PS3 Ps3Xploit Tools v2.0 - Improved Flash Writers & Dumpers (Even easier to install CFW on 4.82 OFW )

UPDATE 04-02-2020
These tools have been superseded by the BG Toolset
** www.** ** www.ps3xploit.net > Domain no Longer owned by team** (NEW URL = http://ps3toolset.com) > Domain no Longer owned by team** (NEW URL = http://ps3toolset.com > Domain no Longer owned by team** (NEW URL = http://ps3toolset.com)/bgtoolset/










UPDATE (OCT. 11 2018) - With the release of OFW 4.83 portions of PS3Xploit have been patched, The team is looking at workarounds, STAY ON 4.82, DO NOT UPDATE TO 4.83 AT THIS TIME:
IMPORTANT UPDATE (MARCH-2019) v3.0.1 was released providing support for 4.84 HFW (a new hybrid firmware that restores PS3Xploit for 4.84 OFW user's (See Link to HFW)
dI will start this off with NO you can not jailbreak your PS3 SuperSlim Console's (seems to be a popular question), however that does not mean the Ps3Xploit Team, (bguerville, esc0rtd3w, habib & W), has not been hard at work, with this new release of Ps3Xploit v2.0.. In this release all the tools (IDPS Dumper, Flash Dumper & Flash Writer) have seen significant improvements and now performing the task such as installing a Custom Firmware on your 4.82 OFW PS3 (with flash writer) has been made even easier and very stable thanks to the team's new checks implemented and progression of the exploit. The Flash and IDPS dumper are also much improved. All the details are provided below please read all the spoiler and tabs before asking any questions.
-STLcardsWS​

PS3Xploit_Tools_v2.jpg


PS3Xploit 2.0 Tools Now LIVE!!
Ps3Xploit 2.0 Release >> IMPORTANT DETAILS << FLASH DUMPER TOOL FLASH WRITER IDPS DUMPER

  • Included Tools
    • 4.XX IDPS DUMPER
    • 4.XX FLASH DUMPER (USB Edition)
    • 4.XX FLASH DUMPER (HDD Edition)
    • 4.82 NOR/NAND WRITER (USB Edition)
    • 4.82 NOR/NAND WRITER (HDD Edition)
    Ps3Xploit Tools Changelogs
    v2.0
    • Freeze issues - Fixed
    • Occasional bad dumps - Fixed
    • No beeps & shutdown. Replaced by a graceful ROP chain exit & return to browser. This gives the opportunity to the user to dump after patching & validate the dump with littlebalup's py checker. As long as the user does not shutdown/restart, it's still possible to recover from bad patching.
    • Support for usb port 0,1,6 + sd/cf/ms cards.
    • Multi firmware support on all dumpers (4.10+) & DEX support on 4.81.
    • HDD editions for all dumpers & flash writer where a picture file placeholder is used for read/write operations.
    • Javascript refactoring for performance & efficiency.
    • **ps3xploit.com >Domain no Longer owned by team** (ps3xploit.me =new) will host the 2.0 update, no need for 3rd party sites.

    v1.0 (Thanksgiving 2017 Release)
    • Supports Direct OFW to CFW patching for All Phat and 2xxx Slim (minver 3.56 Dec 2010 and lower)
    • the NOR/NAND writer will just copy 3Mb of CoreOS data to both ros0 & ros1 in the flash memory.
    • There is only one version released for 4.82. The same hex patch file can be used on nor & nand.
    • It's as safe as possible, with a check for usb device & patch file making the exploit hang instead of corrupting flash if file is not found.
    • In case of corruption (extremely rare but could always happen), it's only a partial brick because no per console info ever gets erased so a hardware flasher could still be used if ever a recovery reboot was impossible



  • Frequency Asked Questions

    Will this jailbreak my SuperSlim?
    • NO,The Flasher Writer Tool is not Supported on the SuperSlim and a some very late Slim models, Howeever, PS3Xploit has a strong possiablity to eventually evolve into a HEN style exploit (that aspect will take some additional development.)

    Which PS3Xploits Tools are Compatible with my PS3 Console?
    FAT SLIM SuperSlim


    • 9199-7853467153566ba1908c9b32aa331bb5.jpg.png
      Check this sticker on the back of your PS3 to view your PS3 Model.
      Flash Writer Model Compatibility (PHAT):
      • CECH-A01 (NAND)
      • B (NAND)
      • C (NAND)
      • E (NAND)
      • G (NAND)
      • H (NOR)
      • J (NOR)
      • K (NOR)
      • L (NOR)
      • M (NOR)
      • P (NOR)
      • Q (NOR)

      All DUMPER (FLASH/IDPS) & FLASH WRITER TOOLS are Supported for this model.


    • 9200-4361b3a6a7359ffe524f966d4eeca4bc.jpg.png
      Check this sticker on the back of your PS3 to view your PS3 Model.

      ***IMPORTANT***
      You must pay very close attention to your PS3 SLIM Models depending on when the PS3 SLIM was manufactured will determine if your console can install CFW (Flasher Writer Compatibility).

      For the 25XX series or even if your unsure about any of the models it is reccomnded you run the minverchk PUP >> (DOWNLOAD) & (How to use Minverchk) its a simply utility that show the factory installed firmware on your ps3 and for the CECH-25XX model if the utility shows 3.56 or lower you are compatible but if it shows 3.60 and higher that means your are NOT compatible to use the Flash Writer (CFW enabler for 4.82 CFW)

      • Flash Writer Model Compatibility (SLIM):
        • 20XX NOR
        • 21XX NOR
        • 25XX NOR (3.56 minver. and Lower)
      • NOT COMPATIBLE (SLIM):
        • 25XX NOR (3.60 and Higher)
        • 3XXX NOR


      All DUMPER (FLASH/IDPS) TOOLS are Supported for this model.



    • 9203-5ab5229a0530b0274c59419c8b4f8987.jpg
      Check this sticker on the back of your PS3 to view your PS3 Model.
      • FLASH WRITER NOT COMPATIBLE (SUPERSLIM):
        • 4XXXA EMMC
        • 4XXXB NOR
        • 4XXXC NOR
      All DUMPER (FLASH/IDPS) TOOLS are Supported for this model.


    Where can i find official info and details?
    • Official Website (Exploit Hosting / Info) @ ** http://www.**ps3xploit.com >Doma...no Longer owned by team** (ps3xploit.me =new)
    • Official Ps3Xploit Forum (Support/News/Info): @ http://www.psx-place.com/forums/PS3Xploit/
    Warning: Known Limitation
    • Due to the lack of proper checks after exiting the ROP chain, it is possible in some cases to obtain a success message despite an operation failure. For instance, if you choose a path where no device is plugged in, a dumper page will still display a success message despite the fact the dump save could not work. This limitation has already been addressed, the added operation checks will be part of an update to these PS3Xploit tools which will be released in the coming weeks, that update will be final, no more will come after it


  • FLASH Dumper's Help

    USB EDITION HDD EDITION

    • PS3 4.xx NAND/NOR/EMMC FLASH DUMPER v2.0
      All PS3 models supported
      All 4.10+ CEX CFW/OFW supported
      4.81 DEX CFW/OFW supported

      IMPORTANT NOTES:
      • It's essential not to flood the browser memory with junk before running the exploit. The reason for this is that due to javascript core memory usage limitations we are scanning several times a small range of browser memory (a few Mb) to find some essential data in RAM, if the memory is flooded then the range to scan becomes much larger & the probabilities that our data is found in the smaller range decrease dramatically....
      • So in short, never use the browser or use a homepage you cancel before running the exploit!
      • It is recommended to set your homepage temporarily to the exploit page you wish to use to ensure there is no memory flooding messing with the exploit initialization stage.
      Steps:
      1. Open the browser & browse to the **ps3xploit.com >Domain no Longer owned by team** (ps3xploit.me =new) website, go to the page of the exploit you need. Set the current page as browser homepage. Don't launch the exploit initialization. Close the browser.
      2. Open the browser. The exploit page will load automatically. Choose your dump path option.
      3. Press the exploit initialization button & wait until initialization succeeds. If it fails, follow the refresh/reload instructions on screen.
      4. Trigger the exploit by pressing the dump button.
      5. On success, validate your dump with the py checker tool.

    • PS3 4.xx NAND/NOR/EMMC FLASH DUMPER - HDD EDITION v2.0

      All PS3 models supported
      All 4.10+ CEX CFW/OFW supported
      4.81 DEX CFW/OFW supported

      IMPORTANT NOTES:
      • It's essential not to flood the browser memory with junk before running the exploit. The reason for this is that due to javascript core memory usage limitations we are scanning several times a small range of browser memory (a few Mb) to find some essential data in RAM, if the memory is flooded then the range to scan becomes much larger & the probabilities that our data is found in the smaller range decrease dramatically....
      • So in short, never use the browser or use a homepage you cancel before running the exploit!
      • It is recommended to set your homepage temporarily to the exploit page you wish to use to ensure there is no memory flooding messing with the exploit initialization stage.
      Steps:
      1. Open the browser & browse to the **ps3xploit.com >Domain no Longer owned by team** (ps3xploit.me =new) website, go to the page of the exploit you need. Set the current page as browser homepage. Don't launch the exploit initialization. Close the browser.
      2. Open the browser. The exploit page will load automatically. Download the dump.jpg placeholder file to your PS3 System Storage using the provided link as instructed on screen.
      3. Press the exploit initialization button & wait until initialization succeeds. If it fails, follow the refresh/reload instructions on screen.
      4. Trigger the exploit by pressing the dump button.
      5. On success, retrieve the dump file from the PS3 XMB Photo section, rename it appropriately to dump.hex or whatever & validate your dump with the py checker tool.


    Usage Tips:
    • Try using a LAN connection or a solid WiFi connection during exploitation. A weak signal can cause problems.
    • If the exploit takes more than 5 minutes to work, reload page, browser, or restart console and try again.
    • ]If you are using a LAN connection and experience network issues, make sure all cables to router are in working order.



  • USB EDITION HDD EDITION

    • PS3 OFW 4.82 NAND/NOR FLASH WRITER v2.0
      ***** IMPORTANT DETAILS BELOW -- AVOIDING A BRICK *****
      WARNING: USE ONLY THE PROVIDED flash_482.hex AS IS. DON'T PATCH IT OR MODIFY IT OR YOU WILL BRICK *****
      • Verify flash_482.hex file on a flash drive and in the selected USB slot!
        • flash_482.hex MD5: d05be52f8d21700052fbd1fc0174acae
      • DO NOT USE ON CFW (Custom Firmware) (Only Supports OFW)
      • DO NOT USE ON PS3 Models 3xxx/4xxx (aka late Slim or Superslim models), you would brick those consoles.
      • ON SLIM 2xxx Consoles, always use MinVerChck PUP to ensure that the minimum installable firmware version is < 3.60, if ever the minimum version is >3.56, using the flash writer would partially brick your console!
      • USE ONLY ON 4.82 OFW

      IMPORTANT NOTES:
      • It's essential not to flood the browser memory with junk before running the exploit. The reason for this is that due to ps3 javascript core memory usage limitations we are scanning several times a small range of browser memory (a few Mb) to find some essential data in RAM, if the memory is flooded due to previous browsing then the range to scan becomes much larger & the probabilities that our data is found in the smaller range decrease dramatically..
      • So in short, never use the browser or use a homepage you cancel before running the exploit!
      • It is recommended to set your homepage temporarily to the exploit page you wish to use to ensure there is no memory flooding messing with the exploit initialization stage.

      Steps:
      For best results with flash writer, here are the recommended steps.
      1. Install OFW 4.82 twice on the console you wish to flash to avoid the potential corruption error during CFW installation.
      2. Open the browser & browse to the **ps3xploit.com >Domain no Longer owned by team** (ps3xploit.me =new) website, go to the page of the exploit you need. Set the current page as browser homepage. Don't launch the exploit initialization. Close the browser.
      3. Open the browser. The exploit page will load automatically. Choose your path option.
      4. Press the exploit initialization button & wait until initialization succeeds. If it fails, follow the refresh/reload instructions on screen.
      5. Trigger the exploit by pressing the patch button.
      6. On success, load the **ps3xploit.com >Domain no Longer owned by team** (ps3xploit.me =new) flash dumper, dump the flash memory & validate it with py checker tool. Do NOT restart the console if ever the validation tool gives you errors/warnings on both ros0 & ros1 or you risk to partially brick your console. Report your problem instead.
      7. When you are satisfied with the dump validation, restart your console & install a 4.82 CFW.


    • PS3 OFW 4.82 NAND/NOR FLASH WRITER - HDD EDITION v2.0
      ***** IMPORTANT DETAILS BELOW -- AVOIDING A BRICK *****
      WARNING: USE ONLY THE PROVIDED flash_482.jpg AS IS. DON'T PATCH IT OR MODIFY IT OR WILL BRICK *****
      • YOU
      • Download flash_482.jpg file to PS3 System Storage!
        • flash_482.jpg MD5: d05be52f8d21700052fbd1fc0174acae
      • DO NOT USE ON CFW (Custom Firmware) (Only Supports OFW)
      • DO NOT USE ON PS3 Models 3xxx/4xxx (aka SuperSlims / Late Slim models), you would brick those consoles.
      • ON SLIM 2xxx Consoles, always use MinVerChck PUP to ensure that the minimum installable firmware version is < 3.60, if ever the minimum version is >3.56, using the flash writer would partially brick your console!
      • USE ONLY ON 4.82 OFW

      IMPORTANT NOTES:
      • It's essential not to flood the browser memory with junk before running the exploit. The reason for this is that due to ps3 javascript core memory usage limitations we are scanning several times a small range of browser memory (a few Mb) to find some essential data in RAM, if the memory is flooded due to previous browsing then the range to scan becomes much larger & the probabilities that our data is found in the smaller range decrease dramatically..
      • So in short, never use the browser or use a homepage you cancel before running the exploit!
      • It is recommended to set your homepage temporarily to the exploit page you wish to use to ensure there is no memory flooding messing with the exploit initialization stage.
      Steps:
      For best results with flash writer, here are the recommended steps.
      1. Install OFW 4.82 twice on the console you wish to flash to avoid the potential corruption error during CFW installation.
      2. Open the browser & browse to the **ps3xploit.com >Domain no Longer owned by team** (ps3xploit.me =new) website, go to the page of the exploit you need. Set the current page as browser homepage. Don't launch the exploit initialization. Close the browser.
      3. Open the browser. The exploit page will load automatically. Download the patch file flash_482.jpg to your PS3 System Storage using the provided link on screen.
      4. Press the exploit initialization button & wait until initialization succeeds. If it fails, follow the refresh/reload instructions on screen.
      5. Trigger the exploit by pressing the patch button.
      6. On success, load the **ps3xploit.com >Domain no Longer owned by team** (ps3xploit.me =new) flash dumper, dump the flash memory & validate it with py checker tool. Do NOT restart the console if ever the validation tool gives you errors/warnings on both ros0 & ros1 or you risk to partially brick your console. Report your problem instead.
      7. When you are satisfied with the dump validation, restart your console & install a 4.82 CFW.

    Usage Tips:
    • Try using a LAN connection or a solid WiFi connection during exploitation. A weak signal can cause problems.
    • If the exploit takes more than 5 minutes to work, reload page, browser, or restart console and try again.
    • ]If you are using a LAN connection and experience network issues, make sure all cables to router are in working order.

  • PS3 4.xx IDPS DUMPER v2.0

    All PS3 models supported
    All 4.10+ CEX CFW/OFW supported
    4.81 DEX CFW/OFW supported

    IMPORTANT NOTES:
    • It's essential not to flood the browser memory with junk before running the exploit. The reason for this is that due to javascript core memory usage limitations we are scanning several times a small range of browser memory (a few Mb) to find some essential data in RAM, if the memory is flooded then the range to scan becomes much larger & the probabilities that our data is found in the smaller range decrease dramatically....
    • So in short, never use the browser or use a homepage you cancel before running the exploit!
    • It is recommended to set your homepage temporarily to the exploit page you wish to use to ensure there is no memory flooding messing with the exploit initialization stage.
    Steps:
    1. Open the browser & browse to the **ps3xploit.com >Domain no Longer owned by team** (ps3xploit.me =new) website, go to the page of the exploit you need. Set the current page as browser homepage. Don't launch the exploit initialization. Close the browser.
    2. Open the browser. The exploit page will load automatically. Choose your dump path option.
    3. Press the exploit initialization button & wait until initialization succeeds. If it fails, follow the refresh/reload instructions on screen.
    4. Trigger the exploit by pressing the dump button.
    5. On success, check your idps dump with an hex editor.

Source Code & Downloads:
NOR/NAND/EMMC/IDPS 4.xx Dumpers v2.0 Update
NOR/NAND 4.82 Flash Writer v2.0 Update
flash_482.hex (already included in the Flash Writer 2.0 archive) MD5: d05be52f8d21700052fbd1fc0174acae
MinVerChck PUP

IMPORTANT UPDATE (MARCH-2019) v3.0.1 was released providing support for 4.84 HFW (a new hybrid firmware that restores PS3Xploit for 4.84 OFW user's (See Link to HFW)

Exploits now hosted @ **ps3xploit.com >Domain no Longer owned by team** (ps3xploit.me =new)
Official Support Forum: psx-place.com/forums/PS3Xploit/
 
Last edited:
Click to expand...
bguerville
zenthrose said:
I was wondering, is there an offline way to do this? My wifi/bt board cwi-002 on my cechg 40gb ps3 quit working on me. I downloaded the files needed, but haven't done anything with them yet. If there isn't a way to do it without the wifi/bt board I will just have to wait til I can get another one.
Click to expand...
The ethernet is dead as well?
 
Z
bguerville said:
The ethernet is dead as well?
Click to expand...
Yes, on the cechg model if the cwi-002 wifi/bt board goes out the Ethernet won't work either. I have been trying to get something to work for internet on it for hrs and no luck. I need to replace the board no questions about it. But is there an offline mode for the exploit?
 
bguerville
zenthrose said:
Yes, on the cechg model if the cwi-002 wifi/bt board goes out the Ethernet won't work either. I have been trying to get something to work for internet on it for hrs and no luck. I need to replace the board no questions about it. But is there an offline mode for the exploit?
Click to expand...
No. There isn't, sorry. :(

So far we haven't found any way to load locally based html in the browser.
The ps3 browser seems limited to http/https protocols & although the ps3 runs a localhost server that we could use it is essentially an xml parser engine which serves various protocols but not http.

Of course it doesn't mean yet it's totally impossible to do as maybe the localhost server offers a protocol & xml queries allowing to load local html but there is no documentation & the only way to find out is to reverse engineer the localhost server code. Yet another job to do & maybe for nothing.. Lol

Anyway that bt/wifi card costs very little second hand. Have you tried looking at ebay? There are loads of them for 2 to 10 bucks including P&P. ;)
 
Z
Like I said if not I need to get another board anyways. I was just curious if it was possible. I haven't messed with the ps3 since the pexploit for 4.70 allowed backup modifications to install games via a backup exploit
 
E
Help (urgent)
I just tried to flash write my PS3 using this method, and checked my dump.hex but return ROS0 (ROS1 is ok) warning:

PyPS3checker v0.8.x. Check log.

Checked file : dump.hex


******* Getting flash type *******
Flash type : NOR
Reversed : NO

******* Getting SKU identification datas *******
Matching SKU : OK
CECH-25xx datecode:0C (JSD-001 or JTP-001)
Minimum version 3.40

******* Checking CoreOS_region *******
009.01 ROS0 Header : OK
009.02 ROS0 Hash : WARNING!
Size = 0x6FFFE0
MD5 = 8C3F18FE195FADFCA820E8927CE8EFE2
Version = (unknown)

009.03 ROS0 unused 0xFF Filled Area : OK
009.04 ROS1 Header : OK
009.05 ROS1 Hash : OK
Size = 0x6FFFE0
MD5 = 4674CA6C38D45171F45C48191528E36F
Version = 4.82 CEX Patched (PS3Xploit v2.0)

******* Checks completed *******

Total number of checks = 156
Number of dangers = 0
Number of warnings = 2

Following check(s) returned a WARNING!
SDK versions
009.02 ROS0 Hash

All checks done in 2.91 seconds.

Should I continue restart my PS3 or what ? my PS3 still on.





---------- ---------- --------- --------- ----------
*updated: i just restarted my PS3 and seems OK.

I think it will be OK, as long as 1 ros shows "4.82 CEX patched (PS3Xploit v2.0), but I'm curios why there is some people get 0 warning and 0 danger and other people (like me) get 1 error on ros0 or ros1 ?
 
Last edited:
O
HI! I tried to do the exploit on my slim 3.40 factory ofw while its on 4.82 and it failed... I had went through the process twice and it wasn't working I then tried again and when I restarted the system it shut off and had no light I hit the power button the red light comes on I hit it again the green light comes on with the one beep and stays on for a few seconds and shuts off, ive looked into the sequence and its similar to ylod, the fan runs for a quick second and stops so its not the power supply, ive tried throwing it in the oven at 325 but that didn't work I might try it again at 400-450 and go through the process of reballing again but before I do that is it possible that I have to or can for that matter but the ofw nor dump in the board or something... ps if anyone can see the post from ominanon that's me I don't have access to the email linked to my fb forgot the password to it a long while ago and don't have a recovery account on it but I don't think you can see it cause I didn't confirm that account and in the forum thread list the last post section says n/a but anyway... can I souder a wire from nor tristate to ground and it come on so I can fix this I really want it back even though I just bought another one that I can do this to but I want both an ofw and cfw system and my wife... well... yea... lol
 
barelynotlegal
nice to see 2.0 out, better late than never lol (on my part seeing this). just a quick question, i want to dump before i flash/write correct? im reading and for the dumper is says to load exploit page, but then the writer/flasher says to install OFW 4.82 is that correct? want a pre 4.82 dump? its been a while since i used the tools. (i used the first release and was great and eay too)
 
bguerville
barelynotlegal said:
nice to see 2.0 out, better late than never lol (on my part seeing this). just a quick question, i want to dump before i flash/write correct? im reading and for the dumper is says to load exploit page, but then the writer/flasher says to install OFW 4.82 is that correct? want a pre 4.82 dump? its been a while since i used the tools. (i used the first release and was great and eay too)
Click to expand...
Not much point dumping flash memory before flashing anymore but it's essential to get a dump afterwards & validate it with pyps3checker. Don't reboot until a dump is properly validated, it's the only safe way to avoid a brick situation due to user error.

Install 4.82 ofw twice to make sure you don't get the potential error on CFW installation later.

Follow the instructions in this post to the letter.
http://www.psx-place.com/index.php?posts/108103

Use a local server or **ps3xploit.com >Domain no Longer owned by team** (ps3xploit.me =new) but remember never to browse before loading the exploit page. You should set it as homepage & restart the browser.
 
barelynotlegal
bguerville said:
Not much point dumping flash memory before flashing anymore but it's essential to get a dump afterwards & validate it with pyps3checker. Don't reboot until a dump is properly validated, it's the only safe way to avoid a brick situation due to user error.

Install 4.82 ofw twice to make sure you don't get the potential error on CFW installation later.

Follow the instructions in this post to the letter.
http://www.psx-place.com/index.php?posts/111693

Use a local server or **ps3xploit.com >Domain no Longer owned by team** (ps3xploit.me =new) but remember never to browse before loading the exploit page. You should set it as homepage & restart the browser.
Click to expand...
is it all online now or do i still need miniweb? and dump after CFW install to validate flash correct?
 
Guilhermesoti
I need help, my friend used this method to unlock ps3 but he forgot to look at the minimum version of the system and his ps3 is 3.60. he made a backup of the nand checked in the program PS3DumpChecker and the nand this validated, I did the writing using the E3 nor and the tristate point but after the writing of the nand the ps3 turns on and does not appear image, what can be?
sorry my english I'm using google
 
DeViL303
Guilhermesoti said:
I need help, my friend used this method to unlock ps3 but he forgot to look at the minimum version of the system and his ps3 is 3.60. he made a backup of the nand checked in the program PS3DumpChecker and the nand this validated, I did the writing using the E3 nor and the tristate point but after the writing of the nand the ps3 turns on and does not appear image, what can be?
sorry my english I'm using google
Click to expand...
This thread might help you:
http://www.psx-place.com/threads/ps3-brick-while-using-ps3xploit-incorrectly.16303/
 
H
I finished flash writing with the HDD method than I it dumped first with the HDD method for some reason I couldn't validate it with ps3pychecker I did everything I could than I used the USB method to dump and it worked then I rebooted the ps3 its working fine so does it means I can install the cfw
 
You must log in or register to reply here.

Similar threads

Featured content

Trending content

Latest posts

Back
Top