Any help on this concept

Discuss the development of new homebrew software, tools and libraries.

Moderators: cheriff, TyRaNiD

Post Reply
CMoZ
Posts: 3
Joined: Tue May 10, 2005 8:02 am

Any help on this concept

Post by CMoZ »

I've been searching on this board for info about the steps the psp takes for executing a homebrew binary but I can't get very much useful (I'm just learning here) information.
Does anyone have any info regarding this?
Where I would like to apply it is possibly in forcing the PSP to verify the binary located on the UMD instead of the one that its executing from the memory stick. I'm not sure if this is someting that would have to be done in firmware or if there might be a way around it.
My logic however,(without a clear idea in my head about the exact chain of execution events) is that homebrew (as it is now) will always run off of the memory stick so theoretically you should be able to have a signed UMD in the drive and if you can hard code the PSP to always verify the signedness of the UMD executable instead of the one it's executing we might have a way around any future firmwares (although it might require a custom firmware).
I have no Idea how valid this idea is but sometimes not knowing how difficult something may be is an asset.

Please post any comments or info for me
Top
Woogie
Posts: 6
Joined: Sun Jul 24, 2005 8:40 pm

Post by Woogie »

So basically, you want to do something like the swaploit hack, but using a UMD and a MS. Don't think that's going to happen without custom firmware, and if your going to go that far, you may as well rip out of the signing requirement alltogther.

I think the best thing at the minute is to open the PSP and see if the flash is seperate on the board. Then we can place another in there and enable switching between the two - 2.0 for games, and 1.5 (or 1.0) for homebrew.
Top
AnonymousTipster
Posts: 197
Joined: Fri Jul 01, 2005 2:50 am

Post by AnonymousTipster »

Unless there was a way of building some special code into the launcher PBP (the launcher the launches the code (corrupt one)). Then when the PSP ran the launcher (which runs on all F/W) it would be somehow tricked into verifying the UMDs authentication, but after verifying it runs the target PBP code.

I doubt this is possible, but it would require some sort of code injection into the laucher code IF it were possible.
Top
F9zDark
Posts: 127
Joined: Sat Apr 02, 2005 11:34 am

Post by F9zDark »

Uh no. The 'launcher' doesn't run on all FW. It only runs on 1.0 and 1.5 and on a 1.0 its stupid to use since ALL code runs on a 1.0. Its not possible to run the 'launcher' on 1.51, 1.52 and probably not possible on 2.0, see to run the launcher would to be able to run homebrew to begin with, which would make the point of loading signature/AES data to trick the PSP from a UMD useless since that unit can already run homebrew...
Top
Post Reply

Return to “PSP Development”