PS3 Glitch Finder v1.0 VHDL Design for Spartan-3 FPGAs Arrives

Category: PS3 Hacks & JailBreak By: PS3 News - (eurasia.nu)
Tags: ps3 glitch finder v1.0 ps3 vhdl design ps3 spartan-3 fpgas ps3 hacks

171w ago - Today modrobert has released PS3 Glitch Finder v1.0, which is a VHDL design for Spartan-3 (eg. xc3s400) FPGAs with the purpose of easily creating a custom pulse which can be used to glitch various hardware like the PS3 memory bus.

Download: PS3 Glitch Finder v1.0 VHDL Design for Spartan-3 FPGAs

From the ReadMe file: The pulse LOW and HIGH multipliers have a resolution of 255 (X"FF") and can be set independently.

Features:

• Cycle exact pulse generator process tested with logic analyzer
• Digital Clock Manager (DCM) primitive @ 200MHz (5ns) with lock handling
• Continuous pulse or one-shot mode selectable via switch
• Debounce handling for push buttons to prevent erratic behavior
• Set the LOW and HIGH pulse length multipliers via buttons
• 7-seg LED display support showing HIGH and LOW pulse multipliers
• Open source release under GPL v2

Requirements:

The target device is a Spartan-3 fitted on an FPGA board (eg. Spartan-3 Starter Kit, Basys, Nexys, or similar). You need 5 push buttons (3 is ok also), a four digit "seven-segment" LED display, a dip switch, two regular LEDs, an external crystal/clock at 25MHz or 50Mhz, and a free I/O port.

Notes: This design is probably overkill for the purpose intended, but I had fun creating it, so one thing led to another. After the pulses are sent the output port drives "Z" (instead if HIGH), thought that might be a good idea to keep the PS3 linux kernel from crashing.

I've only tested PS3 Glitch Finder with a logic analyzer, not a scope yet, so the tri-state function has not been properly tested. By driving the pulse low and switch to "Z" I did notice that there can sometimes be roughly 300ns delay before high impedance occur, so to prevent the pulse generator from sending an invalid long low pulse I made sure the output is high before driving "Z".

If you want to start out in the footsteps of geohot, switch to one-shot mode and then set the low pulse multiplier to 8 (8 x 5ns = 40ns) and the high can be 8 as well (don't think it matter much since only one pulse is sent).

Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

14 Comments - Go to Forum Thread »

#14 - Denbo44 - 170w ago

Originally Posted by Denbo44

This Glitch Finder is little over the top, the demo board cost alone must be in the range of $1 k USD. Gezzz. I think a 555 timer would do the same thing.

But the question is where does one tie the Glitch Finder too on the ps3 main (mother) board? Which device and what is the pin number?

I found the answer to my question , in xorloser’s blog under PS3 Exploit: Hardware.

#13 - wickedpenguinbo - 171w ago

Hi,

Nice work on the design, nice board. Do you have a Circuit diagram for this ?

#12 - Denbo44 - 171w ago

#11 - SenorPickle - 171w ago

Originally Posted by hunterrr

Ok i got a complete noob question for you guys.. What exacly are you guys trying to do with all this hardware stuff or trying to find? Is anything being tested with software or what? i don't understand anything that has been going on since George released the exploit.

From what I understand (at least according to the posts i've followed) people are trying to recreate loading metldr to decrypt .pkg's and .self's. I'm not completely solid on why but people are also trying to dump LV2 (possibly the two goals are related?). Ultimately the goal is to use the decrypted information to run unsigned code.

I understand the importance of finding out and understanding all of the system calls, but is the intention to use this information to find an additional (easier to achieve) exploit and then use that to run unsigned code? Or is the intention to use the current exploit? If I had to guess i'd think the intention would be to just run unsigned code, and keep a lookout if an easier exploit pops up along the way (after everything is properly dumped and mapped).

#10 - PS3 News - 171w ago

Originally Posted by hunterrr

What exacly are you guys trying to do with all this hardware stuff or trying to find?

This is basically an alternative to trigger the PS3 glitch exploit that some (who haven't done it yet) may find easier, less expensive or just more convenient if they have the parts on hand.

The main issue with the previous attempts, athough they all do work, is timing... to trigger the glitch it takes a lot of patience and very accurate timing. This method aims to reduce the precision needed to generate the required pulse.

Page 1 of 3 12 3 ›LAST »

Related PS3 News and PS3 CFW Hacks or JailBreak Articles

• PS3 EDAT Devklic Bruteforcer v1.0 / v1.1 By JjKkYu is Released
• MAME 0125 (Multiple Arcade Machine Emulator) for PS3 Release 1 Out
• PS3 Game List by Nullptr PlayStation 3 Homebrew App is Released
• MultiMAN v04.40.00 PS3 Server and Showtime Edition Updates Out
• ScummVM 1.6.0 PlayStation 3 Emulator Updated, +4 to Engines
• PSN Tool v1.0 and PSN Tool Creator v1.0 to Combat PSN Bans Arrive

PlayStation 3 Links
• Contact Us E-Mail
• PS3 Affiliates
• PS3 CFW & MFW
• PS3 Debug Firmware
• PS3 Decrypted PSN Links for CFW
• PS3 Downloads
• PS3 EBOOT.BIN Original File Links
• PS3 Firmware
• PS3 Game Releases List
• PS3 Guides & Tutorials
• PS3 Hacking Guides and Tutorials
• PS3 Hacks & JailBreak
• PS3 Help & Support
• PS3 JailBreak Game Compatibility List
• PS3 JB2 / True Blue (TB) Game Links
• PS3 multiMAN Updates
• PS3 News Forums
• PS3 News Site FAQ
• PS3 News Site Advertising FAQ
• PS3 News Site Posting FAQ
• PS3 News Site Privacy FAQ
• PS3 News Site Rules
• PS3 News Site Tag Cloud
• PS3 News Site Terms
• PS3 Resources
• PS3 Reviews
• PS3 Save Files Repository
• PS3 Themes
• PS3 Trophies List
• PS3 Videos
• PS Vita Trophies List

PlayStation 3 News Discussions

Sony PlayStation Store PS3 and PSN Updates for June 18, 2013 - 22m ago

I own a PLUS obtained with a voucher code, i activated the voucher one week ago but now i can't see Saints Row anywhere.. why? Is that because my a...

By Brenza with

1 Comment »

Rogero CEX PS3 Custom Firmware (CFW) v4.21 is Now Released! - 28m ago

has anyone jailbroken ofw 4.41 cech3012b?...

By tutpark with

1600 Comments »

PS3 System Software Update 4.45 Released, Mass Bricking Reports - 3h ago

After swapping back in my original 160GB HDD, I was still getting the 8002F281 error. I ended up having to do a full PS3 Reset and reformat of the 160...

By Transient with

9 Comments »

PS3 System Software Update 4.45 Released, Mass Bricking Reports - 4h ago

poor bugger. at least you got ps3 back i guess. i don't want my ps3 much anymore so i'll wait n see what sony offers before updating to a brick. lol...

By elser1 with

9 Comments »

Latest PlayStation 3 Trophies