I put this in the general discussion as i'm just after some general advice.
I did google, i promise :)
I got a PSP and am really looking forward to doing my own dev work on it, so i'd like to join the hacking effort.
I have a bit of experience writing exploits for bugs on x86 with intent to execute code, but that's about it. So i'm looking for pointers...
I guess the first step is for me to learn MIPS assembly and read about the R4000... that much is obvious.
The rest isn't, as seen as i have /zero/ console experience.
I'm guessing the most relevant info at this stage would be articles on how to do this stuff on PS2, like the save game exploits i've heard about... just for me to get an idea of how it's done, and the differences to what i already know.
Has anyone written an article detailing how they went about doing this on the PS2 for example? (kind of like the bug explanations and sample exploit code you find around bugtraq and similar places).
Thanks for any advice :)
Pointers to articles on console exploiting
Here's a fairly decent explanation of the PS2 Independence exploit (code is in the archive).
I don't know of any save game exploits for PS2.
I don't know of any save game exploits for PS2.
"He was warned..."
Thanks!
Hmm, from a quick glance, the actual particular method you use to get your payload executed is exactly the same as i'm used to...
Sorry, as i said i'm a total not-x86-PC n00b and just expected things to be strange and different. Feel a bit stupid now :)
Anyway, after that... all my questions (involving how you actually figure out what is supposed to be in the payload) are way too general... and i have no reverse-engineering experience to speak of.
Are we pretty much waiting on some unencrypted binary to appear we can disassemble, or do you think it's possible to figure out by slowly poking around?
Again, sorry for my noob questions. If you can point me to a general resource where i can read rather than pester people for answers that'd be cool.
Hmm, from a quick glance, the actual particular method you use to get your payload executed is exactly the same as i'm used to...
Sorry, as i said i'm a total not-x86-PC n00b and just expected things to be strange and different. Feel a bit stupid now :)
Anyway, after that... all my questions (involving how you actually figure out what is supposed to be in the payload) are way too general... and i have no reverse-engineering experience to speak of.
Are we pretty much waiting on some unencrypted binary to appear we can disassemble, or do you think it's possible to figure out by slowly poking around?
Again, sorry for my noob questions. If you can point me to a general resource where i can read rather than pester people for answers that'd be cool.
Personally I think folks should split off in to teams on every available PSP input. Not necessarily strict teams, but the effort needs to be a lot more organized than it currently is. There's EBOOT.PBP, Game Share, save files, WiFi, USB (are there any games that support a USB link yet?), the remote port, and of course the Wipeout Pure web browser. From reading the forums and lurking in #pspdev it seems like folks spend an hour (if that) discussing whatever idea pops into their head and then move on to the next. As short-sighted as I am I haven't made the effort to check out other "scene" sites to see if they are getting along any better...
Anyway :)
[/rant]
Anyway :)
[/rant]
"He was warned..."
> inputs
I'd be very surprised if the media player doesn't have a multitude of bugs waiting to be exploited... considering how many times overflow or similar bugs have been found in software like ffmpeg and mplayer (of course, on a PC this is nothing special, but on the PSP...), which are both considered to be very well coded.
Problem with this is that it resides in the firmware and would be patched at the next available opportunity...
> As short-sighted as I am I haven't made the effort to check out other
> "scene" sites to see if they are getting along any better...
I've not even found any, in my extensive googling. Only lots of sites dedicated to 'hacks'... ;)
Anyway, i'm going to go away now and not post again until i have something worthwhile to say :)
I'd be very surprised if the media player doesn't have a multitude of bugs waiting to be exploited... considering how many times overflow or similar bugs have been found in software like ffmpeg and mplayer (of course, on a PC this is nothing special, but on the PSP...), which are both considered to be very well coded.
Problem with this is that it resides in the firmware and would be patched at the next available opportunity...
> As short-sighted as I am I haven't made the effort to check out other
> "scene" sites to see if they are getting along any better...
I've not even found any, in my extensive googling. Only lots of sites dedicated to 'hacks'... ;)
Anyway, i'm going to go away now and not post again until i have something worthwhile to say :)
You might want to grab the core folks then, and get them into an invite-only channel. It looks like as long as people are "eeking out" hacks here and there there'll be distractions. There's no telling when trolls will get tired of making fake NES emulator videos and what-not, now that anyone can hack their save file image.ooPo wrote:I'm kinda waiting for the fuss to die down a bit before even attempting to get people focused.
"He was warned..."
[quote="Minase"]I'd be very surprised if the media player doesn't have a multitude of bugs waiting to be exploited... considering how many times overflow or similar bugs have been found in software like ffmpeg and mplayer (of course, on a PC this is nothing special, but on the PSP...), which are both considered to be very well coded.[/qoute]
mplayer well coded? Methinks you have missed the fact that April 1:st is already over... :-)
mplayer is a constant source of horrid examples of how not to code.
mplayer well coded? Methinks you have missed the fact that April 1:st is already over... :-)
mplayer is a constant source of horrid examples of how not to code.
Flying at a high speed
Having the courage
Getting over crisis
I rescue the people
Having the courage
Getting over crisis
I rescue the people