Top Menu

A small video update here demonstrating 6.61 Infinity working on the PSPgo. Will be working on getting custom firmwares working next and just generally heading towards a release.

Some time ago I mentioned that a 6.61 (6.60 then) boot-time hack was possible. This doesn't seem that long ago to me, but it actually has been almost a year since I mentioned it. Recently I've been rolling out actual device tests after many simulations and support software through the year. Last year all I had was a proof of…

MAZIORA PLEIADES-2 is not the codename for a military operating but actually is the name of a pigment. MAZIORA pigments change colour respective to the viewing angle, one angle might be red whilst another being blue. The video below is taken from wikipedia and demonstrate the colour changing effect.

Webkit is pretty buggy, we know that. My PSVita is on 1.80 and thus, some wonder how I've been doing things with my vita. How about a history lesson? It all started in early 2012 with a bunch of people looking into webkit. After a bit of time, a really smart dude called @cmwdotme shows us string dumps and a table of…

As you have probably seen, a small PoC webkit exploit for 2.60 was released for the psvita. You can test your vita yourself by visiting the link here: http://lolhax.org/vita.htm At first the exploit only supported 2.60, which happens to be the firmware my vita is on. The exploit now supports up-to version 3.18 and code execution demo with ROPTool will be…

I’ve done a post about Return Orientated Programming (ROP) before where I described basic operation of a ROP chain. The public domain of pentest security tools involving ROP is largely orientated around intel architecture x86. Now I have my own contribution to the security world.

Once again, I’ve not posted in a while, so I’ll start off my apologising for that. Today, I’m gonna talk about the reality of computer security. When I say reality, I immediately put my hands up and say that I’m talking bullshit and really just gonna spew a lot of my opinion in regards to computer security. So, here goes…

Today is a short post, but I've recently started playing around with ClipUpload. ClipUpload is a very clever, yet very simple clipboard upload tool which will upload whatever is in your clipboard to a variety of sources including: facebook, imgur, pastebin or even your own FTP server. Whilst I think it is pretty cool to upload to an FTP server,…

This will be a small introduction into return oriented programming, commonly referred to as ROP. I’ve had a lot of experience with security measures (duh) but never really had any hands on experience with more modern security technologies such as non-executable stack/data (DEP, NX, XN, W^X) or Address Space Layout Randomisation (ASLR).

The non-executable stack isn’t really limited to just the stack, anything that isn’t code memory can’t be executed. So as in PSP, you can’t just jump to the savedata and have the day’s work done. No, instead the only code executable is real code provided by the OS when binaries are loaded. This is a nice and funky way but ROP is the counter and tends to poop on this method.

Just to start, congratulation to yifanlu for his excellent work on gaining the first vita native hack. I’d like to note that I’m just relaying information from a forum post by yifanlu and did not have any input on yifanlu’s work, it’s all his!

Also, if you’re not a developer, please note that there is currently no way to run homebrew, colour your screen, download binaries, hack your device, make a milkshake from 10 miles away or such. This post is purely informational.

Continuing on, considering my audience gathers quite a few developers I think this post should complement the cause. So, if you don’t know, vita dev yifanlu has been looking around for developers who are interested in developing native software on the vita. He is calling out for developers to help him develop an ELF loader.

Close