HDD Utility Disc (and similar) - Use cheater to bypass or simulate original

If someone thinks of a better title, feel free to suggest it... it's been a crazy day and I couldn't find the right way to word this...

I remember reading that some PS2 discs (ie. HDD Utility disc, probably PSBBN and others as well) have some kind of UID (to name it somehow; can't remember the exact term, if any) that is read by the application itself. If it can't read it (ie. you're using a backup of the disc), it won't work.

I assume this UID can be read by any CD/DVD drive.

Would it be possible to "emulate it" or bypass it using a "cheater" (ie. Action Replay, GameShark, Codebreaker, Xploder)?
Or maybe a debugger like Kermit?

Just a thought that came to my mind and wondered if anyone already thought of it / tried it.

 

That UID is part of the copy protection mechanism. You're only going to need it, if you intend to use the disc to install stuff on the memory card (for example if your PS2 is an SCPH-10000 the utility disc will refuse to install the HDD software into a blank HDD without you providing it with some memory card for the OSD updates to be installed.) making it impossible to achieve installing a HDD with a copy of the HDD Uitlity disc.

If it's a SCPH-30000 the install will work even if the disc is a copy, because it doesn't perform any security checks on the disc for that specific operation.

 

So, if I understand correctly, the UID is used by the console itself; not by the HDD Utility app... is this correct?
Also, is SCPH-10000 the only one that has such protection mechanism?

 

Actually, the program in the disc need the UID data to be able to locate the encrypted data which is used to perform any memory card related operations. That's the protection.

It affects all consoles. It's just that on a 10K you're obligated to install something on a memory card before it formats and install the harddrive.

 

Not a chance, unless you code your own cheat engine. Like l_oliveira said, the UID indicates the LBA of the update package (Memory Card files only, not HDD files). The last byte of the key is used as an "argument" to DecSet the data (first process before a bitwise against the full package lenght). Mostly used for DVD Player nor Kernel updates.
HDD files are crypted on INSTALL#.PAK and have checksum protections. The UID does not affect HDD stuff.
HDD tasks are ruled by the main program which is XORed somewhere on the disc.
The UID verification routine is engaged by the MagicGate crypted subprogram (PS288.VOB), subprogram which is used for disc sector decryption and CARD signing of KELFs.
Unfortunately, the source code of "S.U.D. Mutilator" and the reverse engineering documentation vanished among with Megaupload.
I remember that the UID of a pressed disc can be grabbed with the __CdReadKey function (cmd 0x1096) of CDVDMAN. Maybe I'm wrong, kHn and I have cracked those things 4 or 5 years ago... I'll take a look at the glorious Utility Compilation to see how it's made an get massive headaches, I can't find it at the moment.

EDIT: I found the disc. Everything is PAL patched and most ELFs are packed. I couldn't unpack'em with ps2unpacker but PCSX2 can run each utility, so you can analyse and studdy RAM dumps. Subprograms are not crypted.
PM me if you need the disc, anything it contains is ©SCEI.