Sponsored Links

Sponsored Links

 

How the PS3 Hypervisor was Hacked and Dumped by GeoHot

750°
234w ago - A few days ago GeoHot Hacked the PS3 and dumped the PlayStation 3 hypervisor lv0 and lv1, and has now updated his blog with a technical writeup [Register or Login to view links] on how it was done written by Nate Lawson at rdist.root.org.

To quote from the article: "The PS3, like the Xbox360, depends on a hypervisor for security enforcement. Unlike the 360, the PS3 allows users to run ordinary Linux if they wish, but it still runs under management by the hypervisor. The hypervisor does not allow the Linux kernel to access various devices, such as the GPU. If a way was found to compromise the hypervisor, direct access to the hardware is possible, and other less privileged code could be monitored and controlled by the attacker.

Hacking the hypervisor is [Register or Login to view links] required to run pirated games. Each game has an encryption key stored in an area of the disc called [Register or Login to view links]. The drive firmware reads this key and supplies it to the hypervisor to use to decrypt the game during loading. The hypervisor would need to be subverted to reveal this...
 

GeoHot Releases PS3 Hack, Exploit Your System and Enjoy!

1350°
234w ago - As a BIG follow-up to his Sample PS3 Linux Isolated SPU Loader Code, GeoHot has now released his coveted PS3 hack so end-users can exploit their non-Slim PlayStation 3 Entertainment System!

Essentially what it does is modify the PS3's hypervisor adding two calls for reading/writing to all of the system memory.

To quote: "In the interest of openness, I've decided to release the exploit. Hopefully, this will ignite the PS3 scene, and you will organize and figure out how to use this to do practical things, like the iPhone when jailbreaks were first released. I have a life to get back to and can't keep working on this all day and night.

Please document your findings on the [Register or Login to view links]. They have been a great resource so far, and with the power this exploit gives, opens tons of new stuff to document. I'd like to see the missing HV calls filled in, nice memory maps, the boot chain better documented, and progress on a 3D GPU driver. And of course, the search for a software exploit.

[Register or Login to view links] is the coveted PS3 exploit, gives full memory access and therefore ring 0 access from OtherOS. Enjoy your hypervisor...
 

GeoHot Releases Sample PS3 Linux Isolated SPU Loader Code

1000°
234w ago - Today GeoHot has released sample PS3 Linux isolated SPU loader code for those with OtherOS to experiment with.

To quote: "Right now, I'm playing with the isolated SPEs, trying to get metldr to load from OtherOS. Interesting thing, I am not using the exploit. I always assumed the enable isolation mode register was hypervisor privileged.

It's not, it's kernel privileged, which means using hypervisor calls you can all get to it. So, get to hacking. [Register or Login to view links] is the code I am playing with.

I'm not that opposed to releasing the exploit, but I think the majority of you are going to be disappointed, even if you do get it working. Unless you have pushed the HV to it's limits, this exploit really isn't going to do much for you... yet.

So install OtherOS and start playing around. If people start coming up with convincing reasons why they need the exploit to go further, I'll release it. It's just a waste to release if people can't make use of it.

As far as the GPU goes, I have full access to the GPU memory space 0x2800... But without a driver, it's useless. 3D video card drivers are notoriously hard to write, look at the ATI and NVIDIA ones for linux. The best are still the closed source manufacturer ones.

I'm not even sure...
 

Sony Begins Investigating GeoHot PS3 Hack Allegations

1150°
234w ago - Just before the weekend iPhone 2G hacker GeoHot announced that he has hacked the PS3 entertainment system, and today IncGamers.com (linked above) has confirmed from their Rep that Sony is launching an investigation into it.

This comes as no surprise, considering a public PlayStation 3 hack would cost Sony Corporation and developers millions in lost revenue due to piracy as a result of reverse-engineering their intellectual property.

GeoHot has also told the [Register or Login to view links] that, "I can now do whatever I want with the system. It's like I've got an awesome new power - I'm just not sure how to wield it."

To quote: "We contacted Sony and a spokesperson confirmed that the company is looking into the issue.

"We are investigating the report and will clarify the situation once we have more information," said the statement."

Time will tell if Sony gets tough or goes in the direction as Apple did, simply sending out DMCA notices and not attempting to hold George Hotz personally accountable for his actions.

Unfortunately, unless Sony makes an example of Hotz it may encourage other hackers to continue defeating...
 

PS3 is Hacked by George Hotz - Hello Hypervisor, I'm GeoHot!

1350°
235w ago - The PS3 is hacked, at least according to [Register or Login to view links] on his latest blog entry (linked above)!!!

This news comes just under a month after he resumed PlayStation 3 hacking!

To quote: "Hello hypervisor, I'm geohot

I have full read/write access to the entire system memory, and HV level access to the processor.

In other words, I have hacked the PS3. The rest is just software. And reversing. I have a lot of reversing ahead of me.

Took 5 weeks, 3 in Boston, 2 here, very simple hardware cleverly applied, and some not so simple software.

Shout out to George Kharrat from [Register or Login to view links] for giving me this PS3 a year and a half ago to hack. Sorry it took me so long

As far as the exploit goes, I'm not revealing it yet. The theory isn't really patchable, but they can make implementations much harder. Also, for obvious reasons I can't post dumps. I'm hoping to find the decryption keys and post them, but they may be embedded in hardware. Hopefully keys are setup like the iPhone's KBAG.

A lot more to come..."
 
Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links






Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News