asks to the chip "tell me your revision and version", and the chips doesnt replyes... so the PS3 firmware installer stops the installation with an error

And syscon have a dual data bank btw, it stores 2 firmwares... the actual and the previous syscon firmwares installed in it

----------
Now that the key to decrypt the syscon PKG's is public, it allows to rebuild the syscon PKG with some custom changes... then build a PS3UPDAT.PUP with the custom syscon firmware PKG inside it... then install the PS3UPDAT.PUP as a normal PS3 firmware

 

Yes, syscon have his own firmware. Inside a standard PS3UPDAT.PUP there are a few PKG's to update the firmware of some components of the motherboard (syscon, bluray, the bt/wifi module, and the multicard reader of the first retail PS3 model)
For the syscon are this PKG's: https://www.psdevwiki.com/ps3/System_Controller_Firmware#Known_Retail_syscon_update_packages

You can check the syscon firmware/patch version you have installed in your PS3 in this screen (available with a secret button combo)
https://www.psdevwiki.com/ps3/More_System_Information
https://www.psdevwiki.com/ps3/Talk:More_System_Information

When you install a PS3UPDAT.PUP the installer does a check to this chips to know his revision and firmware versions, and incase one of the PKG's is "applicable" to your syscon is installed... otherway (if your syscon firmware is updated) then is not installed

Spoiler

This is why some people with a damaged bt/wifi module, or without the bluray daughterboard are trapped in a infinite blackscreen loop when they tryed to install a PS3 firmware... the installer cant pass that point of the check
In plain words... the installer asks to the chip "tell me your revision and version", and the chips doesnt replyes... so the PS3 firmware installer stops the installation with an error

And syscon have a dual data bank btw, it stores 2 firmwares... the actual and the previous syscon firmwares installed in it

----------
Now that the key to decrypt the syscon PKG's is public, it allows to rebuild the syscon PKG with some custom changes... then build a PS3UPDAT.PUP with the custom syscon firmware PKG inside it... then install the PS3UPDAT.PUP as a normal PS3 firmware

WOW...Amazing

 

I have a little doubt ... sorry if she looks stupid, but I was wondering ... this would allow us a CFW on the 3k and 4k models right? okay ... have you said yes ... so ... what will the downgrade look like? why on 4k models the minimum version is up to 4.20 and 3k models is up to 3.60 if I'm not mistaken, or will not have a downgrade? since the syscon keys were discovered in the current firmware (I think).

 

I have a little doubt ... sorry if she looks stupid, but I was wondering ... this would allow us a CFW on the 3k and 4k models right? okay ... have you said yes ... so ... what will the downgrade look like? why on 4k models the minimum version is up to 4.20 and 3k models is up to 3.60 if I'm not mistaken, or will not have a downgrade? since the syscon keys were discovered in the current firmware (I think).

it's not the downgrading that's the problem exactly. the original metldr 's key was found, and that's older slims and phats. 3x and 4x use different keys.

 

Yes, syscon have his own firmware. Inside a standard PS3UPDAT.PUP there are a few PKG's to update the firmware of some components of the motherboard (syscon, bluray, the bt/wifi module, and the multicard reader of the first retail PS3 model)
For the syscon are this PKG's: https://www.psdevwiki.com/ps3/System_Controller_Firmware#Known_Retail_syscon_update_packages

You can check the syscon firmware/patch version you have installed in your PS3 in this screen (available with a secret button combo)
https://www.psdevwiki.com/ps3/More_System_Information
https://www.psdevwiki.com/ps3/Talk:More_System_Information

When you install a PS3UPDAT.PUP the installer does a check to this chips to know his revision and firmware versions, and incase one of the PKG's is "applicable" to your syscon is installed... otherway (if your syscon firmware is updated) then is not installed

Spoiler

This is why some people with a damaged bt/wifi module, or without the bluray daughterboard are trapped in a infinite blackscreen loop when they tryed to install a PS3 firmware... the installer cant pass that point of the check
In plain words... the installer asks to the chip "tell me your revision and version", and the chips doesnt replyes... so the PS3 firmware installer stops the installation with an error

And syscon have a dual data bank btw, it stores 2 firmwares... the actual and the previous syscon firmwares installed in it

----------
Now that the key to decrypt the syscon PKG's is public, it allows to rebuild the syscon PKG with some custom changes... then build a PS3UPDAT.PUP with the custom syscon firmware PKG inside it... then install the PS3UPDAT.PUP as a normal PS3 firmware

Wow friend, I've been reading things related to the type of memory S@ny chose (EEPROM) and I found that this memory can be read unlimitedly while if it has a writing limit and its programming process is very complex,the work that they have done to collect syscon data is great.

 

it's not the downgrading that's the problem exactly. the original metldr 's key was found, and that's older slims and phats. 3x and 4x use different keys.

okay ... thanks..because for a moment I had not thought of that, of course the keys are different lol .... sorry I had not even remembered that lol.

 

Everything related with the new syscon hacks is like opening a can of worms, there are many experiments that can be tryed now, and all of them are risky, lol

But what i mentioned in this thread would not allow to install a CFW in a PS3 30xx or 40xx in 4.85... at least not with what i said... if someone adds some hacks to the recipe... maybe... who knows

 

3.56 was hackable as well, but you needed a flasher to do it. 3.55 is just the highest firmware you could install to where you needed nothing else. I think the flasher thing is mentioned with 3.56 on the sku page of psdevwiki.

 

Rought explain (im ignoring some steps of the boot process)

When PS3 boots syscon "wakes up" CELL... then CELL takes the "metldr" and copyes it into one of his co-processors (one of the 7 SPUs enabled inside CELL), then decrypts metldr, and since that point metldr decrypts the next stages of the bootchain

That process of copying metldr into a SPU and decrypt it inside it is named "isolation" because in theory is imposible to access metldr in his decrypted form (CELL doesnt allow to read the SPU contents for security reasons)

The metldr exploit dumps the metldr from a SPU in his derypted form... and by opening it in a hexeditor they got the key used to decrypt the next stages of the boot process
So... from that point all the next stages of the boot process was breached (is posible to decrypt the whole firmware, because every stage contains the keys needed to decrypt the next stage)

To fix that problem sony starting manufacturing the PS3 at factory with a new metldr (containing other different key)... thats the key needed to build a CFW... and is unknown

--------------
Btw, notice the egg-and-chicken of what i explained of the original metldr exploit ?... in CFW we can dump metldr decrypted... but we dont know the key do decrypt it (is CELL who decrypts it while is inside a SPU and we dont know the key)
So... in CFW we are making a copy of the contents of the egg... but we dont know how to open the egg

 

There are many people hopeful that with this you can open a door to CFW but experimenting with syscon can be a suicidal process, as some developer would do to revive a console with corrupted syscon data if he is the one who starts the boot chain.

 

There are some non-retail PS3 models with an additional daughterboard named the Communication Processor (usually shorted as "CP"), that board have an additional syscon chip, a bit different than the syscon soldered in the motherboard, that syscon have some functions unlocked, and the board runs an small linux
Is like the PC motherboards with 2 BIOS... if you brick BIOS_1 you can use BIOS_2 to unbrick BIOS_1

The people researching all this are using that PS3 models, is a lot more safer than using a retail PS3... but i guess some experiments could be dangeros even for that PS3 models

 

And syscon have a dual data bank btw, it stores 2 firmwares... the actual and the previous syscon firmwares installed in it

ros0 and ros1?

 

ros0 and ros1?

No, ros0 and ros1 are inside flash chip
And syscon have 2 banks inside his eeprom
I guess are related but i dont know how. The interesting thing is the PS3 have dual boot at several levels

2 syscon firmwares
2 ros areas
2 boot modes (gameOS or otherOS)

Maybe someone will find a way to use this dual boots with some custom features for something handy. This is one of the reasons why i mentioned the "antibrick" feature in one of my first posts of this thread

 

No, ros0 and ros1 are inside flash chip
And syscon have 2 banks inside his eeprom
I guess are related but i dont know how. The interesting thing is the PS3 have dual boot at several levels

2 syscon firmwares
2 ros areas
2 boot modes (gameOS or otherOS)

Maybe someone will find a way to use this dual boots with some custom features for something handy. This is one of the reasons why i mentioned the "antibrick" feature in one of my first posts of this thread

I like the anti brick ideas.
The wii had something similar with a different boot partition which could be used to boot before anything else, so you could install onto that to be able to boot into a type of recovery and reflash a backup taken at the start of the hacking process.

I hope this does become a feature...

I'm excited to see the possibilities

 

No, ros0 and ros1 are inside flash chip
And syscon have 2 banks inside his eeprom
I guess are related but i dont know how. The interesting thing is the PS3 have dual boot at several levels

2 syscon firmwares
2 ros areas
2 boot modes (gameOS or otherOS)

Maybe someone will find a way to use this dual boots with some custom features for something handy. This is one of the reasons why i mentioned the "antibrick" feature in one of my first posts of this thread

If we can switch the active ROS in the syscon "manually", we can have a real dualboot system in a single flash chip. Need to swap the hdd too.

 

No, ros0 and ros1 are inside flash chip
And syscon have 2 banks inside his eeprom
I guess are related but i dont know how. The interesting thing is the PS3 have dual boot at several levels

2 syscon firmwares
2 ros areas
2 boot modes (gameOS or otherOS)

Maybe someone will find a way to use this dual boots with some custom features for something handy. This is one of the reasons why i mentioned the "antibrick" feature in one of my first posts of this thread

Well it seems he certainly hasn't left the scene and continues to work on it. Exciting stuff being done.

 

I wonder if it will be possible to pair a CELL BE from one motherboard to another,
I heard the pairing is in the syscon.

 

@sandungas why you leave casabonita? ;(

 

@sandungas why you leave casabonita? ;(

For the same reason i stopped login in psdevwiki, it wakes up my homicidal instincts ;(