PS3 PS3Xploit Flash Writer (4.90 HFW)

HuskyX said:
Hey, I'm having a really strange issue where the .bin is not saving to my USB stick. I've selected slot 000 and the USB is in the right slot closest to the disk drive. I select NOR at the beginning too. The P3T file overwrites and when I try to dump the NOR flash memory, the .bin does not appear in my USB stick. I formatted with rufus following all the steps of MrMario2011's newest guide.
I'm on a 25XX 0C slim model.
Click to expand...
Try a different USB drive, make sure you can see it on the XMB beforehand (like in the photo column for example). Make sure the USB is formatted as FAT32 aswell.
 
Mello_1993 said:
3.60 or higher doesn't work
Click to expand...
Fala Mello, blz.
Meu MyVersionChecker deu 3.60, então infelizmente já era.
Jeito é ficar no HEN mesmo.

English:
Speak Mello, blz. My MyVersionChecker was 3.60, so unfortunately it's gone. The way is to stay at HEN.
 
Last edited by a moderator:
PeterPetrelli19 said:
Hi guys! Great news

I'm on OFW 4.90 can I make a dump before even HFW 4.90.1? Does it make sense or will it be the same?
Click to expand...
its always good to have multiple backups, just in case. Having the OFW dump though probably not critical if you have an HFW dump. It would only be needed if you need to restore using a hardware flasher.

Edit: You currently can't even make a backup on OFW, I forgot lol. So HFW dump is all you can technically so right now, without BG Toolset.
 
Last edited:
Well I do not have a hardware flasher, so I'm guessing it will be for nothing...
But the thing is I do not know the process of this Flasher there's only a screen to select the device...
It dumps a valid CFW to update to the USB?
It makes a backup first? Then screen changes?
If it does not a dump... how to dump a backup from OFW 4.90?
 
PeterPetrelli19 said:
Well I do not have a hardware flasher, so I'm guessing it will be for nothing...
But the thing is I do not know the process of this Flasher there's only a screen to select the device...
It dumps a valid CFW to update to the USB?
It makes a backup first? Then screen changes?
If it does not a dump... how to dump a backup from OFW 4.90?
Click to expand...
well lol. There are threads covering this on here.

Its simpler than that. It makes a backup of your current flash onto usb. Then it downloads the small patch and applies it to your actual PS3 systems flash. Thats all. Once patched, you reboot and can install CFW.
 
esc0rtd3w said:
well lol. There are threads covering this on here.

Its simpler than that. It makes a backup of your current flash onto usb. Then it downloads the small patch and applies it to your actual PS3 systems flash. Thats all. Once patched, you reboot and can install CFW.
Click to expand...
Would it be possible to add a "dump again" button that you can use if the flash dump fails or if you get any dangers / warnings? Right now you have to close the browser and start over.
 
i've read of some users on twitter and youtube comments having issues of dns blocking the pc webserver or whatever, so i decided to skip any headache for myself and to just create a subfolder on my own domain and host the elements there (for my own personal use!)

i'm assuming really all i need to do is edit the html line
"window.location.href = 'flash490.P3T';"
and change that to
"window.location.href = 'http://www.mydomain.com/subfolder/flash490.P3T';"

and that should be good to go in the ps3 web browser, right?
 
Keith Huntington said:
i've read of some users on twitter and youtube comments having issues of dns blocking the pc webserver or whatever, so i decided to skip any headache for myself and to just create a subfolder on my own domain and host the elements there (for my own personal use!)

i'm assuming really all i need to do is edit the html line
"window.location.href = 'flash490.P3T';"
and change that to
"window.location.href = 'http://www.mydomain.com/subfolder/flash490.P3T';"

and that should be good to go in the ps3 web browser, right?
Click to expand...

If you host it in your own domain, you don't need to make changes.
The file 'flash490.P3T' is downloaded using the same path (folder) of the index.html of PS3Xploit.

Here are 2 online mirrors ready to use:
https://evilnat.github.io/flashwriter/
https://ps3addict.github.io/writer/writer.html

However lmn7 recommends to use a local server for safer results.
 
NiQ said:
Would it be possible to add a "dump again" button that you can use if the flash dump fails or if you get any dangers / warnings? Right now you have to close the browser and start over.
Click to expand...
Yes, but during testing I noticed none of the dumps were bad. It would mainly be useful in cases where people chose the wrong USB slot, but they can still reload the page. The reason why I didn't allow a second dump to be made after patching is because it would overwrite the first dump, but maybe in the future this could be added by changing the file name in memory.
 
lmn7 said:
Yes, but during testing I noticed none of the dumps were bad. It would mainly be useful in cases where people chose the wrong USB slot, but they can still reload the page. The reason why I didn't allow a second dump to be made after patching is because it would overwrite the first dump, but maybe in the future this could be added by changing the file name in memory.
Click to expand...
And adding a timestamp at the ending of the dump filename ?, this way every dump will have an unique name, so no overwrite posible
 
Doing that is definitely possible, but the question then is how foolproof can you even make it? Just like with BGToolset, most users won't even bother checking if that file exists, let alone whether the contents are recoverable. :disturbed:

The closest thing I could think of is integrating PyPS3checker into it, but doing that is of course out of reach for browser based tools.
 
sandungas said:
And adding a timestamp at the ending of the dump filename ?, this way every dump will have an unique name, so no overwrite posible
Click to expand...
It's a good idea, but there are some things to consider before implementing something like that. Basically every time you change a variable in JS that's then referenced by a ROP chain, you need to find the address of that variable in memory again, and then change the offset in the ROP chain to reflect that (hence, you also need to find the offset of the ROP chain again). I've not tested something like that since the improved memory searching was put in, but you could see why that could cause some issues.

There's ways to work around this, but it all requires more testing.

kostirez1 said:
Doing that is definitely possible, but the question then is how foolproof can you even make it? Just like with BGToolset, most users won't even bother checking if that file exists, let alone whether the contents are recoverable. :disturbed:

The closest thing I could think of is integrating PyPS3checker into it, but doing that is of course out of reach for browser based tools.
Click to expand...
This is exactly right. People need to do more research about what they're actually doing before they do it. I've already seen posts on reddit of people trying to flash incompatible consoles and then getting confused when they're told exactly why it won't work.

There's only so much you can do to stop people from making mistakes. In truth, a lot of these people shouldn't be hacking their consoles at all. Having easy to follow tutorials is a double edged sword and the bad part is it allows people who would otherwise know absolutely nothing to jailbreak their consoles without taking proper precautions.
 
kostirez1 said:
The closest thing I could think of is integrating PyPS3checker into it, but doing that is of course out of reach for browser based tools.
Click to expand...
Hmmm, now that you mention it... PyPS3checker is composed by tenths (or hundreds ?) of checks, implementing all them in the flash writer could be overkill, but maybe @littlebalup have a suggestion for a small selection of the most important checks
You know... only 10 or 11 checks, enought to identify if the dump is critically damaged

Of course, something like that would require a warning advising that "this integrity check is not 100% failproof"
 
sandungas said:
Hmmm, now that you mention it... PyPS3checker is composed by tenths (or hundreds ?) of checks, implementing all them in the flash writer could be overkill, but maybe @littlebalup have a suggestion for a small selection of the most important checks
You know... only 10 or 11 checks, enought to identify if the dump is critically damaged

Of course, something like that would require a warning advising that "this integrity check is not 100% failproof"
Click to expand...
I actually don't mind implementing all of it, or at least most of it (minus Super Slim related things). Sounds like a good exercise for C/C++.

Edit:
I also found some repo of tools included in MFW Builder: https://github.com/manusan/ps3tools

That cosunpkg stuff looks super easy, maybe it could be used to unpack and inspect the CoreOS file before it is written, at least to make sure that noFSM related files are modified. And also that the files inside aren't corrupted in any obvious way.

I'm mostly referring to my other project right now, HEN Flash Patcher.
 
Last edited:
sandungas said:
Hmmm, now that you mention it... PyPS3checker is composed by tenths (or hundreds ?) of checks, implementing all them in the flash writer could be overkill, but maybe @littlebalup have a suggestion for a small selection of the most important checks
You know... only 10 or 11 checks, enought to identify if the dump is critically damaged

Of course, something like that would require a warning advising that "this integrity check is not 100% failproof"
Click to expand...
The concept i think of is so simple but i think it will cost memory/time

the idea is :
- Have the patch file to only change isoldr & spu_pkg_rvk_verifier in coreOS so to allow modified PUP installation (i didn't saw the patches change since a long time, i remember the same patch have been applied for like last 6 to 10 updates lol).

- Auto Dump Flash or (the Two files i mention before) (backup is saved either HDD or USB)
- Patch Flash the files
- Auto Dump the two files again to compare
- if the hash of file is identical to the one set in exploit var it will show green message telling you can reboot
- if hash diffrent from original & different from hash of patched file ,restore original files
 
You must log in or register to reply here.

Similar threads

Back
Top