PS3 is Hacked by George Hotz - Hello Hypervisor, I'm GeoHot!


221w ago - The PS3 is hacked, at least according to George Hotz on his latest blog entry (linked above)!!!

This news comes just under a month after he resumed PlayStation 3 hacking!

To quote: "Hello hypervisor, I'm geohot

I have full read/write access to the entire system memory, and HV level access to the processor.

In other words, I have hacked the PS3. The rest is just software. And reversing. I have a lot of reversing ahead of me.

Took 5 weeks, 3 in Boston, 2 here, very simple hardware cleverly applied, and some not so simple software.

Shout out to George Kharrat from iPhoneMod Brasil for giving me this PS3 a year and a half ago to hack. Sorry it took me so long

As far as the exploit goes, I'm not revealing it yet. The theory isn't really patchable, but they can make implementations much harder. Also, for obvious reasons I can't post dumps. I'm hoping to find the decryption keys and post them, but they may be embedded in hardware. Hopefully keys are setup like the iPhone's KBAG.

A lot more to come..."



Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

Comments 287 Comments - Go to Forum Thread »

Quick Reply Quick Reply

stef1578's Avatar
#247 - stef1578 - 220w ago
25 Janvier 2010, 23:33 ps3gen.fr/forums/hack-ps3-sony-reagit-publiquement-et-le-geant-ne-semble-pas-content-t36580-252.html

Ketchup wrote:Since PSPgen, and on PS3gen to, when there is a news like this (hack), it's generaly not just to speak about (->have a lot of poeple on the website), because we'll lost credibility (We are present ont the psp Scene), and we'll get nothing..

And "there is other website more "integrated" in hack than ps3gen.fr"... don't forget that in the psp scene, we have some dev who is not so bad...
Sorry for my bad english guy.. i do my best

edit 1 -> it's about that ps3gen has a dump :-)
they say, there is no reason to claim they have dump if they don't have it (by the administrator ketchup)

ernvil's Avatar
#246 - ernvil - 220w ago
Wow I guess a lot of people are really following this thing.

It was even on BBC! :O

Scrapy's Avatar
#245 - Scrapy - 220w ago
been glued to the computer all day following this, cannot wait for something concrete.. looks promising at the moment

would be nice to have some new dashboards like seen on the xbox1... cannot imagine what sort of homebrew awaits. and the emulators , n64 should run rather nice

anyway here's to hoping GeoHot finds those keys, or whatever needs to be done

PS3 News's Avatar
#244 - PS3 News - 220w ago
Another GeoHot update:
I'll tell you what I have so far. I have added two hypercalls, lv1_peek and lv1_poke. peek reads memory in real space(including all the MMIO), poke writes it. I can also add other arbitrary hypercalls as I see fit.

The hypervisor is complicated, it is written in C++ and is PPC, which I am not that familiar with yet. At first I was trying to add a hypercall to add arbitrary real memory to the LPAR, but it kept crashing(because I can't code), which is really annoying, because I have to wait while Linux reboots.

Some people pointed out that I have not accessed the isolated SPEs. This is true. Although as far as doing anything with the system, it doesn't matter. The PPE can't read the isolated data, but it can kick the isolated SPEs out. Decrypt the PPE binary you need using the intact SPE and save the decrypted version. Kick out the SPE, and patch the decrypted version all you want. And interesting note, by the time you get to OtherOS, all 7 working SPEs are stopped.

Despite this, I am working on the isolated SPEs now(which I can now load), because what I'd really like to do is post decryption keys here so you guys can join the fun.

xUb3rn00dlEx's Avatar
#243 - xUb3rn00dlEx - 220w ago
Thank you very much. It makes sense on Sony's part since it's cheaper, sadly I didn't think like a businessman in the beginning. I guess for now the hack will only be available for the "fatty." I am curious as to what this hack means for any possible re-implementation of otherOS in any future PS3 releases (like SlimV2 or whatever you want to call it.)

I'm guessing they completely scrapped it with this one with no intention of ever bringing it back, ever. Still, one can dream no? Perhaps after the devs work this hack out more and more we'll be able to launch a different operating system on the slim through external means? (This is if the hack for the fat PS3 gives any indication that something may also have a loophole on the slim version.)













Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News