PS3 4.0 CFW does nothing realy download inside+ manga!

We reported a firmware 4.0 mod by a developer name ps3hen here. Today he has released an updated version of his mod, namely PS3 4.0 Hybrid Firmware. In this second release he has added debug XMB items, the removal of the PS Plus item and cinavia removal. Please note that this requires you to be on custom firmware 3.55 and below, also a hardware flasher is required.

To Quote:

Following up on the previous update of my PS3 4.00 Dev_Flash mod, today I’ve released version 2 of my PS3 4.00 HFW (Hybrid Firmware).

Remember only retail signed .pkg can be installed with this. Have fun. THIS HFW WILL NOT ALLOW HOMEBREW!

An important message for users upgrading from a QA Flagged console: If this console is updated to my 4.00HFW from a QA Flagged console, it will not be able to access the extra System Settings provided by QA Flagging. However all settings made with the QA Debug Settings will remain, EXCEPT “System Debug Update”.

Extra Credits: This HFW uses the “XMB File Manager” by DeViL303 which is a modification of Team Rebug’s “Packages Manager”.

Changelog v2:

  • Adds “Debug XMB Items” to the XMB Column “PlayStation Network” (contains the Debug items found in this column, originally for DEX)
  • Removes the useless “PlayStation Plus” XMB item from the XMB Column “PlayStation Network”
  • Disables Cinavia DRM on all media except Blue-ray.


  1. Be on a firmware 3.55 or less
  2. Install the .pup through the XMB (Make sure you have a working hardware flasher as there is no other way to downgrade)

Download: PS3 4.0 Hybrid Firmware v2

ive been promising manga for ages and!!!! i finally deliver!

Great Teacher Onizuka

its about a perverted 22 year old virgin that aspires to become the greatest of anything at the start and alot of hilarious situations occur

i had promised somthing for late december here it is grab it while its hot the english patch to steins;gate

you can download Geckoey Lurker’s patch here as well


the patch is pretty good although there is some grammar issues with it its playable rather then wait for JAST to release it in the next 3 years some people decided they dont want to wait and i agree if you need the game just google it and look for it on a site nyaa is a good place to start

RIP megaupload

MegaUPLOAD, the source for many types of downloads, including PS3 Homebrew and Tools, and everything else… has been shutdown by the F.B.I. and the U.S. Justice Department. Basically this is the biggest case of this kind there has ever been, and the Feds are really throwing the book at these guys. They got them on charges of Racketeering, Copyright Infringement, and even Money Laundering. And just a day after the “Internet Blackout“, what a coincidence.


F.B.I. Official Statement: Click to View!

WASHINGTON—Seven individuals and two corporations have been charged in the United States with running an international organized criminal enterprise allegedly responsible for massive worldwide online piracy of numerous types of copyrighted works through and other related sites, generating more than $175 million in criminal proceeds and causing more than half a billion dollars in harm to copyright owners, the U.S. Justice Department and FBI announced today.

This action is among the largest criminal copyright cases ever brought by the United States and directly targets the misuse of a public content storage and distribution site to commit and facilitate intellectual property crime.

The individuals and two corporations—Megaupload Limited and Vestor Limited—were indicted by a grand jury in the Eastern District of Virginia on Jan. 5, 2012, and charged with engaging in a racketeering conspiracy, conspiring to commit copyright infringement, conspiring to commit money laundering, and two substantive counts of criminal copyright infringement. The individuals each face a maximum penalty of 20 years in prison on the charge of conspiracy to commit racketeering, five years in prison on the charge of conspiracy to commit copyright infringement, 20 years in prison on the charge of conspiracy to commit money laundering, and five years in prison on each of the substantive charges of criminal copyright infringement.

The indictment alleges that the criminal enterprise is led by Kim Dotcom, aka Kim Schmitz, and Kim Tim Jim Vestor, 37, a resident of both Hong Kong and New Zealand. Dotcom founded Megaupload Limited and is the director and sole shareholder of Vestor Limited, which has been used to hold his ownership interests in the Mega-affiliated sites.

In addition, the following alleged members of the Mega conspiracy were charged in the indictment:

  • Finn Batato, 38, a citizen and resident of Germany, who is the chief marketing officer;
  • Julius Bencko, 35, a citizen and resident of Slovakia, who is the graphic designer;
  • Sven Echternach, 39, a citizen and resident of Germany, who is the head of business development;
  • Mathias Ortmann, 40, a citizen of Germany and resident of both Germany and Hong Kong, who is the chief technical officer, co-founder and director;
  • Andrus Nomm, 32, a citizen of Estonia and resident of both Turkey and Estonia, who is a software programmer and head of the development software division;
  • Bram van der Kolk, aka Bramos, 29, a Dutch citizen and resident of both the Netherlands and New Zealand, who oversees programming and the underlying network structure for the Mega conspiracy websites.

Dotcom, Batato, Ortmann, and van der Kolk were arrested today in Auckland, New Zealand, by New Zealand authorities, who executed provisional arrest warrants requested by the United States. Bencko, Echternach, and Nomm remain at large. Today, law enforcement also executed more than 20 search warrants in the United States and eight countries, seized approximately $50 million in assets, and targeted sites where Megaupload has servers in Ashburn, Va., Washington, D.C., the Netherlands, and Canada. In addition, the U.S. District Court in Alexandria, Va., ordered the seizure of 18 domain names associated with the alleged Mega conspiracy.

According to the indictment, for more than five years the conspiracy has operated websites that unlawfully reproduce and distribute infringing copies of copyrighted works, including movies—often before their theatrical release—music, television programs, electronic books, and business and entertainment software on a massive scale. The conspirators’ content hosting site,, is advertised as having more than one billion visits to the site, more than 150 million registered users, 50 million daily visitors, and accounting for four percent of the total traffic on the Internet. The estimated harm caused by the conspiracy’s criminal conduct to copyright holders is well in excess of $500 million. The conspirators allegedly earned more than $175 million in illegal profits through advertising revenue and selling premium memberships.

The indictment states that the conspirators conducted their illegal operation using a business model expressly designed to promote uploading of the most popular copyrighted works for many millions of users to download. The indictment alleges that the site was structured to discourage the vast majority of its users from using Megaupload for long-term or personal storage by automatically deleting content that was not regularly downloaded. The conspirators further allegedly offered a rewards program that would provide users with financial incentives to upload popular content and drive web traffic to the site, often through user-generated websites known as linking sites. The conspirators allegedly paid users whom they specifically knew uploaded infringing content and publicized their links to users throughout the world.

In addition, by actively supporting the use of third-party linking sites to publicize infringing content, the conspirators did not need to publicize such content on the Megaupload site. Instead, the indictment alleges that the conspirators manipulated the perception of content available on their servers by not providing a public search function on the Megaupload site and by not including popular infringing content on the publicly available lists of top content downloaded by its users.

As alleged in the indictment, the conspirators failed to terminate accounts of users with known copyright infringement, selectively complied with their obligations to remove copyrighted materials from their servers and deliberately misrepresented to copyright holders that they had removed infringing content. For example, when notified by a rights holder that a file contained infringing content, the indictment alleges that the conspirators would disable only a single link to the file, deliberately and deceptively leaving the infringing content in place to make it seamlessly available to millions of users to access through any one of the many duplicate links available for that file.

The indictment charges the defendants with conspiring to launder money by paying users through the sites’ uploader reward program and paying companies to host the infringing content.

The case is being prosecuted by the U.S. Attorney’s Office for the Eastern District of Virginia and the Computer Crime & Intellectual Property Section in the Justice Department’s Criminal Division. The Criminal Division’s Office of International Affairs, Organized Crime and Gang Section, and Asset Forfeiture and Money Laundering Section also assisted with this case.

The investigation was initiated and led by the FBI at the National Intellectual Property Rights Coordination Center (IPR Center), with assistance from U.S. Immigration and Customs Enforcement’s Homeland Security Investigations. Substantial and critical assistance was provided by the New Zealand Police, the Organised and Financial Crime Agency of New Zealand (OFCANZ), the Crown Law Office of New Zealand,and the Office of the Solicitor General for New Zealand; Hong Kong Customs and the Hong Kong Department of Justice; the Netherlands Police Agency and the Public Prosecutor’s Office for Serious Fraud and Environmental Crime in Rotterdam; London’s Metropolitan Police Service; Germany’s Bundeskriminalamt and the German Public Prosecutors; and the Royal Canadian Mounted Police-Greater Toronto Area (GTA) Federal Enforcement Section and the Integrated Technological Crime Unit and the Canadian Department of Justice’s International Assistance Group. Authorities in the United Kingdom, Australia, and the Philippines also provided assistance.

This case is part of efforts being undertaken by the Department of Justice Task Force on Intellectual Property (IP Task Force) to stop the theft of intellectual property. Attorney General Eric Holder created the IP Task Force to combat the growing number of domestic and international intellectual property crimes, protect the health and safety of American consumers, and safeguard the nation’s economic security against those who seek to profit illegally from American creativity, innovation, and hard work. The IP Task Force seeks to strengthen intellectual property rights protection through heightened criminal and civil enforcement, greater coordination among federal, state, and local law enforcement partners, and increased focus on international enforcement efforts, including reinforcing relationships with key foreign partners and U.S. industry leaders. To learn more about the IP Task Force, go to


Source: FBI.Gov

[Report Your Own PSX-Scene Related Topics, Member News Submissions!]

tthoughts – Personally, I know this will affect my collections, and their links. Other users will have to start using something else to upload their files with; but who knows, it could just be a matter of time before more and more things get shut down. Anyone remember when Clinton was in the office, and he tried to shut down the Internet’s “Adult-Stuff”. If this is all Obama is going to bring (LESS INTERNET), count me out

Also, it appears the hacktivist group anonymous is back, with a neat message about the situation.

ps3 4.0 HEN update

As you all know Kakaroto famous PS3 Scene dev who first got around to making CFW for the 3.55 has yet again astounded us by jailbreaking “Kind Of” firmware 4.00. However, this is not a full jailbreak but a HEN of sorts that would enable homebrew on systems running firmware 4.00. Kakaroto had discovered this exploit on firmware 3.73 only days before Sony releasing update 4.00 in regards to the PS Vita. Today we get information from Kakaroto’s blog stating the current update of his feat. However, there has been some conflict between a former scene dev who had claimed that he had access to lv0. Due to further findings from Kakaroto and his team, and following the “fake riddles” that were provided by mathieulh led to an argument. More information about the latest update on Kakaroto’s HEN can be found on his website.


Here’s a “quick” status update on the 4.00 HEN (Homebrew ENabler) for PS3.

Following my clarifications from almost 2 months ago here, there has been a lot of progress. We have not been slacking off, we’re a group of about 10 developers working together for the last 2 months, for sometimes 15 hours everyday in order to bring back homebrew support to the latest version of the PS3.

There are three major parts to the HEN, first, getting the packages to install on the PS3, that part is done, completed, tested, debugged, etc.. the second part is to get the apps to run, that one still has major issues… the last part is something I will not discuss for now (it’s a surprise) but it’s about 60% to 70% done (and it has nothing to do with peek&poke and has nothing to do with backup managers or anything like that. This is and will stay a piracy-free solution for the PS3).

Now, running apps is the biggest challenge that we’ve been working on for the past 2 months. As some of you know, if you’ve been following me on Twitter, we originally had hoped for Mathieulh to give us the “npdrm hash algorithm” that was necessary to run the apps, but he was reluctant, he kept doing his usual whore so people would kiss his feet (or something else) so he’d feel good about himself. But in the end, he said that he refuses to give us the needed “npdrm hash algorithm” to make it work… So what I initially thought would be “this will be released next week” ended up taking a lot more time than expected, and we’re still nowhere near ready to make it work.

Mathieulh kept tossing his usual “riddles” which he thinks are “very helpful for those who have a brain”, and which pisses off anyone who actually does… so he told us that the solution to all our problems was to look in appldr of the 3.56 firmware.. and that it was something lv1 was sending appldr which made the “hash check” verified or not… so we spent one month and a lot of sweat and after killing a few of our brain cells out of exhaustion, we finally concluded that it was all bullshit. After one month of reading assembly code and checking and double-checking our results, we finally were able to confirm that that hash algorithm was NOT in the 3.56 firmware like he told us (at all).

He said that it was an AES OMAC hash, but after tracking all the uses of the OMAC functions in appldr, we found that it was not used for the “hash”… he then said “oh, I meant HMAC“, so we do that again and again come up with the same conclusion, then we’re sure it’s not in appldr, and then he says “ah no, it’s in lv1“.. have a look for yourself to what he decided to write : eak%C2%B4

That happened after the huge twitter fight I had with him for being his usual arrogant ass and claiming that he “shared” something (For your information, the code that he shared was not his own, I have proof of that too (can’t show you the proof because even if I don’t respect him, I gave him my word to not share what he gave me, and I respect my word) since he forgot to remove the name of the original developer from one of the files… also it was completely useless and was not used at all, just made me waste a day reading the crappy undocumented code. So why is he still trying to force his “advice” through these riddles even after we had that fight? Well to sabotage us and make us lose all those months of hard work!

So anyways, we had all accepted that Mathieulh was full of shit (we knew before, but we gave him the benefit of the doubt) and decided to continue working without considering any of his useless riddles. So we then tried to exploit/decrypt the 3.60+ firmware in order to get the algorithm from there.

Now, a few more weeks later, we finally have succeeded in fully understanding that missing piece from the “npdrm hash algorithm”, and here it is for everyone’s pleasure with some prerequisite explanation :

A game on the PS3 is an executable file in a format called a “SELF“file (kind of like .exe on windows), those “self” files are cryptographically signed and encrypted.. For PSN games (games that do not run from a bluray disc), they need to have an additional security layer called “NPDRM”. So a “npdrm self” is basically an executable that is encrypted and signed, then re-encrypetd again with some additional information. On 3.55 and lower, we were able to encrypt and sign our own self files so they would look like original (made by sony) “npdrm self” files, and the PS3 would run them without problem. However, it wasn’t really like an original file.. a real NPDRM self file had some additional information that the PS3 simply ignored, it did not check for that information, so we could put anything in it, and it worked. Since the 3.60 version, the PS3 now also validates this additional information, so it can now differentiate between NPDRM self files created by sony and the ones that we create ourselves for homebrew. That’s the “npdrm hash algorithm” that we have been trying to figure out, because once we can duplicate that information in the proper manner, then the PS3 will again think that those files are authentic and will let us play them.

Another important point to explain, I said a few times that the files are “signed”.. this means that there is an “ECDSA signature” in the file which the PS3 can verify. The ECDSA signature is something that allows the PS3 to verify if the file has been modified or not.. it is easy to validate the signature, but impossible to create one without having access to the “private keys” (think of it like a real signature, you can see your dad’s signature and recognize it, but you can’t sign it exactly like him, and you can recognize if your brother tried to forge his signature). So how were we able to sign the self files that were properly authenticated on 3.55? That’s because this “ECDSA signature” is just a very complicated mathematical equation (my head still hurts trying to fully understand it, but I might blog about it in the future and try to explain it in simple terms if people are interested), and one very important part of this mathematical equation is that you need to use a random number to generate the signature, but Sony had failed and used the same number every time.. by doing that, it was easy to just find the private key (which allows us to forge perfectly the signature) by doing some mathematical equation on it. So to summarize, a “signed file” is a file which is digitally signed with an “ECDSA signature” that cannot be forged, unless you have the “private key” for it, which is impossible to obtain usually, but we were able to obtain it because Sony failed in implementing it properly.

Now, back on topic.. so what is this missing “npdrm hash algorithm” that we need? well it turns out that the “npdrm self” has a second signature, so it’s a “encrypted and signed self file” with an additional layer of security (the NPDRM layer) which re-encrypts it and re-signs it again. That second signature was not verified in 3.55 and is now verified since the 3.60 version of the PS3 firmware.

One important thing to note is that Sony did NOT make the same mistake with this signature, they always used a random number, so it it technically impossible to figure out the private key for it. To be more exact, this is the exact same case as the .pkg packages you install on the PS3, you need to patch the firmware (making it cfw) so that those .pkg files can be installed, and that’s because the .pkg files are signed with an ECDSA signature for which no one was able to get the private key. That’s why we call them “pseudo-retail packages” or “unsigned packages”.

The signature on the NPDRM self file uses the exact same ECDSA curve and the same key as the one used in PS3 .pkg files, so no one has (or could have) the private key for it. What this means is that, even though we finally figured out the missing piece and we now know how the NPDRM self is built, we simply cannot duplicate it.

The reason we wasted 2 months on this is because Mathieulh lied by saying that he can do it.. remember when the 4.0 was out and I said “I can confirm that my method still works” then he also confirmed that his “npdrm hash algorithm” still works too? well he didn’t do anything to confirm, he just lied about it because there is no way that he could have verified it because he doesn’t have the private key.

I said I will provide proof of the lies that Mathieulh gave us, so here they are : he said it’s in 3.56, that was a lie, he said it’s an AES OMAC, that was a lie, he said it’s an HMAC, that was a lie, he said it’s in appldr, that was a lie, he said it’s in lv1, that was a lie, he said that he can do it, that was a lie, he said that “it takes one hour to figure it out if you have a brain”, that was a lie, he said that he verified it to work on 4.0, that was a lie, he said that he had the algorithm/keys, that was a lie, he said that once we know the algorithm used, we can reproduce it, that was a lie, he kept referring to it as “the hash”, that was wrong. The proof ? It’s an ECDSA signature, it’s not a hash (two very different terms for different things), it was verified by vsh.self, it was not in lv2, or lv1, or appldr, and the private key is unaccessible, so there is no way he could build his own npdrm self files. Now you know the real reason why he refused to “share” what he had.. it’s because he didn’t have it…

So why do all this? was it because his arrogance didn’t allow him to admit not knowing something? or was it because he wanted to make us lose all this time? To me, it looks like pure sabotage, it was misleading information to steer us away from the real part of the code that holds the solution…. That is of course, if we are kind enough to assume that he knew what/where it was in the first place. In the end, he wasn’t smart enough to only lie about things that we could not verify.. now we know (we always knew, but now we have proof to back it) that he’s a liar, and I do not think that anyone will believe his lies anymore.

Enough talking about liars and drama queens, back to the 4.0 HEN solution… so what next? well, we now know that we can’t sign the file, so we can’t run our apps on 3.60+ (it can work on 3.56 though). What we will do is look for a different way, a completely new exploit that would allow the files we install to actual run on the PS3. We will also be looking for possible “signature collisions” and for that we will need the help of the community, hopefully there is a collision (same random number used twice) which will allow us to calculate the private key, and if that happens, then we can move forward with a release.

When will the “jailbreak” be released? If I knew, I’d tell you, but I don’t know.. I would have said in last november, then december, then before christmas, then before new year, etc… but as you can see, it’s impossible to predict what we will find.. we might get lucky and have it ready in a couple of days, or we may not and it will not be ready for another couple of months.. so all you need to do is : BE PATIENT (and please stop asking me about an estimated release date)!

I would like to thank the team who helped on this task for all this time and who never got discouraged, and I’d like to thank an anonymous contributor who recently joined us and who was instrumental in figuring it all out. We all believe that freedom starts with knowledge, and that knowledge should be open and available to all, that is why we are sharing this information with the world. We got the confirmation (by finding the public key used and verifying the signatures) yesterday and since sharing this information will not help Sony in any way to block our efforts in a future release, we have decided to share it with you. We believe in transparency, we believe in openness, we believe in a free world, and we want you to be part of it.

If you want to know more about this ECDSA signature algorithm, read this interesting paper that explains it in detail, and you can also watch Team Fail0verflow’s that first explained Sony’s mistake in their implementation, which made custom firmwares possible.

Thanks for reading,


Source: Status update on the PS3 4.0 HEN

true blue proven to be a huge scam!

TeaM AC1D has announced that they know the secret behind the True Blue dongle and in the process calling the True Blue a scam. They explain that no real code is used but rather files from higher firmware and some of these files are compatible with older firmware, although the ones that don’t work need a little fixing. Below is an extract.

To Quote:

Finally, after a long period of a scene that got riddled and raped by money hungry dongle suppliers we uncover this big scam and show you how things like the true blue dongle actually work.

First of all, non of the code used comes from the true blue creators. All files used come directly from higher PS3 firmwares.

All you need to do is place them in the right folder and thats it. Of course this does not work with all the procdure quiet games so easy, some of the 3.6 + games load right away, otheres need some fixing.

They are basically charging you money for a small custom firmware, i would call it the biggest scam the ps3 scene a lot has ever seen and we have seen.

This scam needs to be stopped and we should all join hands to finally put to end to all of this. Use this information and do what you have to do.

Now lets sit back, await a release of the method so we can get our own legally purchased games running on custom firmware.

Thanks to psx-scene members tulla and itzViolence for the news submission.