Post: Reverse engineering of PSJailbreak
08-24-2010, 02:49 PM #1
Sarmas
Gym leader
(adsbygoogle = window.adsbygoogle || []).push({}); Keep looking out for more info ! updating !


on and lol at .. You must login or register to view this content.

Keep this thread mainly for infomation and links to figuring out how to cheapy make this device ourselfs and learn something in the progress Smile please source from where you got your infomation or how you worked it out.


all coming from this source You must login or register to view this content.
Micro, PIC, 32K Fl, TQFP44, PIC18F4550-I/PT

Data Bus Width 8Bit
Device Core PIC
Family Name PIC18
Instruction Set Architecture RISC
Interface Type SPI/I2C/EAUSART
Maximum Clock Rate 48MHz
Maximum Operating Temperature 85 ° C
Maximum Speed 48MHz
Minimum Operating Temperature -40 ° C
Mounting Surface Mount
Number of Programmable I / Os 35
Number of Timers 4
On-Chip ADC 13-chx10-bit
Pin Count 44
Product Height 1
Product Length 10
Product Width 10
Program Memory Size 32
Program Memory Type Flash
RAM Size 2KB
Supplier Package TQFP
Typical Operating Supply Voltage 5V

And here's a Pin layout for chip on the actual psjailbreak hardware i threw together for you: You must login or register to view this content.

Full datasheet: You must login or register to view this content.

All that's left are a couple SMT's, a crystal oscillator, some surface mount LED's and for someone to take a psjailbreak, stick it in any 18F compatible pic writer and dump the hex contents of the chip and slap it on a bunch of new chips, the single layer PCB is really, really basic.

And the bad part?, As far as the original makers are concerned, the device is so simple that it will be no different, in any way, to the original, when cloned.

Think of this, not as a PS2 modchip, but more like the original PIC based ps1 modchip - The only thing that differentiated the various models was the code on them, not the hardware itself - the hardware will be the same, as will the contents of the chip.

Oh, and for the record, the parts (not in bulk, but for a single unit, from connectors to chip and so on), is £ 5.68 ($ 8.82), if you were making these things in bulk, that price drops to £ 2.14 ($ 3.32) per unit.

People buying the thing at $ 170AUS either have more money than sense, or no sense at all.

also

You must login or register to view this content.


Some more help . PLease post info .. maybe should make a new thread just on reverving this jig
You must login or register to view this content.

REP IF ANYTHING HELPED !!!

have few more things coming.. . working on finding links to orders chips and parts Smile

other info source from

You must login or register to view this content.

Earlier today we reported that the PSJailBreak PS3 modchip is easily dumped and that PSJailBreak clones are already on the way, and now some PlayStation 3 developers are working on reverse-engineering the costly USB device in hopes to make a less expensive or free scene alternative available soon.

Tsujin, knightsolidus and bushing have made brief attempts at determining the PSJailBreak IC chip and pin-out, while Neme6 of Logic-Sunrise (linked above) has also shared his findings thus far.

More pictures are available You must login or register to view this content. for those curious, and to quote, roughly translated on the linked pics:

"Many teams are studying the JSP to try to clone a low cost and how it works. From the photos released, I tried to determine the electronic design of PSJ.

Here is the result of my work and my observations. Feel free to post if can lighten the shadows that remain.

First ICP is probably the type PIC18F declination 4455, 4550, 4458, 4553. The size of the EEPROM is 256 bytes."

Comments:

Components (red dots)
A: Resistor, 1K
B: LED
C: LED
Sad Awesome Resistor, 1k
E:?? Resistor ?? Resistor??
F:?? Capacitor ?? Capacitor??
G:?? Resistor ?? Resistor??
H:?? Resistor ; 1K (Pullup resistor) ?? Resistor, 1K (pullup resistor)??
I:?? Capacitor ?? Capacitor??
J: Capacitor, 100nF (Decoupling cap)
. . : XTAL

- The blue dots A, B and D control the LEDs.
- The blue dots ¤ K, L, G and H are for power (Vdd, Vss).
- I suppose the blue dots M, I and J are to program the PIC (ICPGC, ICPGD, / MCLR).
- Points E and F are blue and OSC1 OSC2. They should be connected to XTAL (orange dots A and B).
- And the GND (file alpha) through two 22pF capacity.
- The orange dot ¤ F, there should be a link with USB.D-(I can not quite see from the photos).
- Maybe the orange dot at point C is connected blue M (ICPGC).
- Maybe the orange dot C is connected to pin 33 (/ ICRST).
- I guess the orange dot E is connected to a via (through hole) noted alpha.

Read more: You must login or register to view this content.

You must login or register to view this content.

You must login or register to view this content.

You must login or register to view this content.

service jig that was leaked

You must login or register to view this content.

German website GameFreax has claimed to have successfully reverse engineered PS Jailbreak. They
bring out some important information that was
previously unknown. First off,PSJailbreak was apparently NOT a clone of Sony ’s JIG,
instead its a legitimate exploit that was developed. Second,we can NOT upgradePSJailbreak without the use of
additional hardware - maybe the company planned to sell another component to
upgrade the unit?Here is the translated post:


We have taken a closer look at this PSJailbreak dongle
We can confirm that the PSJailbreak is not a clone of Sony ’s “Jig” module.
PSJailbreak is a self-
developed exploit. The
chip is not a PIC18F444 but a ATMega is used with a software USB interface. This means the chip is internally capable of emulating any USB device. PSJailbreak emulates a 6 Port USB hub on which different devices will later be
connected and then
disconnected. One of
these devices has the
product:vendor ID of
Sony ’s “Jig” module,
which means this had
played a certain role
during the development of PSJailbreak role.But lets start from beginning: When the PS3 is powered on … A USB emulation device will be connected, which has a too large of a Configuration Descriptor.This Descriptor overrides
the stack with a PowerPC shellcode that gets executed. Now, various USB devices are connected to the emulation USB hub. One device has a large Descriptor with a size of 0xAD, which is part of the exploit and contains static data. A short time later (we are talking
milliseconds here) the jig module is connected, and encrypted data is transmitted to the jig
module. A few milliseconds later, the Jig module answers with 64 byte static data, all USB devices are then disconnected, and a new USB device is connected and the PS3 launches with ‘a new feature’.

PSJailbreak is NOT
software update-able.
The Update feature
which is mentioned, can be done just with
hardware modifications.
So by ‘update’ they mean ‘buy more of our stuff’

Source: gamefreax.de/psjailbreak-reverse-engineered.html

You must login or register to view this content.
Last edited by Sarmas ; 08-27-2010 at 02:13 PM.

The following user thanked Sarmas for this useful post:

ihaxgames
08-24-2010, 03:21 PM #2
lmao at the cost of parts!! thought it would be cheap but not that cheap!Happy
08-24-2010, 04:16 PM #3
I totally agree I mean think about it....what REALLLY makes it over 170 dollars...I mean cmon...it couldnt have been that hard to make...to allow them to sell it for that price. I mean seriously...is it just me or is the price they are selling it for UNrealistic?
08-24-2010, 04:17 PM #4
SUPERIMIAINI
Machete Don't Text!
After all these years $8 bucks is what Jail Breaks the PS3....LOL :wtf: WOW! talk about a mark up price, I mean they could offer this @ $75 bucks and still be making a profit.
08-24-2010, 04:29 PM #5
-Skyline
Anonymous
Even if they sold it at 1/2 the price they are now, I'd be all for it... but $170 is disgusting seeing as the only important part of the device is the data witheld on it.
08-24-2010, 04:30 PM #6
ZoneHD
Shiver do you lift?
Who here actually has brains to make one of these Smile

The following user thanked ZoneHD for this useful post:

HOST Lee
08-24-2010, 05:41 PM #7
Maybe they know it will be cloned soon so they are trying to make as much as possible from the get go before people stop buying
08-24-2010, 05:42 PM #8
shiver
chaos personified
This is a get in get the $$ quick and get out thing.
08-24-2010, 06:25 PM #9
ryan saa
At least I can fight
that is some profit they are making per unit!!
08-24-2010, 07:03 PM #10
Originally posted by MaJiCXx
If you look someone themselves could make this if they took the time to, instaed of paying a ridiculous price for it, and we would actually get it to work, not this back up manager shit!


Still need to know what is programmed into it to make it work.

Copyright © 2024, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo