PS3 [UPDATE] IDPS Dumper (PS3 NAND / NOR ) - 4.81/4.82 OFW Compatible by Team PS3Xploit

{UPDATE v0.2.3 Released(See tab)}
Following the official announcement of the PS3Xploit news (4.81 OFW Exploit), the devs behind the project have fulfilled the promises of releasing the IDPS Dumper for OFW 4.81/4.82 as this release is ready for the public. Now there is many more things being worked surrounding the overall project but this IDPS Dumper works on all models of the PS3 (NOR and NAND, note 12 GB EMMC will be supported soon in an updated release) and no reason not to release this tool. Since PS3 firmware 4.70 Sony had blocked flatz IDPS extracting tool (IDPS Stealer) and there has not been a known way to obtain the IDPS on OFW (4.70 +) consoles , but now this tool can now obtain your PS3's ID, which can have various uses, the tool has been confirmed to work on SuperSlim models by the team. . If you have not read the previous details about the PS3Xploit project, then checkout this official thread to get the firsthand information about this ambitious PS3 project.
​

(UPDATE v0.2.3)

​

UPDATE v0.2.3 - 4.82 UPDATE v0.2.3 - 4.81 UPDATE v0.2.1a IDPS Dumper Release (v0.2 After Leak Release)

• 
  
  UPDATE v0.2.3- IDPS Dumper for 4.82 OFW​
  • Added 4.82 Support
  • Removed all extra requirements like JQuery..
  • Removed the need for string relocations to improve the initial memory search process & overall trigger times.
• 
  
  UPDATE v0.2.3- IDPS Dumper for 4.81 OFW​
  
  
  • Removed all extra requirements like JQuery..
  • Removed the need for string relocations to improve the initial memory search process & overall trigger times.
  
  
• 
  
  
  UPDATE v0.2.1a- IDPS Dumper for 4.81 OFW​
  
  we have some more exciting news to bring you!!
  
  We have been working very hard to bring eMMC support for the newest SuperSlims CECH-40xxA, CECH-42xxA , CECH-43xxA and that has happened.
  
  The team would like to present a nice little update to the 4.81 IDPS Dumper now supporting eMMC hardware revision consoles!!
  
  Please report any issues you have while using this new version on any of the flash types, NAND, NOR, and eMMC.
  
  Thank You to all
  
  ​
  v0.2.1a
  
  • Added eMMC SuperSlim Support (CECH-40xxA, CECH-42xxA , CECH-43xxA)
  • Misc Tweaks To Exploit
  • Small typo on index.html pointed out by @Turranius - Fixed
  
  
  How to use this:
  *** MAKE SURE TO RUN AS ADMINISTRATOR ***
  install python to use server.py or another HTTP server of your choosing on both Windows and Linux!​
  
  On windows - Install any of these optional HTTP servers:
  
  • MiniWeb: https://sourceforge.net/projects/miniweb/files/latest/download
  • Python (for server.py): https://www.python.org/ftp/python/2.7.14/python-2.7.14.msi
  • XAMPP: https://downloadsapachefriends.glob....1.11/xampp-win32-7.1.11-0-VC14-installer.exe
  
  On linux:
  
  • install python for your distribution using apt-get, yum, and similar commands.
  • make script executable using "chmod a+x server.py" or "chmod 775 server.py" or "chmod 777 server.py"
  • execute python script using "/usr/bin/python $exploitFolder/server.py" or "./server.py"
  
  Update on Android: (instructions from @No0bZiLLa)
  
  • I can confirm this does work if using an http server on Android. what i did was downloaded the zip (on my phone) and extracted it and then download something like Simple HTTP Server and point the server to the folder that contains index.html. once you do that just reload the server and make a note of what the ip:port is. then just go to ps3, type in ip:port (eg 192.168.2.7:12345) as specified in simple http server and then select the appropriate button for your system.
  
  
  Then run (for python):
  
  • On windows - windows.bat
  • On linux - linux.sh
  
  
  Usage Tips:
  
  1) Try using a LAN connection or a solid WiFi connection during exploitation. A weak signal can cause problems.
  2) If the exploit takes more than 5 minutes to work, reload page, browser, or restart console and try again.
  3) If you are using a LAN connection and experience network issues, make sure all cables to router are in working order.​
  
  
• 
  
  
  IDPS Dumper Release (v0.2 - After Leak Release)
  ​
  ok....the moment all of you have been waiting for......i assume
  
  • File: ps3_481_idps_dumper-PS3XPloit.zip
  • MD5 Hash: FFDA70AB2D1677886083F99185C54FE3
  • SHA-256 Hash: 852BDB301753C4F4A7E946188E850D3D325EEAA259B61AE2B5AE31320B2F292B
  
  enjoy this release from our team we will be working hard to add eMMC support as soon as possible!!
  
  
  The documentation will be updated as time goes on. There is a readme.txt file included with basic setup and usage instructions.
  
  Please stay tuned for future tools and releases
  
  and once again, THANK YOU to everyone involved bringing this all together, without all of you, none of this would have happened!!!
  
  Additional details from @bguerville
  "The idps dumper will create a file on usb000 then beep 3 times & shutdown in all cases, even if flash memory read fails. emmc should not make a difference to this. You will get garbage in idps.bin in that case.
  
  Js errors with a black page message on ps3 should not happen. If ever it did, just report & in the meantime keep relaunching the exploit. Nobody has had this issue in dozens of tests though.
  
  And clearing cache or cookies is totally unnecessary with the exploit & the wk js interpreter. Between runs garbage collection will take care of cleaning up what is needed, the job it does is always sufficient".
  

It's essential not to flood the browser memory with junk before running the exploit. The reason for this is that due to javascript core memory usage limitations we are scanning several times a small range of browser memory (a few Mb) to find some essential data in RAM, if the memory is flooded then the range to scan becomes much larger & the probabilities that our data is found in the smaller range decrease dramatically....

So in short, never use the browser or set a homepage you cancel before running the exploit!
If you need to, set the homepage to 'blank', close the browser then reopen it to start the idps dumper.​

Set-up Steps:​

1. Setup a small Web server on pc or smartphone. The Python http server is not required for most users, it was provided for developers. Since v0.2.3, all other extra requirements have been removed. Don't come to us for explanations about how to run a http server though. Google it.​
2. Extract the files in your http server root folder.​
3. Put a fat32 USB key in port closest to BD Drive (/dev_usb000).​
4. Open the ps3 browser & write the ip address of your server (and the port if not 80).​
5. Run until ps3 beeps & shutdown. The idps should be on your USB drive as idps.bin.​

​

- Downloads - ​

Download: (4.82) ps3_idps_dumper-v0-2-3-ps3xploit-4-82-zip​

• MD5 Hash: 3c2e1582f52e1002a12ad280f426d0c6
• SHA-256 Hash: 1c49eabd64275171a60c90f0f06f503b7055f4ff863f87e7960d41464d127443

Download: (4.81) ps3_idps_dumper-v0.2.3-PS3XPloit.zip​

• MD5 Hash: 71dd906e585bf470f84f9d4fb10c1f37
• SHA-256 Hash: d4bffe2b7d08c1dda275590229f86903f1db487e9a78364d6a025c3734cd8f68

 

can confirm this does work if using an http server on android. and im sure it would work on i-phones ect

what i did was downloaded the zip (on my phone) and extracted it and then download something like simple http server (im sure there are other servers that would work) and point the server to the folder that contains index.html. once you do that just reload the server and make a note of what the ip:port is. then just go to ps3, type in ip:port (eg 192.168.2.7:12345) as specified in simple http server and then select the appropriate button for your system.

 

maybe @STLcardsWS can make a note about Android HTTP in the OP somewhere?

 

...

maybe @STLcardsWS can make a note about Android HTTP in the OP somewhere?

Added

 

don't know about android, but I believe xampp doesn't require a port since it listens on a generic port.. I had to change my sabnzbd port in order to prevent a conflict. iirc, xampp doesn't require you to input the port either. however, mongoose does. it's an alternative to xampp if anyone can't get xampp to work. there's a small tutorial on how to use mongooes (and xampp) in my wii u tutorials in my sig. just substitute the files. the files on the sd are for wii u homebrew, so that will not be needed here. I think a flash drive will be needed instead.

 

also, it took less than 20 seconds on my last try. (using cell phone as server)

 

for Beatles fans: "I admit it's getting better. A little better all the time"

 

The eMMC access is an important step forward, now are in the same boat than the other superslims

 

Noobie here. I have a PS3 slim Cech-3004b model. I choose "Load ROP chain for NOR" because I have this model right?

Sent from my Zenfone Max using Tapatalk

 

Noobie here. I have a PS3 slim Cech-3004b model. I choose "Load ROP chain for NOR" because I have this model right?

yes

 

yes

Thanks a lot...now all I have to do is wait until PS3 powered down...

Sent from my Zenfone Max using Tapatalk

 

Thanks a lot...now all I have to do is wait until PS3 powered down...

Sent from my Zenfone Max using Tapatalk

I used the android version, and I do not know how long will it take...it is more simpler than the other method. I do not know if this will work. How will you know if it is still processing?

Sent from my Zenfone Max using Tapatalk

 

I used the android version, and I do not know how long will it take...it is more simpler than the other method. I do not know if this will work. How will you know if it is still processing?

Sent from my Zenfone Max using Tapatalk

readme.txt

read original post fully, and comments

 

Fedora 25 error.

# ./server.py
Traceback (most recent call last):
  File "./server.py", line 12, in <module>
  from capstone import Cs, CS_ARCH_PPC, CS_MODE_BIG_ENDIAN
ImportError: No module named capstone

python-2.7.13-2.fc25.x86_64 is installed and can run other python scripts no problem.

Tried installing capstone-3.0.4-6.fc25.x86_64.rpm but no difference.

 

Fedora 25 error.

# ./server.py
Traceback (most recent call last):
  File "./server.py", line 12, in <module>
  from capstone import Cs, CS_ARCH_PPC, CS_MODE_BIG_ENDIAN
ImportError: No module named capstone

python-2.7.13-2.fc25.x86_64 is installed and can run other python scripts no problem.

Tried installing capstone-3.0.4-6.fc25.x86_64.rpm but no difference.

we will test on linux with that soon and update OP with instructions. use Android, iOS, or Windows for now if you can or a VM.

hopefully we can sort that out shortly

sounds like an import error. are you running as root? you may try using the sudo command with the python path, if not. you may also try adding python to the system path with something like PATH=$PATH:/usr/bin/python if not already done so.

 

sounds like an import error. are you running as root? you may try using the sudo command with the python path, if not. you may also try adding python to the system path with something like PATH=$PATH:/usr/bin/python if not already done so.

Appreciate it. Yes, I am running as root. Tried installing capstone with "pip3 install capstone" as well but same thing there. Also tried on Fedora 24 and CentOS 7.3.1611.

No biggie. My hope was to find a solution and edit it into the post, but googling it left me with no better results =) Thanks.

 

My PS3 shut down already. Probably, it took 1 hour. How will I know if the process is successful?

Sent from my Zenfone Max using Tapatalk

 

My PS3 shut down already. Probably, it took 1 hour. How will I know if the process is successful?

Sent from my Zenfone Max using Tapatalk

Check that your IDPS.BIN is on your usb drive. There should be 16 bytes inside started with 00 00 00 01 00 8X 00 where X is your region code.

Just in case, please don't post here full IDPS, is per console ID that can be stolen for other console.

 

Check that your IDPS.BIN is on your usb drive. There should be 16 bytes inside started with 00 00 00 01 00 8X 00 where X is your region code.

Just in case, please don't post here full IDPS, is per console ID that can be stolen for other console.

Noted....thanks a lot

Sent from my Zenfone Max using Tapatalk

Noted....thanks a lot

Sent from my Zenfone Max using Tapatalk

I checked my USB, its empty? Why is that?

Sent from my Zenfone Max using Tapatalk

 

Noted....thanks a lot

Sent from my Zenfone Max using Tapatalk

I checked my USB, its empty? Why is that?

Sent from my Zenfone Max using Tapatalk

During dumping process you have it in most right usb connector? Is formatted FAT32? Also there can be compatibility issue with some rare USB3.0 drives, or with some multi partition added by manufacturers like Sandisk, etc.

To make sure USB is recognized, put it to right port, and check in xmb that is recognized. For example in Movies, or Music column.

 

And remember that a dodgy network connection can create all sorts of issues with the exploit as stated in the Readme.
So if your ps3 is connected via Wi-Fi you may want to rethink that, whether you consider it good enough or not...
It's highly recommended to use ethernet for this kind of operations.