Developer Blackdeath has released a new eEID0 Dumper that can be used with custom firmware 3.55 and the demonhades JBM 3.55, MA 3.56. According to reports based on a translation of the release this tool doesn’t require you to have Linux installed on your PS3 to convert CEX to DEX, if this is indeed the case than we would expect this to help a lot of people get the ball rolling… so you would think.
According to some developers who many of you should already know like Deank, Aldostools and BahumatLord. Basically what they believe is that there is still no way around the Linux install for this to work despite the claims made on other sites and in the rough translation from Blackdeath, here is what the developers had to say.
deank – Today, 06:16 AM
This “tool” is far from doing anything useful yet. It reads from your flash the “metldr” and “eEID” and saves them as files on the USB – nothing more, nothing less. It doesn’t decrypt anything, it doesn’t give you the keys, it doesn’t convert anything. You can get these two files by dumping your flash and extracting it with norunpack or cex2dex applications. You still need a way to use your “metldr” file and make the PS3 extract the key+iv so you can change the target_id and re-encrypt and write to the flash.
Tranced – Today, 06:32 AM
Hi Dean, Thanks for your input. What about the info/hint that naehrwert gives. Above tweets? Any input regarding that? Also could one say that the above is at least a start?
deank – Today, 06:40 AM
Tranced, I guess if one compiles it and finds a way to sign it properly and then execute it with proper privileges it will work as he said. Launching it from GameOS as lv2 app probably won’t work, because it has to be executed as secure_loader (the way the actual metldr is executed when PS3 boots). Back in November last year there was such compiled .self (still on the wiki) which was supposedly used to do the same job. I’ll check about that.
aldostools – Today, 08:24 AM
As deank says, to get the “metldr” and “eEID” files, just dump your flash with the latest build of multiMAN:
mmOS->Select any file->Open in HEX viewer->[SELECT]->[START]->DUMP LV2(NO)->DUMP LV1(NO)->DUMP FLASH(YES)
(for a NOR it takes only 5 seconds!!!)
Transfer the dumped file of the NOR or NAND flash (copied to the USB) to your PC, and use norunpack.exe:
norunpack.exe flash.BIN extract_folder
(it also takes another 5 seconds!!!)
In the extract_folder you will find the “eEID” (64KB) and inside the folder “asecure_loader” you will find the “metldr” (59KB):
Do not get confused, the “eEID” file is *not* used for CEX-to-DEX conversion. You only need the “metldr” file. An alternative method to extract “metldr” is using the CEX2DEX application by Gunner54.
With all these methods, the “metldr” is extracted ENCRYPTED!!!
Currently it is still required to copy your “metldr” file to “metldrpwn” folder, and *run* the script “run.sh” through PS3 linux (via OtherOS++ or the original OtherOS 3.15) to *decrypt* the “metldr” and get the “dump_eid0.bin” (it is not the same than the EID or eEID0 file!!)
It is “dump_eid0.bin” and the dump file of your PS3 flash what is required by C2D by andbey0nd or CEX2DEX by Gunner54.
The real PITA is get OtherOS++ & linux installed… the rest is easy if you follow the deank’s tutorial.
BahumatLord – Today, 08:40 AM
yup. Gotta agree with deank and aldostools. I don’t see a way around installing Linux no matter how big a pain in the ass it is. But like aldostools said once that’s done the rest is a piece of cake
if you are still curious about the release from the Demonhades team have a read of the release notes below.
Hello friends, after the method of filtration CEX2DEX the team decided to investigate this new field (for some) and not so much for others, that is why we are working to bring you the easiest method to move to Linux without requiring DEX. Today I present created by the dumper EID0 blackdeath with which we can dump all EID0 or directly CEX first section with only launch a pkg and have connected a USB port on dev_usb000, the instructions are on screen and are easy:
- START: To dump all EID0.
- SQUARE: To dump the first section of EID0 directly (eid0_1st_Section_CEX.bin).
- X: To dump metldr (Encryption) to USB and be prepared to exploit and get the dump of the decrypted metldr in subsequent steps. (New version)
Tell them to keep working this issue to not need linux as the next step is to dump the metldr without having to make so many things in linux but a quick and easy dump. The eEID0 is necessary for the process dump metldr As you know, and only the first section of eEID0 (That we get directly to this tool) is required for Conversion to a unit DEX / TEST.
Thanks BlackDeath, Checko, Tito01 and DemonHades