4.85.1 HFW post by @Joonie

UPDATE (10-17-2019): Version 3.0.0 has been released.
See below for additional Details!

---

See also: The Great PS3 HEN All in One (AIO) Guide

---

Here is v3 of the latest PS3 Hack to hit the PS3 Scene with the recent release of PS3HEN. This exploit for nonCFW console's provides homebrew support and a number of Custom Firmware intangibles for those console that can not install a traditional CFW, with those being lat production PS3 Slim models and all of the SuperSlim Consoles. While this is a tremendous release and breakthrough the information behind PS3HEN has been lacking and has served more questions then answers that could be provided. This is due in the way this was delivered and presented. We paused the reporting this on the frontpage until we were pleased with the documentation. So we took it upon ourselves to get the ball rolling on a new PS3HEN F.A.Q. detailing various aspects and info that will be useful for PS3HEN user's. Also we have started forming the PS3HEN Homebrew & Plugin Compatibility Chart



Version 3.x.x has come with a number of new additions for a better experience. Some of the new changes provide full PS3ISO Support ,As well as full BDISO and DVDISO support has been added, plus new improvements to PS3HEN's stability, KW Stealth Extension Added, plus kernel plugin support (v2) to go along with bootplugin support (v1), see changelog below for a complete listing of changes in this new build.
​

-Introduction written by STLcardsWS​

• Release
• Installing / Setup
• Updating HEN
• Updating HEN
• FAQ / Notes
• Homebrew Compatibility
• Developer Information / Plugins

• 
  
  PS3HEN v3.0.0
  
  Compatible with 4.84 and 4.85 HFW ONLY
  
  * PS3HENtai Package Is No Longer Required For v2 or v3. We can all stop saying that now *​
  
  What Is HEN:
  HEN stands for Homebrew ENabler. it also consists of much more new functions relatively close to a CFW
  
  CHANGELOG
  v3.0.0 (Latest Update (12))
  
  Global Changes
  
  • - No Longer Officially Supporting 4.82 Firmware
  
  HEN Plugin Changes
  
  • - Fixed freezing if DVD or CD is already inserted into PS3 when HEN is enabled
  • - Showing error message if reply length is too short from server
  
  Payload Changes
  
  • - Fixed Freezing Problems on All Models
  • - Fixed Issues With Incompatible Models
  • - Improved Sanity Checks
  
  v2.4.0 (Update (11))
  
  Spoiler

  Global Changes
  

  • - Stage2 Size went from 100kb+ to 90kb

  
  Payload Changes
  

  • - Added VSH patches and disabled signature check of RIF, now other tools are compatible
  • - PS3MAPI can now write to VSH text segment like CFW
  • - Disabled VSH check in RIF that R and S cant be just 0
  • - DLC/PSX games RAP support added
  • - Fixed hitching of PSX PAL on NTSC TV and vice versa
  • - Removed unnecessary hooks on CellFsOpen/CellFsRead/CellFsClose, possibly increasing stability
  • - Speed improvement when loading NPDRM type 2 games (need original or RAP Activated RIF), CPU couldnt generate ECDSA fast enough
  • - Fixed issue where people sometimes got stuck downloading games from PSN
  
  v2.3.3 BETA (Update (10))
  
  Spoiler

  Payload Changes
  

  • - Remapping HFW XML from /dev_flash/ now instead of /dev_hdd0/

  
  Resource Changes
  

  • - Updated path pointing to ps3hen_updater.xml in hfw_settings.xml
  
  v2.3.2 (Update (9))
  
  Spoiler

  HEN Plugin Changes
  

  • - Updated To Detect and Support 4.85 HFW

  
  Payload Changes
  

  • - Updated To Detect and Support 4.85 HFW

  
  Resource Changes
  

  • - [4.85 Only] Added 2 SPRX (explore_category_tv.sprx & mtpinitiator_plugin.sprx) to restore 4.85 versions from HFW install
  
  v2.3.1 Release Notes (Update (8))
  
  Spoiler

  HEN Plugin Changes
  

  • - Fixed the issue when Network is disabled

  
  Payload Changes
  

  • - Now mounts both dev_rewrite & dev_blind to save the scene

  
  Resource Changes
  

  • - Added duplicate icon fix by DeViL303
  
  v2.3.0 Release Notes (Update (7))
  
  Spoiler

  Global Changes
  

  • - Exploit init is faster
  • - Increased sleep in html, removed from bins

  
  HEN Plugin Changes
  

  • - HEN Updater added with version check
  • - Fixed crash that sometimes happened on init
  • - If HEN doesnt init an automated soft reboot takes place
  • - HEN can be enabled when failed, and ran successively, without reboot
  • - Removed infinite loop. One second is 10 tries, otherwise reboot

  
  Payload Changes
  

  • - SELF Decrypter Fix
  • - Fixed some blackscreen issues
  • - Fixed freezing if someone tries to enable hen successfully twice
  • - Optimizations added to how much stack is available to the syscalls (original vs before original-0xd0). Thanks @aldostools
  • - Handler requests are passed fast, removed many branch conditions there for faster handling
  • - Updated extended download plugin patches, per @DeViL303 suggestion
  • - HEN queue is drained before the patches get disabled, and also synchronized properly the check to synchronize remove and do patches
  
  v2.2.2 Release Notes (Update (6))
  
  Spoiler

  Payload Changes
  

  • - HEN_init freezing fixed by timer change
  • - Syscall handler bug fixed, removed 2 second hang on XMB no cleanup thread
  • - HashCalc bug fixed, strict hashcheck
  • - USB Package installation support for HEN installer (/dev_usb000/HEN_UPD.pkg)

  
  Resource Changes
  

  • - Updated videoplayer_plugin.sprx to use proper DEX version for each firmware version
  
  v2.2.1 Release Notes (Update (5))
  
  Spoiler

  Global Changes
  

  • - The stackframe and PS3HEN bins are now merged as a single payload binary (PS3HEN.BIN)
  • - Added HEN refresh and version display on initialize, using embedded plugin
  • - Replaced dev_blind with dev_rewrite to maintain RW state at all times
  • - On Boot, HEN Enabler icon is selected by default (Navigate to System Settings > Display [Whats New] > Off)

  
  HEN Plugin Changes
  

  • - HEN version notification on boot
  • - Refreshes Game and Network Category
  • - Enables in-game Screenshot feature
  • - Unloads Itself

  
  Payload Changes
  

  • - HEN Installer feature added and memory management changes
  • - Fixed Encryption
  • - HMAC Hash Validation
  • - PSP ISO Launcher Support
  • - PS2Classics launcher activation on the fly (thanks @aldostools)
  • - Impoved compatibility with apps like MultiMan and others which replace syscall 6-10
  • - Cleanup thread added and Faster boot times for app increasing stability
  • - Embedded buffers and removed memory fragmentation
  • - Memory Management of map_path improved
  • - Memory Optimization (no embedded buffer for kernel plugin, only allocs when requested)
  • - Fail-safe added for stage0 incase stage2 not found (thanks @aldostools)
  • - Fixed bug where if kernel plugin was more than 64kb it will crash PS3
  • - Fixed extern typo of 64mb to 64kb
  • - Added missing COBRA patches & BT/USB passthrough support added
  • - PS3MAPI bugfix + Stability
  • - Self Threading Support. Fixes the issue with a few games (SC Trilogy and etc). ISO/NetISO are supported
  • - Improved SELF auth (Fixes games that run multiple executables. Stability improved)
  • - Added get map path opcode

  
  Resource Changes
  

  • - Default Theme Pack removed from main package and can now download from Themes Updater
  • - HEN Theme Pack by Itroublve_Hacker downloadable package updated with fixed icons
  • - PKG Linker is now located under Package Manager - Install Packages
  • - Cleaned Up Unused XML Entries. Added 1 query for external.xml on usb000 (thanks @DeViL303)
  • - Replaced Manual link from Network column with PS3Xploit Home link
  • - Added new coldboot, icons, and JS/HTML overlay (thanks @xps3riments)
  
  v2.1.1 Release Notes (Update (4))
  
  Spoiler

  Stackframe Binary
  

  • - 4.82 CEX supported! Each FW version has its own payload, stackframe, package, and update XML.

  
  PS3HEN Payload
  

  • - PSNPatch is fixed, no more freezing from syscall removal
  • - Remap for HFW_settings is now fully protected, no more disappearing HFW tools
  • - Stability patches added on initial boot process
  • - HEN check added to verify if HEN enabled, and to prevent freezing

  
  Resources
  

  • - PKG Linker entries added to category_game.xml
  
  v2.1.0 Release Notes (Update 3)
  
  Spoiler

  Many thanks to Habib who accidentally released v1.0.0 as anonymous
  
  PS3HEN Payload
  

  • - Payload size is reduced by 20kb
  • - Advanced QA Flag. This DOES NOT allow downgrading!
  • - Debug Settings Enabler added (QA flag needs to be enabled)
  • - AES calculation now uses internal library from LV2
  • - RAP can now be loaded / accessed from dev_hdd0/exdata

  
  Resources
  

  • - Added Update Themes option to PS3HEN Updater menu
  • - Added theme pack by "Itroublve Hacker" to PS3HEN Updater -> Update Themes
  • - Small text edit on "Theme selector" is now "Theme Selector" under Hybrid Firmware Tools
  
  v2.0.2 Release Notes (Update 2)
  
  Spoiler

  Stackframe Binary
  

  • - C00 unlocker activated by default

  
  PS3HEN Payload
  

  • - RAP activation on the fly, default path : usb000/exdata/<rap> or usb001/exdata/<rap>
  • - Fixed issue with official NPDRM content rif deletion and unable to boot error
  • - PS2 classics launcher support
  • - Added @DeViL303's advanced download plugin patches
  • - Fixed Install All Packages
  • - Fixed explore_plugin patches
  • - App restriction on RemotePlay with PC removed
  • - Improved games compatibilty e.g COD3
  • - Enabling dev_blind by default
  • - Multiple path on boot_plugins & boot_plugins_kernel (HDD & USB) Thanks to @aldostools
  • - Hybrid Firmware Tools available when HEN's activated (Enable HEN to use this feature) *
    *Only available via PS3HEN PKG installation

  
  Resources
  

  • - Fixed infinite spinning wheel when in-game
  • - Both REBUG and Stock Edition available
  • - Hybrid Firmware Tools available via PKG installation
  • - HEN updater support available under Network Category
  • - Official firmware updates via internet blocked
  
  v2.0.1 BETA Notes (Update 1)
  
  Spoiler

  • - mappath is used for enabling xai_plugin so it wouldn't appear on fresh boot.
  • - Remote Play with PC restriction removed
  • - @DeViL303's extended download_plugin support added (offline pkg includes v1.01 HEN edition)
  • - Hybrid Firmware Tools (equivalent to CFW settings with less features)
  • - Both Stock and REBUG edition (theme) available.
  • - webMAN MOD 1.47.20 beta integrated (auto-refresh Game and Network Categories, detection of re-enabled cfw syscalls)
  • - Added option to re-enable cfw syscall by accessing the system update menu on XMB Settings

  
  
  Video via Joonie​
  
  v2.0.0 Release Notes
  
  Spoiler

  • - HOTFIX: Removed HEN Check From Offline Packages
  • - Fake flash is no longer used, in favor of on-the-fly patching
  • - Fixed blackscreen crashes
  • - Fixed random recovery kicks
  • - ISO support added
  • - PS3MAPI support can now read/set process mem using webman
  • - KW stealth extensions added
  • - Random lv2 panic fixed
  • - Added check in html for hen success
  • - Kernel plugins support
  • - Photo gui opcode support for webman
  • - Syscall 389/409 product mode check disabled
  • - Opcode 1339 added, returns HEN version (0x0200)
  • - Full BD/DVD ISO support (AACS decryption required for BDRip)

  
  Notes: WebmanMOD tested with 1.47.17 and 1.47.19, with fan control and PS3MAPI working
  
  v1.0.0 Release Notes
  
  Spoiler

  - Managunz backup manager works best for jb rips(ISO not supported)!
  - MULTIMAN works too but compatibility is not the same.
  - PSXISO Support is there!!!!
  - BD/DVD Region patches
  - BDISO support(stutter with xmb, use showtime)
  - BOOTPLUGINS WORK location "/dev_usb000/boot_plugins_nocobra.txt"(Use webman original one and not the mod one. also disable - content scan on boot in settings)
  - Discless games work with disc icon!
  - Syscall 6 added
  - Syscall 7 added(address>0x8000000000352230) and disabled overwriting syscall 0->15
  - Syscall 15 added
  - Syscall 8 opcodes added for detection HEN and for advanced lv2 poke(read DEVELOPER SECTION)
  - Whole kernel memory RWX(execute kernel payload like this at high locations or hook syscalls etc)
  - PS3MAPI support for modding
  - Debug PKG install
  - Homebrew resigned for 3.55 and less support!
  - Homebrew Root Flags enabled!
  - HAN PKG insall support
  - PSN Connectivity
  - All process executed after HEN have rwx permissions!
  - HAN Enabled by default!
  
  CFW PATCHES:
  CFW settings
  Retail/DEBUG pkg installation
  Unlink to Delete
  Remote play with PC
  Download debug pkg on retail
  Remote play ignores SFO check
  Cinavia protection
  videoplayer_plugin
  DVD region check (not cracking RCE)
  REBUG themed RCO & XML
  AIO copy
  
  NOTES:
  if you get error 80010017 launching homebrew that simply means HEN failure, restart console and try again!(restart is important!)
  also try deleting cache, browsing data, cookies and the likes from browser, make the exploit page the home page
  
  DEVELOPERS:
  #define SYSCALL8_OPCODE_IS_HEN 0x1337
  using this if return 0x1337 its hen
  
  ADVANCED POKE:syscall8(0x7003, addr, value);
  this allows poking any location in lv2 memory BUT you have to restore original value before exiting to another application or exiting to xmb.USE WISELY OTHERWISE PS3 SHUTS DOWN
  
  BDMIRROR:Managunz FTW!(please use Cobra payload because by default its MULTIMAN)
  NOTE:mounting dev_blind will actually mount dev_flash. change files directly from dev_flash instead or hdd0/plugins/CFW/
  
  Kernel Mode returns 0x53434500 on success to user webkit 0x8a000000. its good to measure HEN success. right now hen is already close to or is 100%
• 
  
  ** For All Other Options, please see Developer Tab **
  If you have to ask which one you need, you DO NOT need the developer one!​
  
  
  ATTENTION:
  YOU MUST TURN OFF BROWSER CONFIRM CLOSE OR INSTALLER WILL FAIL
  thanks to everyone for reporting issues
  ​
  
  
  Recommended HEN Setup Instructions
  Auto Installer (Run HEN From Flash)
  
  HEN Enable will be the default XMB landing icon after installation. To make it work properly, navigate to System Settings > Display [Whats New] > Off
  
  4.84/4.85
  

  
  

  Spoiler: METHOD #2 (RemotePlay Refresh)

  4.84/4.85
  

  
  

  Spoiler: METHOD #3 (USB)

  4.85 HFW
  

  4.84 HFW
  

  
  

  Spoiler: METHOD #4 (HAN/HEN Required)

  4.85 HFW
  

  4.84 HFW
  

  
  ​

  ​
• 
  
  Upgrading HEN From v1.x.x to v2.x.x
  
  - Users coming from v1 HEN, should remove the old /dev_hdd0/plugins/CFW/ folder, as it is no longer required for v2 HEN. This can be done by following Standard Online/Local Host Instructions below, then activating FTP with a homebrew like Irisman/Multiman, or using a file manager to delete that /dev_hdd0/plugins/CFW/ directory.
  
  Spoiler: Example FTP

  
  
  
  
  
  
  Thats it, now reboot PS3
  Spoiler: Example File Manager

  Once HEN enabled from Standard Online/Local Host Method, launch Multiman/mmOS and navigate to the far left, select File Manager/mmOS.
  
  Now use the right thumb stick to navigate the mouse icon to PS3 Root icon in upper left corner. Double click with X to open. Navigate to dev_hdd0 and double click. Now go to plugins, and find CFW folder.
  
  Now move the mouse cursor to the CFW directory and press X button, then CIRCLE. Select Delete from the menu and press X again. Thats it, now reboot PS3
• 
  
  2.0.2+ HEN can use online XMB update method.
  You must have HEN enabled already
  Update HEN​
  Network Column -> Hybrid Firmware Tools -> PS3HEN Updater -> Update PS3HEN
  
  Spoiler

  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  
  You can also use the USB method by placing pkg under /dev_usb000/HEN_UPD.pkg
  
  
  
  Show Current HEN Version​
  Network Column -> Hybrid Firmware Tools -> PS3HEN Updater
  
  Spoiler

  this will show version, and you can also click to see changelog info
  
  
  
  
  
  
  
  
  
  
• 
  
  See PS3HEN Frequently Asked Questions
  >> HERE <<

  ---

  
  Additional Notes About PS3HEN​
  
  
  • It is recommended to Disable Confirm Browser Close (TRIANGLE -> Tools -> Confirm Browser Close -> Off) for using any of the web exploits. It just saves the step of having to click the Yes confirmation on exit browser!
  • -Users experiencing 8001003A error, while installing custom packages (i.e. Offline PKG), this means dev_rewrite DID NOT mount and you need to reboot, run /html/han_flash_mount_rewrite.html again, then install package.
  Known Issues:
  None
  
• 
  
  PS3 HEN Homebrew & Plugin Compatibility Chart:
  >> HERE <<​
• 
  
  For Devs Only:
  
  Dev Release Files: PS3HEN_3.0.0-Developers-Only.zip
  ​
  • PS3HEN.BIN_CEX_485 974844BC5DA16DACD9C1DC1BC143BD62
  • PS3HEN.BIN_CEX_485_DEBUG FDDFA260CD0175C5509204D615F2A2E6
  • PS3HEN.BIN_CEX_484 424AB90EF6756DEFD62A90FD188DF8B8
  • PS3HEN.BIN_CEX_484_DEBUG EA52B73E8AE2A2CEAC5B8B5515AF926C
  
  
  Plugin Support
  
  The user plugins filename has changed from v1 (boot_plugins_nocobra.txt) to v2 (boot_plugins.txt)​
  
  
  • Place boot_plugins.txt on dev_usb000 if using plugins
  • Place boot_plugins_kernel.txt on dev_usb000 if using kernel plugins

---

WARNINGS:​

1) DO NOT UNDER ANY CIRCUMSTANCES ENABLE FSM (Factory Service Mode) ON A PS3 WITH PS3HEN!

2) CONNECTION TO PSN SHOULD BE DONE AT YOUR OWN RISK. DISABLING CFW SYSCALLS MAY NOT HIDE YOUR HEN WHILE ON PSN (a popular method used by CFW user's may not be suited for PS3HEN user's)
3) DO NOT INSTALL CCAPI (ControlConsole API), Also beware that some Homebrew is not playing nice with PS3HEN. Most is fine but some advanced featured apps can cause issues, we will keep you posted in the PS3HEN Homebrew Compatibility Thread​

---

Release Files

The PS3HEN.BIN is also included in package.
Here are the MD5 Hashes to verify, if interested:

Source Code @: https://github.com/PS3Xploit/PS3HEN


Other Useful Links
[PS3HEN] The Great Ps3 HEN All in One Guide
ManaGunZ v1.35 for HEN + PS2 emu fix

​

​

​