PS3 Glitch Finder v1.0 VHDL Design for Spartan-3 FPGAs Arrives

Good looks bro! Wish I had the engineering skills to do this when i'm bored!!

Reply

//Off Topic

The pinned "Ps3 hack status" topic can now be updated

Reply

Nah, mainly as most users come here seeking to play PS3 game back-ups and until that is possible all we can do is refer them to that thread saying it isn't yet basically. When it is possible and we have a guide on doing it, then I will update it and link to the guide of course!

Anyway, let's keep this thread on topic now.

Reply

No disrespect intended, but why are we wasting time reinventing the wheel here?

I'm not a developer or hacker (wish I had the skills) but it seems rather obvious that since we already have the pulse exploit and it does work, why are we wasting time improving the method to be easier? It seems we should move on from this and come up with more information or a more useful exploit.

Now there may be something worth it that I'm missing, but hey from what I can piece together this is my basic opinion on the matter.

But other than that, I suppose it does look like a "suped-up" version of the already-available exploit. It just seems unnecessary.

Reply

Yep, I kind of agree with you...

I guess the only thing happening here is that the glitching method is getting "professionalized", 'cause it seems that this thing does the same stuff that the other "rudimentaries" devices also do, but in a fancier, easier and more controled way.

I wouldn't call it a real progress, but it sure is a very nice form of doing the glitching, and it's nice to see that some people are still working in that matter. I think this guy deserves some credit for doing this.

Reply

Pretty much this is what modrobert has been spending his time working on that he wanted to share with the community... it just happened that a few other others made their own prior to him releasing his, but it's definitely still handy for some I imagine.

Reply

Now, what would be really interesting is applying this kind of hack to finding the PS3's root key: http://www.theregister.co.uk/2010/03/04/severe_openssl_vulnerability/

Seems someone who understands FPGA programming might have the chops to tackle that...

Reply

This will at least help developers to use another type of device to activate the exploit. As I've understood, the several methods presented require some expensive hardware and if there is other hardware being able to do the same thing I guess some are happy to be pointed to what HW you're able to use.

Reply

Ok i got a complete noob question for you guys.. What exacly are you guys trying to do with all this hardware stuff or trying to find? Is anything being tested with software or what? i don't understand anything that has been going on since George released the exploit.

Reply

This is basically an alternative to trigger the PS3 glitch exploit that some (who haven't done it yet) may find easier, less expensive or just more convenient if they have the parts on hand.

The main issue with the previous attempts, athough they all do work, is timing... to trigger the glitch it takes a lot of patience and very accurate timing. This method aims to reduce the precision needed to generate the required pulse.

Reply

From what I understand (at least according to the posts i've followed) people are trying to recreate loading metldr to decrypt .pkg's and .self's. I'm not completely solid on why but people are also trying to dump LV2 (possibly the two goals are related?). Ultimately the goal is to use the decrypted information to run unsigned code.

I understand the importance of finding out and understanding all of the system calls, but is the intention to use this information to find an additional (easier to achieve) exploit and then use that to run unsigned code? Or is the intention to use the current exploit? If I had to guess i'd think the intention would be to just run unsigned code, and keep a lookout if an easier exploit pops up along the way (after everything is properly dumped and mapped).

Reply

This Glitch Finder is little over the top, the demo board cost alone must be in the range of $1 k USD. Gezzz. I think a 555 timer would do the same thing.

But the question is where does one tie the Glitch Finder too on the ps3 main (mother) board? Which device and what is the pin number?

Reply

Hi,

Nice work on the design, nice board. Do you have a Circuit diagram for this ?

Reply

I found the answer to my question , in xorloser’s blog under PS3 Exploit: Hardware.

Reply