Homebrew on PSP DTP H1500

I would say rather limited but I have managed to get cps2psp running perfectly on it, ISO tool works but unstable and Prometheus Iso loader keep crashing back to the main screen after loading the ISO.

Running on 6.60 Testing Tool Firmware.

Anyone want to share their thoughts or experience on this matter?

 

You check this thread? http://assemblergames.com/l/threads/psp-testing-development-tool-dvd-creation.63024/

 

You think a HEN might work?
http://wololo.net/talk/viewtopic.php?f=17&t=7334

Could also try LME and PRO but whatever you do, DO NOT TOUCH THE IPL!
Not that it matters since iirc it gets its IPL from the tower but IDK just better safe then sorry.

 

Been curious about this myself. Don't wanna risk losing the current firmware version I have so i haven't tried it.

 

A HEN is all in RAM so at worst it would just crash

 

No idea about the DTP-H1500 but I have not managed to run the latest 6.60 PRO cfw HEN on my DTP-T1000 (the executable uses a privilege escalation exploit to gain kernel rights which isn't working with the memory layout of the DTP-T1000 as it seems to be using hardcoded offsets)

I could try using infinity, that may work. The forged time attacked IPL blocks used by Pandora do not work on devkits though, nor do memory stick access from the IPL (as it'd require the pre-ipl to use the service mode path), however encrypting an IPL block with kirk keys does work (with pre 3.5.0 kbooti bootcode)

On DTP-H1500 custom IPL blocks should work out of the box when flashed on nand as it uses the bootrom directly (as opposed to the DTP-T1000) which is the exact same as the psp-1000 model and thus vulnerable to the kirk time attacked/forged block.

On DTP-T1000 I have been able to flash a custom version of 1.00 with the retail vsh which works great for homebrew purposes as it enables the memory stick (the retail vsh is however not compatible with DVDs so you would need to restore to an original firmware to use that feature)
you can also use mstart (on the DTP-T1000 at least) to run an elf or prx without using the memory stick at all on an original firmware. I assume the same is possible on a DTP-H1500 on 5.00+ using the usb serial feature and the latest target manager or SN Systems ProView (which allow adding DTP-H1500 as targets and running applications/debugging from usb), it's not nearly as efficient as using the Communication Processor on the DTP-T1000 but it does work.


Also; can anyone with a DTP-H1500 try the below manipulation?

 

Tested the Hen 6.60. Doesn't work, it runs but hangs at the exiting portion.

 

Tried 6.60pro me too but I got black screen after I launch the update

 

Quick question, as I am using the DTP H1500, how do I generate or get a valid game base (Eboot.bin) without connecting to the PSN to purchase game? At this period of time I can only use fake_np but there's a size limit I can sign.

Any suggestions?

 

What's about nand dumping/flashing for bricking risks? How can the DTP-H1500 dump the nand and what's about the DTP-T1000 (I saw you've done it on twitter)?

I also have some simple questions:

1. Is there another way to "show" a vsh as H1500 besides flashing the custom 1.00 bogus or a sort of dual nand?

Also I'll have soon a H1500 or a T1000 and I realized that with T1000 I need the SDK and a PC to load . How can I connect the devkit to the PC? Does I need a "special" cable or something to load homebrew/ UMD games? Thanks in advance

 

On a DTP-H1500 you need to downgrade to 1.52 (there is no 1.50 downgrader), create a DVD image with the dumper's elf/prx as BOOT.BIN, burn the image and run it. (I did that ages ago on someone else's DTP-H1500 unit to get the dump) On DTP-T1000 you downgrade to 1.50 or lower and use mstart to run the dumper's elf.

I don't quite understand what you mean by that question, you mean showing the memory stick on the vsh? You need to replace vshmain.prx (although it is better to replace the whole vsh folder) to a retail one to do that, it's a (somewhat) complicated and risky (on a DTP-H1500) process since we do not yet know how to service testingtool units. (has anyone tried the manipulation I posted yet?)

You don't need any special cable, the DTP-T1000 has a communication processor used to interact between the PC and the PSP, it is connected through ethernet and even sports a web interface.

You have to realize the following though: on firmware below 2.60 your unit is pretty much a paperweight without the SDK because it requires you to use the bloadp command to feed it the kbooti.bin file anytime you want to start it up, in fact below 5.00b it's pretty much still a requirement to start the unit in debugger mode, from 2.60 to 5.00 (excluded) kbooti is not required on system software mode, but it is however required to start the unit in debugger mode (where the interesting things happen) so you can't even do things as simple as running an elf/prx remotely without it.

You also cannot just "mount" UMD images through the network or otherwise, you can either have your binary fetch its required assets through the network (using host0:/ after defining your network path) or use SnSys ProView to stream a game through USB, there are limitations though, such thing as your game needs to be "ProView ready" and you need to be running in 64MB mode (which means any actual builds that require the 64MB mode to run (like the Oblivion PSP Demo) will not work on ProView.

On a sidenote it's just easier to use NPUMDIMG to convert ISOs into EBOOT.PBP and run them from the memory stick on 6.60 than to mess with the official SDK tool and stream things from USB or host0:/

Protip though, host0:/ and disc0:/ strings share the same length making it an easy hex editing away from streaming most games over the network.

You can also take notice that host0:/ only mounts on DTP-T1000 (unless it works using Target Manager on Testingtool, I need to check the documentation on that)

EDIT: I just checked, apparently the latest Target Manager does handle File Synchronization on the DTP-H1500 when it's on a firmware newer than 2.00

ProView on the other end, works even on DTP-H1500 (it's actually designed for those and works on DTP-T1000 as a bonus)

 

Hmmm, could anyone point to me the answer to my question? Greatly appreciated

 

Use sign_np not fake_np, this allows to generate NPUMDIMG of any size you want without going on the ps store, all you need is to use a fixed key.

I explained it not too long ago somewhere on the forum.

 

Thanks for your reply. I will try it at home, my only concern will be if it involves a donor game base from psn which is unlikely to get via the dtp h1500

 

As long as you use a fixed key, you don't need a donor game.

 

Have tried using signfakeexpert program and using the fixed key, still getting a error after launching the game. Will try to prpvide screen shot. Unless i am doing it wrongly

 

Have you tried resigning the eboot with tag 0xD9160BF0 that one works best for me.
What firmware are you on, I am pretty sure you need to be on a recent firmware for this to work, I know it does not work on 5.00 (I tried there). I am currently running on 6.60 You may have better luck if you update your unit.

 

I just tried making a pandora stick and running it on one of my DTP-H1500 units. Whether buttons were held or not it did not enter into service mode or do anything outside of its normal bootup.

 

That's because a service battery is needed to trigger the IPL into booting from the MemoryStick rather the flash

 

They must have had some other way of triggering it on these units though considering they do not have a battery.