[Released] JigKick for PSP-2000 (TA-088v3 supported)

[m0skit0]

That's illegal, period.

For the n-th time, keep this thread developing-related. Such dicussions should go on a more generic PSP forum like PSP/General.

[Gamefreeak100]

This is a reason. Not just about that time Sony version numbers checked, no, it's about the so-called IPL. The IPL (Initial Program Loader) is the kernel, which is the core of the PSP operating system. Pandora to start you have to change the IPL and then encrypt and sign again so that the PSP thinks it would be Sony.
But since nobody Sony codes for signing must have been infiltrating the home-made IPL a trick in the PSP. It worked earlier on a s.g. Time Attack in the encryption and decryption engine for the PSP (KIRK). Now it was assumed that Sony has entered into the new motherboard TA088v3 this bug and it would be impossible to bring the PSP to the custom IPL to start. But this is not the case. To understand what Sony has done it has to look at the IPL a closer look:

The IPL is divided into 0 × 1000 bytes large share (equivalent to 4096 bytes). These parts are again divided into blocks. The first block is 0xA0Byte large (160 bytes). This includes decrypting Sony's signature, data, etc. This is followed by 0xF40Bytes large block (3648 bytes). This contains the actual data of the IPL, encrypted. This block is called the body. On the body now follow again 0x20Bytes (32 bytes). These 32 bytes are the difference between TA088v3 and its predecessors: Until now, these 32Bytes generated simply by chance and had no function.

The PSP has simply ignored. The new TA088v3 board is different. The first 0 × 10 bytes (16 bytes) of it is probably a hash of the unknown (probably decrypted) data block of the IPL. The remaining 0 × 10 bytes (16Bytes) are probably a hash of what is not known. If you now how to find out these 0 × 20 bytes is generated TA088v3 and probably even cracked the PSP3000.