Sponsored Links

Sponsored Links

 

GeoHot Resumes Sony PS3 Hacking, Opens PS3 Hacks Blog

1300°
252w ago - This weekend GeoHot, the hacker responsible for several Apple iPhone hacks, has returned to Sony PS3 hacking after his initial announcement a few months back and has opened a PS3 hacks blog (linked above).

He recently made this [Register or Login to view links]:

"I just pulled everything from the USB bus... [Register or Login to view links] the Cell processor SPI bus, PS3 is going down :-)"

These are the latest posts on his new PS3 hacks blog:

Cell SPI

The Cell processor has an SPI port which is used to configure the chip on startup. Well documented [Register or Login to view links]. It also allows hypervisor level MMIO registers to be accessed. In the PS3, the south bridge sets up the cell, and the traces connecting them are on the bottom layer of the board. Cut them and stick an FPGA between.

Quick theoretical attack. Set an SPU's user memory region to overlap with the current HTAB. Change the HTAB to allow read/write to the hypervisor! If that works it's full compromise...
 

Apple iPhone Unlocker GeoHot Begins Hacking Sony's PS3

1300°
270w ago - Over the weekend [Register or Login to view links], famous for unlocking Apple's iPhone, has posted a few tweets on his [Register or Login to view links] account that he has began looking into hacking Sony's PS3 console.

He has also dropped by our Forums to enquire about the PS3 Hypervisor Decryption Keys, and has been in touch with CJPC via IRC as well.

To date, geohot has reported the following via tweets:

"ooo got access to a couple more pages of ram...still no hypervisor there tho. it's hiding in the top 2 MB.

anyone know if the 360 guys had a pt hypervisor to reverse?

my goal is to break out of the hypervisor... then see what my morals will allow.

gotta flip one little bit to hack the ps3. unfortunately the ps3 doesn't want me to flip it.

so, the hypervisor is in the first 0x1000 pages of RAM...think I could just pull an address line down and dump? not from kernel tho

PS3 memory map [Register or Login to view links] ... why did I think this would be useful again? i really want these dumps @ bootloader

it'd be nice if that worked, linux accesses...[/b]
 
Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links






Advertising - Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News

Sponsored Links