100w ago - Today PS Vita hacker wololo has made available a Half Byte Loader (HBL) development FAQ for those interested in progress thus far on Sony's PlayStation Vita handheld console.
Also below he states that he has ported HBL for Teck4's exploit successfully and updated to EU/US versions.
To quote: I managed to port HBL to the US version of Teck4′s exploit in exactly 45 minutes (including writing the savedata exploit and the binary loader), which is a new personal record, thanks to the scripts included in HBL's repository, and also to the fact that the different versions of the game are internally fairly similar (which is to be expected because technically the game is supposed to be the same, just translated, but I seem to recall it wasn't that easy for the Hotshots golf exploit)
I also updated the EU/US versions of this HBL port to get the tweaks I worked on for the past weeks in order to get a fair amount of homebrews to work.
The next step for me is to write a bit of documentation on how to use all this, and then patiently wait. As far as a release is concerned... well check the FAQ I wrote yesterday.
I could spend time polishing this port of HBL for the Vita, improve compatibility, and I might do it, but since there's a high risk this gets used by only a small amount of people before it gets patched, I'll probably leave it in its current state for now. It's probably not worth working too much on the details if nobody ends up using it. Of course if by some sort of miracle this doesn't get patched immediately by Sony, I'll update it accordingly.
Now let's all wait (I'm probably more excited than anybody else about this release, really...)
A FAQ for HBL on the Vita
We've seen through Teck4′s exploit that PSP exploits run flawlessly on the PSP emulator of the Vita. I've spent the past 3 weeks working on leveraging Teck4′s exploit and port HBL to it. I've been receiving lots of questions (probably from people who haven't used HBL back when it was the only possible way to play homebrews on the PSP Go) and will try to answer them here.
What is HBL?
HBL stands for "Half Byte Loader". This is a homebrew loader for the PSP, which was written initially by m0skit0, then improved and maintained by a bunch of devs including myself (those two links are good old memories, when HBL wasn't loading a single homebrew properly). It basically allows to run fanmade games, emulators, etc on the PSP. We've found that it can run on the PS Vita through the PSP emulator.
Will this allow to run PSP backups (isos)?
Although in theory that would be possible, HBL only has access to the PSP "user mode" which is fairly limited. Practically, all teams who have tried to create an iso loader in user mode on the PSP have failed so far.
Will this allow to run PS Vita game backups?
Does this give us access to the Vita hardware (touch screen, etc)?
No. HBL accesses the hardware through the PSP emulator, and therefore only has access to what is mapped to the PSP controls. It also only has access to 32MB of ram, etc
Does this give us possibilities to hack the vita further?
Most likely, not. HBL is stuck in user mode, in a sandboxed emulator. To get access to Vita information, we would need first to get kernel access in the emulator (through a psp kernel exploit), and then find other exploits in the emulator/OS itself to break away from the sandbox (which, if the Vita OS is as secure as I think it is, is close to impossible)
But will it give us more horsepower than the psp? Can we expect emulators to run faster, etc?
This still needs to be investigated deeper, but from what I've seen, not really. Memory stick access is definitely faster on the vita (Wagic loads between 5 and 10 times faster on the vita than on a psp go), but the rest seems to follow the psp limitations (as one would expect from an emulator)
Will this be made public?
Yes. Teck4 (who found the exploit) and I agreed to making this public at some point.
When will this be made public?
Some time after the Vita is released worldwide.
I heard Sony can patch this very easily as soon as it's made public?
Yes. Since this uses a vulnerability in a PSP game, as soon as they know which game it is, Sony can remove the game from the PS Store. Once they do that, they can patch the Vita firmware to reject the "malicious" files (either by preventing them from being copied through the content manager assistant, or by patching the PSP emulator, or by patching the PSP game, etc). At that point, people who don't already have the game on their console won't be able to use HBL. Also, people who do have HBL will need to never upgrade their firmware, will have to use some tools such as OpenCMA in order to copy files to the vita, and will be locked out of the PS Store as long as they want to use homebrews.
So shouldn't you keep this under wraps instead?
Meh, it's not like anything is really secret here besides the name of the game. It's already pretty sure this is not useful for hacking the vita further, so even if it gets patched I don't think we will lose "too much".
No iso, no access to the vita internals, and Sony will patch it as soon as it's out, so basically it's useless?
Yes and No. Technically, a hacked PSP is way cheaper and will allow you to do more than that. But this is, as I write these lines, the only way to run unsigned code on the Vita, which in itself makes it a great achievement (and it's always cool to show your friends that your Vita can run Mario, and theirs can't). Also, it didn't take too much time to adapt since most of the code was already available from our past work in the psp scene. It would have been even more useless to say "oh yeah, interesting, we can run psp exploits on the vita" and not do anything with it.
How do you copy/install homebrews to the ps vita, since it cannot be mounted as a regular usb drive?
This will be explained when HBL is released.
Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!
As previously reported, PlayStation Vita developer wololo has now released the PS Vita Half Byte Loader (VHBL) and updated the source code for the Motorstorm Arctic Edge buffer overflow exploit according to plan!
To quote: If you are lucky enough to be one of the few owners of Motorstorm Arctic Edge, VHBL is now available for download.
Please report Success/Failure here or on our forums (wololo.net/talk). As you will see, installing homebrews is a bit of a pain, so if you’re a good hearted guy who understands my explanations in the readme, please feel free to share homebrews packaged “correctly” for VHBL.
Note: you can have several homebrews in one “install” file. For example if you zip all your PSP/GAME folder, all the homebrews in there can be installed at once by VHBL.
HBL port to the KR/US/EU/JP versions of the exploit by Wololo. Thanks go to:
Teck4 for the Motorstorm exploit
All the devs who made HBL what it is today, in particular m0skit0 and JJS
Mamosuke, j416, Some1, and all the other devs who kept the secret, that’s much appreciated guys
Monsieur2T2R for the cool VHBL icons/wallpapers
For now, I’m off to bed, but I'll be sure to post more in the days to come, with updates, tutos, technical explanations, etc...
Vita Half-Byte Loader
Vita Half-Byte Loader is a project to port the PSP homebrew loader HBL to the Playstation Vita, through the PSP emulator on the Playstation Vita.
For the latest news about Vita Half Byte Loader, check the VHBL Category on this blog.
Half-Byte Loader (HBL) is an open source Homebrew Loader for the Sony PSP and the PS Vita. It allows to play fan-made games on any PSP up to firmware 6.60, and on the Vita up to firmware 1.61. HBL allows to run emulators for the Game Boy, Nintendo 64, Sega Megadrive, NES, Super NES... and many other applications.
VHBL does not technically allow you to play any pirated PSP or Vita games.
Although VHBL is free and open source, the current version relies on a vulnerability in a specific PSP game (Motorstorm Arctic Edge) that you need to buy from the PSN. VHBL comes with no guarantee, especially I cannot guarantee it will work on your Vita, so remember that you pay for a PSP game, and not for anything else. I do not do refunds for the money you gave to Sony
It is super easy for Sony to patch the vulnerabilities used by this tool, given the amount of control they have on the PS Vita. VHBL runs fine on firmware 1.61, but for all I know it is possible for Sony to patch the game’s vulnerability without a firmware update. So, once again, before buying the game and downloading VHBL, you need to understand that you pay for the game, and VHBL is a bonus that might or might not work
How to Install and Run HBL
It is *strongly* recommended that you turn of all wireless connections on your PS Vita, and that you use OpenCMA (wololo.net/downloads/index.php/download/1252) on your PC instead of the regular CMA. This is recommended because otherwise your console has a way to force you to upgrade the firmware even before you get a chance to use the exploit.
Extract this HBL archive in your CMA PSP Savedata folder. It is a folder on your PC named PSSAVEDATA/[lots of random characters here]. If you don’t know where it is, check your settings in CMA
Connect your PS Vita to the PC through the CMA, it should give you the possibility to copy the savedata from your PC to the Vita. If not, you probably extracted it in the wrong folder. (Note: You will also want to install some homebrews with a similar technique, read the section below)
To run HBL, start the Motorstorm game, select “Load” in the savegame menu, open the HBL savegame, then go to “Wreckreation > Time Attack” and select “No”. At this point, HBL should start. See the video below for details:
Motorstorm Arctic Edge VHBL r141 Changelog:
Games using the Quake Engine such as KurokPSP (and probably Quake itself) now work!
Geometry Wars Portable, which was also not working for some reason, is now working fine.
How to Install and Run Homebrews
Installing homebrews on the PSP was an easy task. On the Vita, until better solutions are provided, it’s quite a pain in the ass.
The CMA will only let you copy savedata, and will not recursively browse folders.
To address this, HBL comes with a tool that can extract archives with a specific structure.
Packaging the homebrew for installation on the Vita:
1) download PSP homebrews from your favorite Web site (wololo.net/downloads)
2) extract the homebrew somewhere on your hard drive, and with your favorite utility, zip it again with the *store* setting (no compression), in a file that you will name “install.zip”
3) take any PSP savedata (but not the one used for HBL!), and add the “install.zip” to that folder, in your PC CMA folder. so your PSP Savedata will look something like this:
in folder PSSAVEDATA/1a2b3c4def5678/UCUS12345000/ (or something like this) you will have the following files:
Here you can download an example of packaged homebrew: Doom (http://www.mediafire.com/?yl8518xxh8v9xvp)
1) run OpenCMA on your PC, and CMA on your Vita
2) copy the previously packaged SAVEDATA (see above) with your homebrew in “install.zip” on your Vita
3) run HBL (how to run HBL is explained in the previous section)
4) navigate with the HBL menu to the SAVEDATA folder, then go to the folder you just downloaded (in my example, UCUS12345000), and clikc cross or circle on it
5) At this point, the HBL menu should ask you if you want to install the homebrew. select yes, and wait until HBL is done extracting your homebrew
6) The homebrew is now installed, and you can run it by going to the GAME folder, if everything went well, a new subfolder with your homebrew has been created here, and you can run the homebrew
OpenCMA is strongly recommended to install if you want to use VHBL. Open CMA is a tool by Virtuous Flame that allows you to copy files from and to your vita without being connected to the internet. This is useful, especially if you don’t want Sony to forcefully update your firmware.
Looking for homebrews that run on VHBL? Check this list (wololo.net/wagic/2010/07/18/15-essential-homebrews-that-run-on-half-byte-loader/) of 15 essential homebrews that run fine with VHBL.
Quick Installing/Using VHBL FAQ
As you might have noticed, using HBL on the PSP wasn’t easy, but on the vita it’s even worse. That’s partially because of the many limitations enforced by Sony’s CMA, but also because I was too lazy to make too many improvements to HBL and the wMenu (mostly because I didn’t want to spend too much time on a tool that people might ditch at the next Firmware update)
Anyways, here are quick answers to the most frequently asked questions I got over the past 3 days
Do I really need to have Motorstorm Arctic Edge in order to run VHBL?
For now, yes. Later versions of VHBL (if any) might rely on other games, but for now, MAE is required.
I don’t have Motorstorm Arctic Edge, and I can’t find it on the Store, where do I buy it?
You can’t. Sony removed the Game from their store on March 2nd.
Is there a way to install Motorstorm Arctic Edge even if I didn’t buy it in time? By sharing my account with somebody, or downloading it from somebody’s server?
No. Each copy of the game is tied to the account that bought it, and Sony made it so that the game cannot be re-downloaded for now, even for those who bought it.
I tried to copy the exploit savedata, but The Vita tells me the data is corrupt, and refuses to copy it?
This seems to be happening mostly with the JP version of the VHBL exploit. Some sites have reported that if you mark all files in the savedata to not be read only, this will work. I’ll see if I can fix that in a future release.
I put a homebrew in “install.zip” as you explained, but the HBL menu isn’t able to install it. I’m pretty sure I did things right the “install.zip” file has to be a zip with “no compression” (also known as “store”. This option is available in most compression tools. I recommend 7zip.
I installed an emulator (or a Book reader). Now I want to install roms (ebooks) for it, do I have to reinstall the entire emulator?
In theory no, if you put the full path in your install.zip archive. For example, if you have a rom named “wololo.bin”, and want to put it in PSP/GAME/Snes9xTyl, just create all those folders, put the rom in it, and create an install.zip that will contain your rom (install.zip/PSP/GAME/Snes9xTyl/wololo.bin).
Practically, that can be difficult to remember, in which case the best is indeed to re-install the full homebrew with the roms in it. The benefit of this technique is that the HBL menu will detect the EBOOT file in your archive, and automatically understand where you want to install your stuff.
Note: you can have many homebrews in one install.zip, as long as they are in different subfolders. I personally simply zipped my entire PSP/GAME subfolder from my PSP Go, and installed the result on my vita)
How do I delete homebrews?
The easiest way is to go in the CMA on your Vita, and delete from there. Unfortunately it makes it difficult to know what you’re deleting. An alternate way is to install PSPFiler and use it to delete. I’m hoping to see some volunteer devs out there to provide alternatives if possible
oh well, there must have been a problem with the upload. i don't think that there is a way to transfer the game anyway. it says must sign in and redownload the content. the only other method i can think of is if sony puts a patched version of the game back on the store we could maybe link to this version with the vulnerability using charles and install it that way..