Remove All Ads from XDA

[G1/32B] PSFreedom (v3 08/10/2010, hermes v3 payload)

66 posts
Thanks Meter: 1
By .kAroshi, Member on 7th September 2010, 10:42 AM
Post Reply Email Thread
Hello, since there seems to be some confusion I decided to start this thread for the G1, 32B port.

For the 32A version click here:

Note that all the work on PSFreedom was done by KaKaRoTo, and he was helped by DrMon in the MSM72K port, i merely compiled their work and put it in a simple package for everyone to enjoy.

Note also that I cannot test my G1 builds myself, as I have only a Magic 32A, so please do a Nandroid backup before testing them for the first time.

I created 2 packages, an enabler and a disabler, that you have to flash over your working CM 6.0 Final installation.
Flashing the enabler will install the modded kernel and PSFreedom module. You will lose usb functionality completely (no adb, no mass storage etc.) until you flash the disabler.
After flashing the enabler the module will always start upon boot, you have to enter no commands on the terminal emulator.

Preliminary: Make sure you are on CyanogenMod 6.0 Final and everything is working correctly. It has been reported that it works also with older CM6 versions and CM5 too, you may try if it works and report it in this thread. If it's the first time, do a Nandroid backup before testing!

Now psfreedom should be loaded as a module, you will see no difference, except for the loss of normal usb functions.

To run the exploit:
Make sure you are on 3.41 (DO NOT UPDATE OVER THE NETWORK!)
  • Connect the phone to the PS3 using usb
  • Turn it off completely (unplug power cable or turn off back switch on Fat models)
  • Plug it back in (turn on back switch)
  • Turn it on and immediately press the eject button (you should hear 3 quick beeps)
  • Booting should take a bit longer (5-10 seconds)

If you see two new options under the games tab, the exploit worked. You can now unplug the phone. Mind that you will have to do this procedure every time you boot your PS3.

If it doesn't work, try with another USB cable, it has been reported that the original data cable works best for this purpose.

To uninstall:
  • Boot back into recovery
  • Flash
  • Reboot
You should have usb functions back to normal.

Enabler: - Old version
v0: initial release
v1: +module loaded on startup
    +created disabler
v2: updated payload (peek & poke) 
v3: resolved bootloop bug, updated PSFreedom, dynamic payload loading.
The Following User Says Thank You to .kAroshi For This Useful Post: [ View ] Gift .kAroshi Ad-Free
7th September 2010, 10:47 AM |#2  
OP Member
Thanks Meter: 1

There seems to be some confusion with payloads. Attached here you will find some working ones. Unfortunately i have yet to manage to make the <3.41 payloads working, so there aren't any for now. The default one is presently the psgroove 1.1 payload.

How to change a payload:
  • Download and extract one of the payloads
  • Put it in your SD card (it could be named anyway you like, but it is usually called payload, with no extension)
  • Copy it to /data/local/ , make sure it is named 'payload', without quotes and any extension. To do this you could:
    • use a root file system explorer, such as ES file explorer or Root explorer to copy the file to /data/local, make sure it is named payload (no extensions!) OR
    • Use a terminal emulator and type: cp /sdcard/payload /data/local/payload (change /sdcard/payload accordingly to how you named it)
  • Reboot phone

How to prepare your own payloads
  • Get your payload in binary format. I'm not going to cover this part thoroughly, because any distribution (PSgroove, psfreedom, aerialx, hermes) does it differently, plus you can usually find the precompile payload minutes after the source is released. It is usually named port1_config_descriptor.bin or default_payload.... something like that.

    If it is not a psfreedom payload:
  • Open it in an hex editor
  • Strip the first few bytes so that it starts with 00 00 00 00 00 00 FA CE B0 03
  • Save and name it payload (no extension)
  • Test it with the guide above
Attached Files
File Type: zip - [Click for QR Code] (1.7 KB, 783 views)
7th September 2010, 10:56 AM |#3  
c0mrade2's Avatar
Senior Member
Thanks Meter: 17
have you done enable/disable packages also for the 32a?
7th September 2010, 11:01 AM |#4  
OP Member
Thanks Meter: 1
7th September 2010, 11:54 AM |#5  
Junior Member
Thanks Meter: 0
I have a HTC Dream with CM 6.0 but i need to install ebi1 to boot up else my phone freezes on the logo screen

PSfreedom zip does not allow my phone to boot up.
Is there a work around?


Dream/CM6.0 needs EBI1 to run.
HBOOT1.33.2005 DREA20000
7th September 2010, 12:22 PM |#6  
OP Member
Thanks Meter: 1
Try the 32A port, that should work.
7th September 2010, 12:46 PM |#7  
Thanks Meter: 0
I'm gonna try this on my touchpro with the android port see if it works with that.
7th September 2010, 12:52 PM |#8  
Junior Member
Thanks Meter: 0
Im having issues with 6.0.0 final ( cant recieve calls) Will this work with 5.0.8?
7th September 2010, 01:39 PM |#9  
Junior Member
Thanks Meter: 0
Thumbs up
Originally Posted by .kAroshi

Try the 32A port, that should work.

Success. Thanks to kAroshi for the enabler.
7th September 2010, 01:43 PM |#10  
Senior Member
Flag Dublin
Thanks Meter: 38
What's the problem of creating nandroid backup and then after flashing the required kernel and booting ps3, restoring the backup? I also have problems with this kernel flashed on my g1 (ie. wifi doesn't worik) but as soon as my ps3 is jailbroken I just restore nandroid backup.
7th September 2010, 02:12 PM |#11  
OP Member
Thanks Meter: 1
No problem, it should just be faster using the disabler, and you won't have to backup every time.
Can anyone confirm that wifi isn't working with this release?
Post Reply Subscribe to Thread

32b, dream, magic, psfreedom

Guest Quick Reply (no urls or BBcode)
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes