Sponsored Links

Sponsored Links

Results 1 to 9 of 9



  1. #1
    Banned User Luckluka's Avatar
    Join Date
    Jan 2010
    Posts
    146
    Sponsored Links

    Lightbulb W.I.P: PS3 Savegame Buffer Overflow

    Sponsored Links
    Yes, ladies and gentlemen, I am going to try and find a buffer overflow in one of my LOCKED Save-game files.

    (I mean, why the hell are they locked?, What is the reason? Buffer Overflow might be one reason )

    I now start experimenting with NFS:Shift locked game-save file. Follow me at lucklukadev on twitter!

  2. #2
    Registered User SaveU's Avatar
    Join Date
    Sep 2010
    Posts
    72
    Sponsored Links
    Sponsored Links
    I'm assuming they are locked to prevent trophy farming, online cheating with dupes etc..

    But good luck looking for bufferoverflow. The more people trying, the more people finding right?

    Infinite monkey on typewriter theory

  3. #3
    Senior Member iCEQB's Avatar
    Join Date
    Jul 2007
    Posts
    88
    Sponsored Links
    Sponsored Links
    Why do that? In case you really find a buffer overflow and out of a sudden manage to exploit it, you'd only gain the rights on the system every other program has, which is nearly nothing, not even setting mountpoints, so no backups.

    With this you could never write inside lv2 kernel space (which the jailbreak can), because every app runs inside a container within RAM, so as soon as you try to do something clever the system will lock up.

    So if you have the skills to make exploits, concentrate on porting geohots lv1 exploit to lv2, so we can access the hv that way... more useful then an app in lv2 user space

  4. #4
    Registered User SaveU's Avatar
    Join Date
    Sep 2010
    Posts
    72
    While I agree that porting geohots exploit would be worthwhile, couldn't this buffer overflow idea (if found and exploited) lead to some sort of homebrew for other firmwares??

    Like an exploitable savegame buffer overflow, that still exists in 3.50 could lead to homebrew in 3.50 couldnt it?

    Or am I missing something rudimentary here. (which is very possible.)

  5. #5
    Senior Member iCEQB's Avatar
    Join Date
    Jul 2007
    Posts
    88
    Yeah... but that would be pretty much it... it would be like HBL for PSP's. So if you are realy interested in this homebrew "scene" of the PS3 which only contains of backup managers which you couldn't use in the end... yeah absolutely.

  6. #6
    Contributor Wonderkik's Avatar
    Join Date
    May 2006
    Posts
    160
    Isn't the Ps3 protected against buffer overflow? I thought that was one of the reason we had to wait in order to crack the beast?

  7. #7
    Senior Member pasty745's Avatar
    Join Date
    Jul 2006
    Posts
    56
    But even the HBL for the PSP has been able to get kernel access in certain firmwares. If I remember correctly, there was even a ISO loader for one of them (don't feel like looking up which one, but I think it was 5.03). And I'm talking about the models with "un-hackable" MBs (i.e. the 3rd gen PSP-2000s and the 3000s). Also there is the new 6.20 loader that (supposedly) has kernel access and boots to the HBL.

    While I would say that the PSP is most likely an easier device to get this kind of access. Any progress with hacking the PS3 is great news. If a HBL can be made to work on PS3s with 3.50 and above, it still means that "the scene" is active and making progress. Good luck to anyone that is helping the PS3 hacking community. Every little bit of working code/exploits helps!

  8. #8
    Senior Member cfwprophet's Avatar
    Join Date
    Jul 2008
    Posts
    1,815
    It wasn't a HBL it was a CFW Loader. Pretty the sam like USB Firm Loader will be. The app loaded a cfw live into RAM. There for it was possible to play umd iso´s from mms device.

    Wonderkik is right. The ps3 hase a kind of anti buffer overflow system.Its not really anti and even not a system. Its simply the last syscal "lv1_panic" wich will be called in case something is going on that shouldnt be.

    Kind of emergency shutdown. And your buffer overflow or virus or trojan are killed

    The usb exploit and the payload hack is the only thing we can do to time.

  9. #9
    Banned User Luckluka's Avatar
    Join Date
    Jan 2010
    Posts
    146

    Thumbs Down

    Yeah, you are right, jailbreak IS enough, I might try porting geohot's exploit, but that still means we need to glitch the memory bus and stuff...

    Thread Locked.

 

Sponsored Links

Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News