Wipeout Browser.

Discuss the development of new homebrew software, tools and libraries.

Moderators: cheriff, TyRaNiD

Post Reply
pyrosama
Posts: 66
Joined: Fri May 13, 2005 1:08 pm

Wipeout Browser.

Post by pyrosama »

I was thinking that the browser would be a good target for a buffer overflow but after the FAKE 1.5 hack that directed the browser to load an eboot that was renamed eboot.html made me think that it must be over loading the memory causing it to shut down - So this probably means that the PSP doesnt have enough memory to alow for a buffer over flow exploit.

Pikoro and I dicussed this for a while last night and he seems to belive we will have to go about it compleatly dif - No buffer overflow exploit. - He is probably right.

Then again who knows.


P.Sama
ooPo
Site Admin
Posts: 2023
Joined: Sat Jan 17, 2004 9:56 am
Location: Canada
Contact:

Post by ooPo »

I assume the content of this message will appear in part 2?
asmodi
Posts: 52
Joined: Mon Feb 07, 2005 3:39 am
Location: Göteborg/Oslo - Se/No

Re: Wipeout Browser.

Post by asmodi »

pyrosama wrote:the PSP doesnt have enough memory to alow for a buffer over flow exploit.
Priceless? ;)
It's not in my nature to be mysterious, but I can't talk about it, and I can't talk about why.
MrHTFord
Posts: 35
Joined: Tue Feb 10, 2004 2:04 am
Location: England

Post by MrHTFord »

Would you mind telling me how much memory is required to alow (sic) a buffer overflow exploit.

Actually don't bother. In fact, why don't you and Pikoro post your random jibberish on psphacks instead of here?

Thanks.
pyrosama
Posts: 66
Joined: Fri May 13, 2005 1:08 pm

Post by pyrosama »

I was attempting to be constructive. If I am completely wrong in my understanding of these technologies you need not insult me, simply redirect my line of thought or ignore the topic.

I don’t know what you guys know that is why I am here. – To learn….. To contribute…..

So don’t be an ass.


P.Sama
pixel
Posts: 791
Joined: Fri Jan 30, 2004 11:43 pm

Re: Wipeout Browser.

Post by pixel »

asmodi wrote:
pyrosama wrote:the PSP doesnt have enough memory to alow for a buffer over flow exploit.
Priceless? ;)
Huh, indeed. Never saw such a lame saying in my life yet.
pixel: A mischievous magical spirit associated with screen displays. The computer industry has frequently borrowed from mythology. Witness the sprites in computer graphics, the demons in artificial intelligence and the trolls in the marketing department.
mrbrown
Site Admin
Posts: 1537
Joined: Sat Jan 17, 2004 11:24 am

Post by mrbrown »

pyrosama wrote:I was attempting to be constructive. If I am completely wrong in my understanding of these technologies you need not insult me, simply redirect my line of thought or ignore the topic.

I don’t know what you guys know that is why I am here. – To learn….. To contribute…..

So don’t be an ass.


P.Sama
I think it's quite fitting you got flamed for your post. We are sick of reading posts from people who do absolutely no research, don't back up their claims, or have no idea what they're talking about. If you want to contribute, then run some tests in the WO browser or directly on your PSP after figuring out what it is you're talking about in the first place. Don't just come in spouting random gibberish about concepts you clearly don't understand - we don't take that as constructive behavior.

There are posts here that explain buffer overflows (or provide pointers to pages that explain buffer overflows). Did you even read or search the forums before posting here?
zigzag
Posts: 129
Joined: Wed Jan 26, 2005 2:11 pm

Post by zigzag »

Good entertainment value!
ichan
Posts: 7
Joined: Sun Apr 03, 2005 1:28 am

Post by ichan »

this thread deserves to be stickied or at the very least, moved to the incredible hall of shame.
Pikoro
Posts: 56
Joined: Thu Jan 13, 2005 9:57 am

Post by Pikoro »

mrbrown wrote:I think it's quite fitting you got flamed for your post. We are sick of reading posts from people who do absolutely no research, don't back up their claims, or have no idea what they're talking about. If you want to contribute, then run some tests in the WO browser or directly on your PSP after figuring out what it is you're talking about in the first place. Don't just come in spouting random gibberish about concepts you clearly don't understand - we don't take that as constructive behavior.

mrbrown, I've been going through the forums and i think that _you_ are the one that is sick of reading posts from people who have "no idea what they're talking about". I find nearly all the other mods to be reasonable when pointing out a flaw or saying that something is redundant.

A forum is supposed to be for the sharing of ideas, and lines of thought, because otherwise, you'd have to think up every little thing yourself. Granted, what pyro is talking about is not quite the meaning of the discussion that we had, however, you seem to take great pleasure in locking perfectly good lines of thought. Because that's what they are. Bringing out ideas that could perhaps prompt someone else to come up with something better.

Get a grip. If you dont' like what someone posts, state that, but i dont' think you should take it upon yourself to determne what everyone else wants to post about.

If you think someone has no idea what they're talking about, and it's not an obvious troll, why don't you help them out, or at least link to the topic that you say is redundant before locking. You know, a few words go along way towards helping someone.

If you dont' want to link to a similar post that might help someone understand something they dont' fully know, perhaps because you dont' want to take the time to search for the exact post that you're talking about, how do you think the person that did the original post is going to find it?

Lead by example?

Cheers
mrbrown
Site Admin
Posts: 1537
Joined: Sat Jan 17, 2004 11:24 am

Post by mrbrown »

Pikoro, my only response is that I'm doing my job as a forum moderator. Here I have only reiterated points brought up by myself and other moderators. You are free to disagree.
User avatar
Drakonite
Site Admin
Posts: 990
Joined: Sat Jan 17, 2004 1:30 am
Contact:

Post by Drakonite »

Pikoro wrote: If you think someone has no idea what they're talking about, and it's not an obvious troll, why don't you help them out, or at least link to the topic that you say is redundant before locking. You know, a few words go along way towards helping someone.
Letting people learn how to use the search feature of the forums helps everyone.
Shoot Pixels Not People!
Makeshift Development
KresentPhresh
Posts: 2
Joined: Fri May 20, 2005 12:11 pm
Location: Seattle
Contact:

Post by KresentPhresh »

I have an idea! Let's be constructive and make fun of people that don't know as much as us! Obviously, we know EVERYTHING and we always have, and we've never gone to anyone else looking for help, so let's all be merry and make fun of the people that are trying!

I remember this one time when I was working at Hollywood Video, this little kid tried to exchange his Grand Theft Auto cuz he got the dreaded Disc Read Error, so I said, "No, your Playstation is broke and you're stupid for not knowing it like I do!" And then I hit him in the face with "Ghostbusters 2".
ooPo
Site Admin
Posts: 2023
Joined: Sat Jan 17, 2004 9:56 am
Location: Canada
Contact:

Post by ooPo »

When you talk out of your ass - don't be surprised when people think you're full of shit.

We're not here to hold hands and be superfriends.
allthatinny
Posts: 24
Joined: Fri May 06, 2005 5:59 pm

Post by allthatinny »

not everyone have the same exp as someone else. Like when i posted the wipeout thing i found and ooPo deleted it. I think that it could be something interesting and ppl could atleast add some ideas to it but i guess my intel is not good enough for the forums so i just kept on reading and learning more i never got mad and flaming other ppl. We are all here to help each other not to announce what we made or found. Every little theory or guess can help alot and as we know we are on to something big cuz sony wont create a update 1.51 for everyone :)

*EDITED: P.S. This is a "PSP Exploit Research Discussion" not a off topic forums so lets stay on the topic folks ;)
KresentPhresh
Posts: 2
Joined: Fri May 20, 2005 12:11 pm
Location: Seattle
Contact:

Post by KresentPhresh »

I wanna hold your hand, Oopo, and stroke your soft skin.

Anyway, I was under the impression this was a PSP Exploit Research "DISCUSSION" forum. Y'know, where you do things like DISCUSS your PSP Exploit Researching.

So, lemme ask, if you guys are so damned brilliant, why haven't you figured out how to get my PSP to stream japanese tentacle porn for me?! Huh!? My GOD, you guys must be uber retarded! Pfft! REAL hardware master have already figured out how to use their PSPs to hack Russian spy satellites and watch live video of Lindsay Lohan changing her tampon, and you're still trying to figure out how to play Duck Hunt! Bahaha! I laugh! Oh, not only do I laugh, I SCOFF!

*SCOFF*

See?! I scoffed! And it was GOOD!

-KresentPhresh
"Yes, I'm nuts."
asmodi
Posts: 52
Joined: Mon Feb 07, 2005 3:39 am
Location: Göteborg/Oslo - Se/No

Post by asmodi »

This is an exploit topic on a PS2/PSP dev forum, who said that people should help out with the understanding of BOF?

Pikoro, the search function is there for a reason. It's like someone asking you on your forum what a PSP is, or stating that the PSP is something else.
It's not in my nature to be mysterious, but I can't talk about it, and I can't talk about why.
th0mas
Posts: 43
Joined: Sun Apr 24, 2005 1:59 am
Location: Canada
Contact:

Post by th0mas »

just saw this on securityfocus:

http://www.securityfocus.com/archive/1/ ... 05-05-23/0

does wipeout browser open TIFFs? ;)
oneman
Posts: 4
Joined: Sat May 21, 2005 3:42 pm

Post by oneman »

It seems to download the tif but not display it.

http://rawdod.com/test.html
http://rawdod.com/test.tif
th0mas
Posts: 43
Joined: Sun Apr 24, 2005 1:59 am
Location: Canada
Contact:

Post by th0mas »

thanks for testing it oneman; I do'nt have wipeout so I can't test it myself.
pyrosama
Posts: 66
Joined: Fri May 13, 2005 1:08 pm

Post by pyrosama »

I belive I read something a while ago about there being a way to exploit a system with a jpeg - I searched on google for a little while with no results but if there is it may not have been adressed when designing the browser for wipeout seeing is it wasnt intended to be used as a full function browser.


P.Sama
User avatar
Mawdsley
Posts: 47
Joined: Thu Feb 10, 2005 10:53 pm
Location: UK

Post by Mawdsley »

pyrosama wrote:I belive I read something a while ago about there being a way to exploit a system with a jpeg - I searched on google for a little while with no results but if there is it may not have been adressed when designing the browser for wipeout seeing is it wasnt intended to be used as a full function browser.


P.Sama
JPG/PNG exploits were using a NTFS feature. Basically any file on NTFS can have multiple streams. The exploit involved a malformed jpg containing an exe in the second stream. I dont know the specifics but they got the second stream executed.

As this is specific to machines running NTFS there is no point trying it on the psp.
pyrosama
Posts: 66
Joined: Fri May 13, 2005 1:08 pm

Post by pyrosama »

Now every one knowing that I dont know much... How about this thought....


I belive I saw the save data encyption key floating around (Not sure though)

If so then the recent update for wipeout is stored on the memory card and the data is read and executed from the memory card....

Would that not be an easy target to exploit? It is looking for files on the mem card that have to have some sort of data that it executes to update the game (or does it simply look to that file as content rather than installing an update file some place?) So modify the update (if not encypted in the same manner as the game files) and have it update the game with an exploit programed into it.


Yeah I know this forum isnt for random thoughts and unsuported theorys but seeing how this thread is trash as it is I figured I might as well post it here.


P.Sama
steddy
Posts: 139
Joined: Mon Apr 04, 2005 3:53 am

Post by steddy »

Mawdsley

JPG / PNG exploits do not rely upon NTFS file systems but are related to corrupt headers in the main stream which cause buffer overflows.

I have tried PNG with the known exploits and the PSP just displays a placeholder image for it. I posted previously on this topic (and got flamed and locked).

Steddy
User avatar
Mawdsley
Posts: 47
Joined: Thu Feb 10, 2005 10:53 pm
Location: UK

Post by Mawdsley »

steddy wrote:Mawdsley

JPG / PNG exploits do not rely upon NTFS file systems but are related to corrupt headers in the main stream which cause buffer overflows.

I have tried PNG with the known exploits and the PSP just displays a placeholder image for it. I posted previously on this topic (and got flamed and locked).

Steddy
Not what I read, but we could be talking about separate exploits here. No point arguing.
Post Reply