AOA Forums AOA Forums AOA Forums Folding For Team 45 AOA Files Home Front Page Become an AOA Subscriber! UserCP Calendar Memberlist FAQ Search Forum Home


Go Back   AOA Forums > Hardware > Mobile Devices and Networking


Reply
 
LinkBack Thread Tools Rate Thread
  #1 (permalink)  
Old 2nd January, 2006, 05:58 PM
dsio's Avatar
Steve Jobs
 
Join Date: October 2002
Location: Brisbane, QLD, Australia
Posts: 8,037

PSP 2.50 Firmware Exploited

It seams that the PSP 2.50 firmware has a hole in it. Running Grand Theft Auto, there is a hole in the save game feature, that was initially exploited through a cheat.

This has allowed unsigned code to be run, and the PSP hackers out there are already working on a downgrader for it.

I wonder at which point Sony will just give up, and concede that their engineering team cannot outsmart an enthusiast community millions strong.

http://www.pspfanboy.com/2005/12/13/...found-via-gta/
__________________
Notebook: Apple Macbook Pro 13" i7 2.7Ghz (3.4Ghz max) 8GB DDR3 1333Mhz (Mac OSX 10.6.7)
Desktop: ASUS Rampage Formula X48
Intel Core 2 Quad Q9450 (Yorkfield) @ 3.60Ghz (Folding SMP Linux)
Running Fedora 15 Linux (GNOME 3)
Dual Dell 2407WFP
AOA Team fah

Drivers, Games, Demos, Mods and Overclocking Tools At AOAFiles
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #2 (permalink)  
Old 2nd January, 2006, 06:48 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

There's still no hole in the PSP 2.5 firmware. However, GTA suffers a buffer overflow that allows external code to execute when it shouldn't.

How long before someone puts together a GTA save game designed to turn a PSP into a brick?

I'd be surprised if GTA was the only game that suffered this. Whilst Sony put together a bunch of libraries for handling savegames, it's up to the developers to bother implementing security properly.
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #3 (permalink)  
Old 2nd January, 2006, 06:59 PM
dsio's Avatar
Steve Jobs
 
Join Date: October 2002
Location: Brisbane, QLD, Australia
Posts: 8,037

Fanjita has said that he is part way through making an Eboot loader, and has already reached a reasonable point, though it is not ready for the public yet. Several other PSP coders have stated that they are certain it will be working soon.

The general view is that it is a matter of when, not if.
__________________
Notebook: Apple Macbook Pro 13" i7 2.7Ghz (3.4Ghz max) 8GB DDR3 1333Mhz (Mac OSX 10.6.7)
Desktop: ASUS Rampage Formula X48
Intel Core 2 Quad Q9450 (Yorkfield) @ 3.60Ghz (Folding SMP Linux)
Running Fedora 15 Linux (GNOME 3)
Dual Dell 2407WFP
AOA Team fah

Drivers, Games, Demos, Mods and Overclocking Tools At AOAFiles
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #4 (permalink)  
Old 2nd January, 2006, 07:27 PM
Chief Systems Administrator
 
Join Date: September 2001
Location: Europe
Posts: 13,075

If it requires GTA to operate, it's not a flaw in the OS, but a flaw in GTA. In exactly the same way, the Xbox was originally exploited not through the OS, but via a game with some poor code in it.

Once code is running on the system via whatever means, then it's game over, unless there's funky memory protection in place. That's unlikely on the PSP, as it'd add to the overhead. If it is a buffer overflow, then future versions of the OS will still be as exploitable, as the game is the entry point, not the OS. (Assuming that they don't start throwing canary values in there - that would be one way of making it much more difficult to exploit.)
__________________
Any views, thoughts and opinions are entirely my own. They don't necessarily represent those of my employer (BlackBerry).
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
  #5 (permalink)  
Old 7th January, 2006, 07:53 PM
devilmyarse's Avatar
Member
 
Join Date: June 2005
Location: England
Posts: 436

It's also impossible to access the flash through GTA (as it's its in usermode space and not extended user mode like the libtiff exploit) so it's impossible to downgrade with 2.01 using the normal method AND Definately impossible on 2.50+ as again obviously, no flash access but secondly we don't know where the index file to change the version number is, and is possible encrypted!
__________________
System Specs: Antec 900
Enermax Liberty 500W
Asus P5Q-Deluxe
Intel Core 2 Quad Q6600 G0 @ 2.4Ghz
2x 2GB OCZ Hiper 1066mhz
ATi Radeon HD4870 512MB
Samsung Syncmaster 15"

Apple Macbook Pro
15'' Core 2 Duo 2.33Ghz
X1600 Mobility Radeon
Boot camp Mac os X/Vista

AOA Team fah
Digg this Post!Add Post to del.icio.usBookmark Post in TechnoratiFurl this Post!
Reply With Quote
Reply



Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Rate This Thread
Rate This Thread:

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off
Trackbacks are On
Pingbacks are On
Refbacks are On


Similar Threads
Thread Thread Starter Forum Replies Last Post
ES3B Voting Computer Exploited Favu Random Nonsense! 3 5th October, 2006 04:52 PM
PSP Firmware 2.80 out! Daniel ~ Mobile Devices and Networking 9 28th July, 2006 11:38 PM
New Windows Vulnerability Being Exploited RIGHT NOW! Gizmo Data Security 19 2nd January, 2006 08:57 PM
Firmware 1.5 to 1.0 bradmax57 Mobile Devices and Networking 10 4th December, 2005 07:42 PM
PSP firmware v2.50 danrok Mobile Devices and Networking 3 15th October, 2005 05:11 PM


All times are GMT +1. The time now is 11:39 PM.


Copyright ©2001 - 2010, AOA Forums
Don't Click Here Don't Click Here Either

Search Engine Friendly URLs by vBSEO 3.3.0