|
2.0 Exploited
Update: This proof of concept has now been confirmed as a working exploit for the 2.0 firmware. Now we have to wait until some more useful code using this exploit is released :) Remember who had it first PSP-Hacks.com
We just received a very convincing email claiming to have hacked the 2.0 firmware. We do not currently have a 2.0 PSP accessible right now. So we would like our members to try it out and let us know how it goes. We've been hearing rants for a while about no 2.0 news so here is a chance to not just complain but actually help out and let us know if it works.
First Homebrew Code on 2.00
-----------------------------
1. Set wallpaper to frame_buffer.png (without overflow.tif present
in the PHOTO directory, or it will crash).
2. Add overflow.tif to the PHOTO directory, and open into the photo
viewer. Custom code to paint the screen! Or to write a homebrew
app! Not to run illegal games.
How It Works?
---------------
1. The PNG contains a small amount of code in a known, fixed place
(the VRAM). If to look closely at the wallpaper, sees small
coloured pixels in the right down. The pixels are Allegrex
opcodes, with the highest byte all zero for the ALPHA. These
pixels do:
syscall 0x20C7 ; sceKernelDcacheWritebackInvalidateAll
slt a0, zero, sp ; put 1 into a0
sll a0, a0, 6 ; put 64 into a0
addiu a0, sp, a0 ; get screen painter address over SP
jr a0 ; jump to the screen painter
nop ; branch delay slot
2. The TIFF contains also some code and a buffer to trigger the
known BitsPerSample overflow in libtiff in the photo viewer.
The buffer makes a jump to the VRAM which has the PNG colours
by overwriting the safed ra (return address) on the stack.
The VRAM code uses SP and calculates the address of the buffer
then runs it. Then it jumps there. The screen is yellow as
the colour was 0x12345678 in Hex.
PSP Users:
We didn't do this so you could steal from Sony and game companies.
We believe in OSS. There are plenty of amazing programs that have
been written for the PSP. Use this as a gift and not as an excuse
to steal.
Sony:
If you wanted to find us i know you could. This release wasn't
intended as a way to run pirated software on the PSP. We believe
that everyone should be able to compile their own code and run it.
Nothing is kept secret forever and i'm sure you know this.
In the end, if it wasn't us. It would be some one else.
Fighting it would be like skating up a hill. You did create the
PSP and did an amazing job.
Toc2rta:
To the people of the Toc2rta development network. You're our phone
a friend. With out your friendship this would never of happened.
I hope this brings you as much happiness as it brings us.
Join us on irc.toc2rta.com.
Most importantly... Have fun!
Download required files or go to the download section
|
CREATE ACCOUNT NOW TO POST COMMENTS!
Why create an account on the Dashhacks network? Because being logged in has its privileges! • COMMENTS! Only logged in users comments go live without waiting for moderator approval! • No video! The video ad in the upper right doesn't interrupt you on all pages! • Customize your profile! Flaunt your xBox Live, PSN, Wii, and Steam gamertags! • It's FREE and it's EASY! And one login works for all of the Dashhacks review sites! • If you have an account in our FORUMS, your username as password will work here! So what are you waiting for? | ||
| Welcome to Dashhacks! If you do not want to see the below video or want your article comments to go live without waiting for moderation, you need to be logged in. It's easy, quick, and free. | ||
|
Would you like to get all the new buzz from Dashhacks in your email each day?
| ||
|
|
|
what???? crazy cool if this is for real
haha this is great news !!
is it really can use?i am really looking forward to it!
doesnt work, try it
Isnt that because the codes to go into this?
Wow great news, well now we can run homebrew and get the encryptation code for 2.0, so say in about some days PSP can run homebrew software AGAIN.YESSSSSSS
#4 did you try it?
I try it and it doesent fuck your psp... but ... it turn off it... you turn on... the version still the same... someone have more info?
it says that the png file is cruppted what to do ?
Lol I don't even understand what they're saying. Anyway I think it's a fake.I'll wait till all the homebrews and apps are converted for the 2.0 if it actually works. I'll update after that.
this has been proven to function.i have tried it with various code and it works perfectly...im working on getting this to boot more code(like a PBP loader for example...)
#8 This isn't a downgrader
why i cant use it?!?!it hangs my psp
So, after you load this, and it does what it does...how do i get a snes emulator to run? (if even possible)
Wow, well i cant wait till it really works. Until then im sticking with 1.5
you need to convert your SNES to this expliot method
this is amazing if it truly works and i really hope this works cause im upgrading if it does but not untill there is solid evidence it does
This really works...somehow.Executed something ochre before it crashed.Can't wait until somebody really does something useful with this.
put frame_buffer.png into photo directory?set it as wallpaper...then delete it and put the overflow.tif into it..an i rite?
it's supposed to without code.the overrun TIFF can be edited in windows picture and fax viewer,text can be added along with many other features.
how will like a app snes9x work with this ??? is it hard from this ?
does this matter which type of 2.0 you need?? jap (1st one) or american one???
there needs to be a forum topic about this.AND THERE NEEDS TO BE WORKING SNES 9X FOR IT!
i followed the steps i loaded the png. set it as wallpaper n then i loaded the overflow n my screen just turned brown
how hard will it be to make e,g snes9x, fastloader ? from this thing ???
Not hard I imagine. Patience is required. I'm sure a PBP launcher isn't far off.
can sum1 explain what does this mean for 2.00 is it done cracked or not and how long b4 we see homebrew
It's not done yet, guys.This is proof of concept code.Once we get a pbp loader, we'll be golden.
this is more than lileky only an exploit for 2.00 jap as many ppl's psp crashes.. also the CRC32 fro thr jap and the us fw are completely different... something was changed in 2.00 us.. it wasn't delayed for a reason it prolly is that hole that was fixed....
Tested on my euro 2.00 , work as expected in the readme
I cant choose any Theme after this trick.I only set images as wallpaper :(how can i deactivate this?
haihzso i cant do anything with it then?
@31 in the theme settings, there should be a 'USE Wallpaper' option, turn it off.
Gr8!! :)Now all we have to do is wait that homebrew comes out in .tiff files xDIndeed it works... but, if the creaters are listening, it has a little problem... if u have more than one photo in the photo library, it loads the miniatures and when it loads the .tiff it apply's the code and uses the exploit. I am not sure if this can be fixed but indeed is a great discovery =)Homebrew will be again =)Nice job!
i upgraded it from winning eleven umd...so i cant use it?
damn i hope someone jumps on this quick.. anyone have the jap2.0 update or a link to it??
quote:@31 in the theme settings, there should be a ‘USE Wallpaper’ option, turn it off.thx :P i did not see that.
Worked on my euro 2.0, cant wait for the loader now, well done guys!
You can view your images through the web browser just add the directory link into your html bookmarks file and walla you have best of both
is it that us2.00 cant use it?
Jesus, it certainly didn't work properly for me.I followed instructions, then when scrolling down the image list to find the overflow.tif to view the system goes berserk and the screen barfs lots of horrible shit.Luckily the PSP does, in fact, still work.
how do i work this
#41 r u dumb thats wut its supposed to do provin that it works. read the instructions and other comments be4 u go embarassing urself
41 thats exactly what it is supposed to do, its a proof of concept only, they have managed to get the psp 2 version to run thier own code, first step, then hello world, i hope.
Tout simplement terrible. Merci beaucoup.Fonctionne sur psp euro (fr) v2.0
when can we expect homebrew to start ? what is buffer overflow is it good way to running homebrew
WOW ! just testet this with my PSP 2.0 EU and it does just what the exploit is supposed to do. IT WORKS ! Now sombody should share some programming faq´s with us so we kann start understanding und using this exploit. A tool like kxploit would even be greater !! Thanks to the programmers. (this will be used for pirated stuff for shure :-( ) but I hope Homebrew comes first.
JUst today someone in my class said "it will probably be cracked in a week" and I was like "nah maybe a couple months" but it happened on the same day I opened my mouth. I think I'll stick with my v 1.5 and when the VERY TALENTED people who release codes figure out how to use this xploit then I will switch to 2.0, enjoy the browser, and switch over all my apps. This is some of the best news I have heard in a long time. I am sure it will take a couple months to run the code and all that but Kudos to whom ever figured this out. Now EVERYONE CAN UPGRADE AND SHUT UP ABOUT A DOWN GRADER. PS WAB can lick DEEEEEEEEES NUUUUUUUUUTSS LOL!!!!!
#44, you can suck my cock it didn't do what it was supposed to.What happened to my PSP simply looked like memory corruption.
Does what it is supposed to on my White JAP PSP. I think we potentially have a winner here. All that latest flash emulation work by humma, I think we may be able to get some nice stuff working on the 2.0. I'm spending this weekend coding! woo woo!
Post new comment