[PS3] CEX to DEX, connecting the dots

I’m a bit late on the “CEX to DEX” news, but sometimes it’s better to be late, in order to have a good overview of something.

If you’ve been following the PS3 scene sites this week, you’ve probably seen that a new “hack” was released, that has been nicknamed “CEX to DEX”. Later on, PS3 dev naehrwert explained the process on how the information was obtained, although most scene websites failed to make a connection between his quite complex technical explanation and the leak. Most of them treated that as two pieces of unrelated information.

In this article I’ll try to connect the dots, but please bear with me as I am still an external observer of the PS3 scene, being myself stuck in 4.11 (damn you, Uncharted 3!)

Why this is interesting for the end users

Ok, first of all, what is this hack useful for, in other words, what does it do?

Let’s start with the basics. Retail PS3 units (the ones we buy in stores) are codenamed CEX. Debug PS3 units are codenamed DEX. What this hack does is allow any Retail unit (CEX) to be converted into a Debug unit (DEX). A DEX unit lets you, among other things, install a Debug firmware on the PS3 through the recovery menu (you can’t do that on a CEX PS3).

A Debug firmware is interesting because it allows to run official blu rays as well as unsigned content. This means homebrews, but also potentially unsigned official games. In theory a 4.21 Debug firmware could run backups of newer games (3.6+), which is where it gets interesting (currently AFAIK the only way to do that is to use one of the piracy dongles, and it only works for a few games).

There is of course a “catch” to this: 3.6+ games backups would need to be not signed, and such things are not easy to find on the internets (if they can be found at all).

So in theory this release could be good for pirates, and bad for dongles, but practically it doesn’t change much on that front.

However, this opens something new for people who have been on 3.55 CFW and don’t want to upgrade: the possibility to run official 3.6+ Blu rays.

So let me summarize here. A 4.xx Debug firmware can:

  • run unsigned < 3.55 game backups (those are apparently easy to find) (a 3.55 CFW can do that)
  • run unsigned eboots (homebrews) (a 3.55 CFW can do that)
  • run unsigned 3.6+ game backups (a 3.55 CFW can’t do that, but those are impossible to find anyways)
  • run all official (legit blu ray) games up to 4.xx (a 3.55 CFW can only run up to 3.55! That’s the interesting bit)
  • Upgrade and downgrade at will between all versions of Debug firmwares

And please don’t quote me on that, as this is just my understanding of what a debug firmware allows, but I can’t confirm this myself as I don’t have a CFW. I’m just gathering the bits of information I’ve read here and there. But my understanding is, a 4.xx debug firmware gives you the best of both OFW and CFW: 3.6+ games and homebrews

What this cannot do

Since in order to convert your console from CEX to DEX, some per-console specific information needs to be obtained directly from your ps3, this is not a magical solution if you are currently stuck on a 3.6+ official firmware. You would still need to downgrade to a 3.55 CFW first (in order to run the tools necessary for the hack) using a hardware chip, and then run the hack from there to install a Debug firmware.

In other words, Going through 3.55 is a necessary step of this hack.

It is also worth noting that by running a Debug unit, you lose access to the PSN (which you can get back by installing a clean flash back).

Ok, let’s do this thing, where are the tools?

Ok, so, if you have a 3.55 console (if not, you need to downgrade, read the paragraph above!), you might want to try and convert your own console into a Debug version. For now, no “easy” tool is available to do this, sadly, and if you mess things up you could end up with a brick (also, do not try to get somebody else to send you their modified Flash, some of the encryption keys involved are specific to each console!). It is strongly recommended that you have a hardware flasher (and a clean dump of your flash) handy in case you mess things up..

If you’re lucky enough to have a 16MB NOR console (that’s the recent PS3 FAT and all PS3 Slim, see details here), you can use the tool C2D by andbey0nd to ease the process. It will build the stuff to flash for you, but you still have to provide the EID root key (obtained with metldrpwn)

If you’re a developer, you might want to download libeeid here, and use the sample provided as a base to build your own tool.

But ironically, the easiest way for now seems to follow the leaked guide below and do it manually.

Hi Scene Sorry for my bad English. I want to give you info you pls make public. I want be anonymous. I only can say I’m from Hong Kong. I have way to get a dex, it works and is complete nothing missing

Manual to get a dex (here is everything you needed) and you have a full working dex

EID0 Key Seed and EID0 Section Key Seed are hardcoded in the isoldr

EID0 Key Seed
AB CA AD 17 71 EF AB FC 2B 92 12 76 FA C2 13 0C
37 A6 BE 3F EF 82 C7 9F 3B A5 73 3F C3 5A 69 0B
08 B3 58 F9 70 FA 16 A3 D2 FF E2 29 9E 84 1E E4
D3 DB 0E 0C 9B AE B5 1B C7 DF F1 04 67 47 2F 85

EID0 Section Key Seed
2E D7 CE 8D 1D 55 45 45 85 BF 6A 32 81 CD 03 AF

If you dump they isoldr key (EID Root Key) with metldrpwn you got from 0×00 to 0x1F the EID Root Key and from 0×20 to 0x2F the EID Root IV

use AES Encrypt to Encrypt EID0 Key Seed as data with EID Root Key as Key and EID Root IV as IV

the result contains from 0×10 to 0×20 the EID0IV

and contains from 0×20 to 0×40 the EID0Key

use AES Encrypt to Encrypt the EID0 Section Key Seed as data with the EID0Key as Key and no IV

the result will be the first 0×10 bytes of the EID0 First Section Key

the second 0×10 bytes of the EID0 First Section Key are only 0×00 bytes

EID0 is located in NAND at 0×80870 and in NOR at 0x2f070

the first 0×20 bytes of EID0 are not encrypted

at the fifth byte of EID0 (NOR example 0x2f075) your target ID is located change it to 0×82 (Debug Target ID)

use AES Decrypt to decrypt the first EID0 Section (NOR example 0x2f090). The size of the first Section is 0xC0 bytes. Use the EID0 First Section Key as Key and the EID0 IV as IV

Build the CMAC (OMAC1) hash of the decrypted EID0 Section from 0×00 to 0xA8 with EID0 First Section Key as Key. The calculated hash has to be the same as the bytes in the decrypted EID0 Section from 0xA8 to 0xB8.

At 0×5 of the decrypted EID0 Section is your target id again change it to 0×82 again

0xB8-0xC0 of the decrypted EID0 Section should be just 0×00 bytes

after you changed the target ID of the decrypted EID0 Section, create the CMAC hash of the new decrypted EID0 Section and write the new hash to the decrypted EID0 Section

use AES Encrypt to encrypt the EID0 Section and write it back to the NOR (NAND).

Now install dex Firmware with the recovery menu.

HINT: Got Petitboot on emer init go to boot gameos and do emer init again to get to the recovery menu.

You can’t login to the PSN because IDPS is obviously not valid from now on.

THIS CAN BRICK YOUR CONSOLE IF NOT DONE CORRECTLY.

有志者,事竟成 “Where a will, there is way”
一不做二不休 „You start something, you have to finish it”

The connection with naehrwert

This hack was revealed as a leak. It seems obvious (based on his recent blog post) that naehrwert was part of the people working on all the reversing work required to access this information. It is likely that this information was part of a larger scale work, and obviously for these devs the leak was not a good piece of news. I can relate, getting your work leaked at the most inappropriate time is never good. This is probably what pushed later on an “anonymous” dev to publish the work that led to this hack in the first place, in the form of a C library that any dev can now use (libeeid, download link below).

Then again, as I described above, I don’t see why this could lead to anymore piracy than there is already on the PS3 (3.6+ games are still “safe” until somebody can publicly decrypt them), so the excuses about this work leading to piracy are probably just words. On the other hand, as naehrwert mentioned, I can picture an army of noobs asking questions on how they can pirate 3.6+ games on DEX machines from now on :)

The Technical details

So how does that hack work? Ok, I’m trying to dumb that down as much as possible here: there are special locations in the flash memory of the PS3 that indicate if the unit is a Retail machine or a Debug machine. Reading/Writing this information requires to both know where it is located and how to decrypt/encrypt it. How this information was found is what naehrwert explains in his blog post (note: Finding and understanding this required dozens – hundreds? – of hours of reverse engineering of some parts of the PS3 firmware, which also explains why some people are pissed about that leak.).

The information lies in the Appliance Info Manager module, a module in charge of …describing the specs of the current unit, I assume, given its name.

The encryption/decryption keys are all inferred from the eid0 key seeds for this specific module. These key seeds were obtained by reading the metadata of the module, as explained by naehrwert. From there, the whole process explained in the leak is just a series of decrypt / replace / encrypt data, based on the algorithms that were reverse engineered.

The key point here is that the Target ID of the unit is replaced with 0×82 (you’ll see that number a lot in the leaked CEX to DEX hack), which symbolizes a Debug unit. The target ID is a key identifying the type of a unit, as described here.

Speaking of TargetID, the holy grail of the Debug units is 0×81, the DECR unit which apparently can also decrypt anything we want. Those are suspected to require specific hardware and firmwares however…and the legend says that some scene devs own one.

Conclusion

Until this week, people who legitimately wanted to stay on a Custom Firmware for homebrew reasons could not play recent PS3 games they owned. With such a technique, they now have a possibility to run their 3.6+ blu rays without sacrificing homebrew. As far as I can tell, this does not “bring more piracy to the PS3″, for now. It just allows more legitimate use of the PS3 for honest homebrew users.

Downloads

The tools mentioned in this article can be downloaded below. Please note that for now, most of them are not tools aimed at the “end user”, although such tools might happen sometime soon.

download libeeid

download C2D

  1. BattaTrattaKill’s avatar

    cool post man. I still believe your’e better off on the Handheld scene than on home consoles (ps3).

    Reply

    1. jurian_assassin’s avatar

      and i believe he can do both

      Reply

  2. Grand’s avatar

    Nice explanation! Thx for this. So when i understand correctly u must be on 3.55 OFW right? Could be this extended someday for 3.55 – 4.XX or is this impossible?

    Reply

    1. UE’s avatar

      No man you must be on 3.55cfw to use this, thankfully anyone who is on 3.55ofw can easily upgrade to 3.55cfw

      Reply

  3. PSX’s avatar

    I wish Wololo was in the PS3 Scene!

    Reply

  4. Medox’s avatar

    Great article but regarding the piracy potential of this… it will lead to more piracy. If you check some scene forums you’ll see people being able to run 3.60+ games from a usb hdd by using the dex bd emulator.

    You are not wrong about unsigned eboots, just that Sony had a ‘genius’ at work again… and one can run ANY game using the bd emu IF it has an retail update (most have).

    Check the latest posts from the original thread on ps3news for more.

    The downside is that you can’t put a lot of games on the usb hdd (which also has to be sacrificed “just” for this), but that will change I guess.

    Reply

    1. UE’s avatar

      If you see the scene forums you will see a lot of people claiming a lot of things…

      Your info is pretty off and I do not have the energy to correct it atm…

      Reply

      1. Medox’s avatar

        I know it also has something to do with edats being in said update packages and other mumbo-jumbo (that’s why I said to check the original thread for more) but it’s possible and confirmed by legit users (from other forums too) that you can run 3.60+ backups. Not only confirmed but also explained.

        Maybe some games can’t use the exploit or something like that but anyways. 3.60+ backups on 4.xx dex is possible and confirmed. No need to get the energy to correct me.

        Reply

  5. Korben’s avatar

    Really ? An article about DEX/debug unit/firmware without point out that it is easier to debug PlayStation 3 application with this (or maybe i’ve missed this part) ? :D

    Anyway, except this little tease, it is obvious that this blogpost is one of the best article/news about this subject. It is ironic because like you said (Wololo), you’re not even in the “PlayStation 3 scene”.

    So this proves that i was right about this (see an old discussion on another news).

    Well, good read, thanks Wololo.

    ps : It is funny to see the “old Troll(s)” reappear in the PS3 forums, saying some “facts” (this means the usual semi-facts/lies they tell) about this subject.

    subscript/tips : I’m talking about some people who converted (or helped to convert) retail in debug and sold (or helped to sold) them after the process. By the way, they were not using the same method that the “naehrwert’s group” are using.

    re-ps : It seems the leak was done by zecoxao (or not ?), how the hell did he mange to got a hand on the “naehrwert’s group” work ? Yet another “snoop” lurking on (private ?) IRC.

    Reply

  6. Mitdog’s avatar

    I have a debug/ test unit untried to run ratchet and clank 4 on 3.55 and it asked me update nomater what setting I am on so for anyone trying the cex to dex just for games that run on higher firmwares it does not work
    This is just me so maybe some one knows better but it did not work nomater what dev setting I have it on

    Reply

  7. ViRGE’s avatar

    So my knowledge of PS3 security is a little shaky, but with the ability to run unsigned code on a 4.xx console, what is keeping hackers from being able to recover the decryption keys for 3.6+ games and/or having the console decrypt said games?

    Obviously the firmware has them since it’s using them for 3.6+ Blu-Ray games, so everything needed is present. It just seems like there’s very little protection left at this point.

    Reply

    1. wololo’s avatar

      Yes, this sounds like a correct statement, based on my own limited understanding of how it works. Other people (with more knowledge than me) have contacted me, saying it’s a matter of days before techniques on how to run 3.6+ backups are made public on these firmwares.

      Reply

  8. jd20dog’s avatar

    this is awesome
    but ill wait on a better guide for the old a01 ps3′s
    i have an 80gb for official games so its not that necessary to risk the a01 yet
    4.xx cfw here we go lol

    Reply

  9. madking’s avatar

    Great read man, thanks! I waited a while to play my legit copy of Arkham City, but eventually ended up just trading it in for for the 360 version :\ Would this have allowed me to use the TB eboot to play it donglefree?

    Reply

  10. Bruno’s avatar

    So it is possible to install a Dexfw on a console that has come from the factory with a 3.6 +?
    Is that it?

    Reply

  11. john smith’s avatar

    Ow I know I don’t know too much.but I read that the dex 4.11 fw was leaked.so could we some how update our cex to dex consoles to 4.11 and then download psps or even vita psn files on the internet then put them on the console then transfer them over to our vita and since we made the ps3 think theyre legit we could make the vita think its legit somehow too

    Reply

  12. morganfreeman2013.webs.com’s avatar

    Hello, i read your blog from time to time and i own a similar one and i was just wondering
    if you get a lot of spam remarks? If so how do you prevent it, any plugin or anything you can suggest?
    I get so much lately it’s driving me crazy so any assistance is very much appreciated.

    Look into my site: morganfreeman2013.webs.com

    Reply

Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>