157w ago - This weekend SKFU shared news of a research project that himself, iQD and a few others have began work on with the PS3 Blu-ray drive in order to, among other goals, run PlayStation 3 game backups from the PS3 HDD.

Getting Sony's PlayStation 3 entertainment system to function without a BDD was not a difficult challenge for them, however, many may recall previous attempts by MysticHades among others to examine PS3 hacks which allow running game backups from the hard disk drive.

Earlier this year, knightsolidus detailed the Blu-ray drive PS3 CXD4302GB Chip Test Points, and Spanish site Elotrolado reported on a PS3 exploit found to run PlayStation 3 backups along with a leaked Sony Disc Boot Game Patch Programming Guide.

Prior to that, PS3 developers examined several PS3...

168w ago - Today infamous PS3 hacker GeoHot has blogged that users should not update their PS3 entertainment systems to PS3 Firmware v3.21 when it is released this Thursday as it will disable the OtherOS functionality, and as incentive not to update he has promised the very community he isn't sharing details on how to dump lv2 with that he will work on a solution which could include PS3 Custom Firmware.

To quote: "A note to people interested in the exploit and retaining OtherOS support, DO NOT UPDATE. When 3.21 comes out, I will look into a safe way of updating to retain OtherOS support, perhaps something like Hellcat's Recovery Flasher. I never intended to touch CFW, but if that's how you want to play...

Two things, some people seem to think CFW will enable some sort of piracy. It won't. It'll just be a custom version of 3.21 that doesn't lose OtherOS support. Hacking isn't about getting what you didn't pay for, it's about making sure you do get what you did.

And this is about more than this feature right now. It's about whether these companies have the right to take away advertised features from a product you purchased. Imagine if an exploit were found in Safari on the iPhone, but instead...

170w ago - Today xorloser has updated his XorHack PS3 Exploit Toolkit to XorHack v2.0!

Download: XorHack v2.0: The Updated PS3 Exploit Toolkit

To quote: After using the XorHack for a while I realised it was missing some things so I decided it was time for an update. New syscalls have been added to give finer control over data access, now providing 8, 16, 32 and 64 bit reads and writes.

Also some new ioctls were added to provide additional useful functions for your userland code. Lastly new userland applications were added which now give the ability to read, write and execute memory from the command line.

Hypervisor Exploit Changes

At the innermost level some more syscalls are now added to the hypervisor when initially exploiting the PS3. These use different syscall numbers to the previous exploit code in order to group them all together rather than scattering them all over the place.

This should make keeping track of them easier. There are now nine syscalls added to the PS3 upon exploiting. These are added as syscalls 32 to 40 inclusive. Previously syscalls 16 and 20 were used...

170w ago - Today GeoHot has posted a few pictures (below) with the title "Custom Themes?" on the latest PlayStation 3 blog entry, however, no other useful details are available of the PS3 hack demonstration.

To speculate, it appears to illustrate modifying the PS3 GameOS XMB memory areas, but this was already known over a month ago when word first spread of the PS3 Hypervisor lv2 being dumped and reversed.

It's an RCO file edit, just like RCO edits on the PSP (almost same format too). RCO files are resource files for VSH plugins, live in the dev_flash, and aren't signed. To edit them on your system, patch your hypervisor to allow encrypted access to the partition (flash on old systems, hd on new), and mod ps3pf_storage. dev_flash is just a FAT partition, mount it in Linux and change what you'd like.

Nevertheless, it looks like progress is indeed being made editing and replacing an RCO in /dev_flash/vsh/resource/, although it would be nice if the information was made public so that other PS3 Devs in the scene could join in the fun.

From NDT: Le foto sono vere al 100% Ha modificato gli RCO dal dump della ram ma dato che non sono signed questo significa proprio poco. Si vede che stava cercando anche lui qualcosa da postare.

Rough translation: The photos are real 100% Changed...

172w ago - Today xorloser has shared his XorHack: The PS3 Exploit Toolkit which allows you to call lv1 syscalls (level 1 system calls) from a normal (userspace) program and run the software required when triggering the PS3 exploit from a normal userspace program.

To quote: I finally found the time to complete the PS3 exploit toolkit software I mentioned to in my previous posts. I call it XorHack.

It allows you to call lv1 syscalls (level 1 system calls) from a normal (userspace) program. It also lets you run the software required when triggering the PS3 exploit from a normal userspace program. To give an example of how it can be used I have included the following example programs:

ps3exploit - Runs the software required to exploit the ps3, it loops a number of times which can be specified as a parameter. (This still must be used along with the "button pressing", it will not exploit the PS3 via software alone).
dumphv - Dumps the hypervisor to a file in the current directory.
dumpbl - Dumps the bootloader to a file in the current directory.
dumprom - Dumps the system rom to a file in the current directory.

The XorHack package contains full sourcecode...