5,603,646 Members 36,717 Now Online
XDA Developers Android and Mobile Development Forum

[G1/32B] PSFreedom (v3 08/10/2010, hermes v3 payload)

Tip us?
 
.kAroshi
Old
(Last edited by .kAroshi; 8th October 2010 at 02:38 PM.) Reason: Payloads!
#1  
Member - OP
Thanks Meter 1
Posts: 66
Join Date: Apr 2010
Default [G1/32B] PSFreedom (v3 08/10/2010, hermes v3 payload)

Hello, since there seems to be some confusion I decided to start this thread for the G1, 32B port.

For the 32A version click here: http://forum.xda-developers.com/show....php?p=8039074

Note that all the work on PSFreedom was done by KaKaRoTo, and he was helped by DrMon in the MSM72K port, i merely compiled their work and put it in a simple package for everyone to enjoy.

Note also that I cannot test my G1 builds myself, as I have only a Magic 32A, so please do a Nandroid backup before testing them for the first time.

I created 2 packages, an enabler and a disabler, that you have to flash over your working CM 6.0 Final installation.
Flashing the enabler will install the modded kernel and PSFreedom module. You will lose usb functionality completely (no adb, no mass storage etc.) until you flash the disabler.
After flashing the enabler the module will always start upon boot, you have to enter no commands on the terminal emulator.

HOW TO:
Preliminary: Make sure you are on CyanogenMod 6.0 Final and everything is working correctly. It has been reported that it works also with older CM6 versions and CM5 too, you may try if it works and report it in this thread. If it's the first time, do a Nandroid backup before testing!

Now psfreedom should be loaded as a module, you will see no difference, except for the loss of normal usb functions.

To run the exploit:
Make sure you are on 3.41 (DO NOT UPDATE OVER THE NETWORK!)
  • Connect the phone to the PS3 using usb
  • Turn it off completely (unplug power cable or turn off back switch on Fat models)
  • Plug it back in (turn on back switch)
  • Turn it on and immediately press the eject button (you should hear 3 quick beeps)
  • Booting should take a bit longer (5-10 seconds)

If you see two new options under the games tab, the exploit worked. You can now unplug the phone. Mind that you will have to do this procedure every time you boot your PS3.

If it doesn't work, try with another USB cable, it has been reported that the original data cable works best for this purpose.

To uninstall:
  • Boot back into recovery
  • Flash Disable_PSFreedom_G1.zip
  • Reboot
You should have usb functions back to normal.

Mirrors:
Code:
Enabler: http://db.tt/XEKCdBi - Old version
Disabler: http://db.tt/QkpccHB
Code:
v0: initial release
v1: +module loaded on startup
    +created disabler
v2: updated payload (peek & poke) 
v3: resolved bootloop bug, updated PSFreedom, dynamic payload loading.
The Following User Says Thank You to .kAroshi For This Useful Post: [ Click to Expand ]
 
.kAroshi
Old
(Last edited by .kAroshi; 8th October 2010 at 06:09 PM.)
#2  
Member - OP
Thanks Meter 1
Posts: 66
Join Date: Apr 2010
Payloads

There seems to be some confusion with payloads. Attached here you will find some working ones. Unfortunately i have yet to manage to make the <3.41 payloads working, so there aren't any for now. The default one is presently the psgroove 1.1 payload.

How to change a payload:
  • Download and extract one of the payloads
  • Put it in your SD card (it could be named anyway you like, but it is usually called payload, with no extension)
  • Copy it to /data/local/ , make sure it is named 'payload', without quotes and any extension. To do this you could:
    • use a root file system explorer, such as ES file explorer or Root explorer to copy the file to /data/local, make sure it is named payload (no extensions!) OR
    • Use a terminal emulator and type: cp /sdcard/payload /data/local/payload (change /sdcard/payload accordingly to how you named it)
  • Reboot phone

How to prepare your own payloads
  • Get your payload in binary format. I'm not going to cover this part thoroughly, because any distribution (PSgroove, psfreedom, aerialx, hermes) does it differently, plus you can usually find the precompile payload minutes after the source is released. It is usually named port1_config_descriptor.bin or default_payload.... something like that.

    If it is not a psfreedom payload:
  • Open it in an hex editor
  • Strip the first few bytes so that it starts with 00 00 00 00 00 00 FA CE B0 03
  • Save and name it payload (no extension)
  • Test it with the guide above
Attached Files
File Type: zip HermesV3.zip - [Click for QR Code] (1.7 KB, 770 views)
 
c0mrade2
Old
#3  
c0mrade2's Avatar
Senior Member
Thanks Meter 13
Posts: 141
Join Date: Apr 2010
have you done enable/disable packages also for the 32a?
 
.kAroshi
Old
#4  
Member - OP
Thanks Meter 1
Posts: 66
Join Date: Apr 2010
here: http://forum.xda-developers.com/show....php?p=8038887
 
daduif
Old
#5  
Junior Member
Thanks Meter 0
Posts: 2
Join Date: Jul 2009
I have a HTC Dream with CM 6.0 but i need to install ebi1 to boot up else my phone freezes on the logo screen

PSfreedom zip does not allow my phone to boot up.
Is there a work around?

Phone:

Dream/CM6.0 needs EBI1 to run.
DREAM PVT 32B ENG S-OFF
HBOOT1.33.2005 DREA20000
RADIO 3.22.20.17
 
.kAroshi
Old
#6  
Member - OP
Thanks Meter 1
Posts: 66
Join Date: Apr 2010
Try the 32A port, that should work.
 
arifmunshi
Old
#7  
Junior Member
Thanks Meter 0
Posts: 26
Join Date: Feb 2009
I'm gonna try this on my touchpro with the android port see if it works with that.
 
Anoniempje
Old
#8  
Junior Member
Thanks Meter 0
Posts: 6
Join Date: Jun 2009
Im having issues with 6.0.0 final ( cant recieve calls) Will this work with 5.0.8?
 
daduif
Old
#9  
Junior Member
Thanks Meter 0
Posts: 2
Join Date: Jul 2009
Quote:
Originally Posted by .kAroshi View Post
Try the 32A port, that should work.
Success. Thanks to kAroshi for the enabler.
 
BolecDST
Old
#10  
Senior Member
Thanks Meter 29
Posts: 272
Join Date: May 2009
Location: Strzelin
What's the problem of creating nandroid backup and then after flashing the required kernel and booting ps3, restoring the backup? I also have problems with this kernel flashed on my g1 (ie. wifi doesn't worik) but as soon as my ps3 is jailbroken I just restore nandroid backup.

Tags
32b, dream, magic, psfreedom
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes