Master InuYasha Downgrader
With help from MPH and PSP Crazy
Okay, basically, this exploit has to do with the bytes transfered from the memory card to the PSP firmware. Basically, an offset is created, making the byte structures irregular.
1. Get your PSP
2. Insert memory stick
3. Dont forget to format your memorystick with the PSP!
3. Go to USB mode
4. Now copy these files to the root: index.dat.bak.pirn, comparche.fir, loadcore.prx
5. Copy a version 1.5 EBOOT.PBP in the UPDATE folder.
6. Run the eboot.pbp, and enjoy!
How does it do this?
It messes with the byte structure, by writing offsets to this byte right here: 0x8902ca0
While this byte structure controls the PSP so it doesnt totally lock: 0x5189dc49
And this one allows the use of an eboot of a lower version to be run: 0x8904eb4
This is almost like the MPH downgrader, but a little different, as this can be run up to version 2.6 ( skydevil tried it on version 2.6) But it couldnt run without loadcore.prx, as this actually bypasses the FOURTH security block.
Master InuYasha: created the readme, found out about the pin
MPH: Created the offset values for writing to the firmware
PSP Crazy: Found out about loadcore.prx
This is the link: http://rapidshare.de/files/8905215/2.01__DG.zip.html