Extracting keys from F00D Crumbs 2 January, 2019 If you haven’t already, I would recommend you check out the talk Yifan and I did at 35C3. We had a lot of content that we would have loved to speak about but did not have the required time to do so. This post will be addressing one of those, a fail in the F00D crypto processor. Before we dive into that, I will explain some fundamentals. Cryptography on the Playstation Vita is covered under two devices that perform mostly the same function. ...
6.61 Infinity – An explanation 24 September, 2017 A Brief History Lesson Lets quickly rewind to 11 years ago (2006) and refresh our memory of the very first custom firmware: 2.71 SE-A. Dark_AleX and team designed this custom firmware based on Devhook, a piece of software that allowed you to load the latest PSP firmware from the memory stick. Devhook provided the basic foundation for loading non-host firmware and 2.71 SE-A exploited this knowledge and combined both 1. ...
The idealist vision behind taiHEN 2 November, 2016 Firstly, my congratulations to the HENkaku KOTH solvers: Mike H. and st4rk. I hope you guys enjoyed the KOTH and gained meaningful experience from the challenge. As promised, we will release the source of HENkaku. Furthermore, you’ve probably heard about taiHEN – the latest release from team molecule. Maybe you’ve read Yifan Lu’s excellent blog post, explored the taiHEN website and even tested out the taiHENkaku beta but still feel somewhat disappointed in the release. ...
How to: 6.60 plugins on 6.61 14 February, 2016 I’ve been asked this question a lot and in most cases it would be very difficult to have a generic solution to a problem like this. Usually the difference between two firmware versions is significant enough that a plugin tied to particular version has to be manually updated by a developer in order to work on a newer firmware. Fortunately, 6.61 and 6.60 are so similar, I can release a plugin that will fake the version back to 6. ...
Release: 6.61 Infinity 13 February, 2016 Here we are at last, the release of 6.61 Infinity. It’s been over 11 years since the PSP was released back in 2004 and it’s somewhat impressive how long this device lasted. There is no definitive end to the representative scene, it just gets quieter and quieter. I’m not claiming this releases is the end of the PSP, but it is for me. I’ve spent the last few years working on individual work on the PS Vita and other projects and coming back to the PSP in October 2014 to begin this project was definitely nostalgic. ...
6.61 Infinity for PSPgo 7 October, 2015 A small video update here demonstrating 6.61 Infinity working on the PSPgo. Will be working on getting custom firmwares working next and just generally heading towards a release.
6.61 Infinity 24 September, 2015 Some time ago I mentioned that a 6.61 (6.60 then) boot-time hack was possible. This doesn’t seem that long ago to me, but it actually has been almost a year since I mentioned it. Recently I’ve been rolling out actual device tests after many simulations and support software through the year. Last year all I had was a proof of concept and even then it was bare and barely touched. Today, I can now confirm that the boot-time hack works on PSP 1000, 2000 and 3000. ...
MAZIORA PLEIADES-2 29 March, 2015 MAZIORA PLEIADES-2 is not the codename for a military operating but actually is the name of a pigment. MAZIORA pigments change colour respective to the viewing angle, one angle might be red whilst another being blue. The video below is taken from wikipedia and demonstrate the colour changing effect. Sorry, your browser doesn't support embedded videos, but don't worry, you can download it and watch it with your favorite video player! ...
PSVita Webkit for < 2.00 28 October, 2014 Webkit is pretty buggy, we know that. My PSVita is on 1.80 and thus, some wonder how I’ve been doing things with my vita. How about a history lesson? It all started in early 2012 with a bunch of people looking into webkit. After a bit of time, a really smart dude called @cmwdotme shows us string dumps and a table of a few memory locations for the vita, and tells us that they were obtained using webkit. ...
PSVita Webkit Exploit – Information and Credits 19 October, 2014 As you have probably seen, a small PoC webkit exploit for 2.60 was released for the psvita. You can test your vita yourself by visiting the link here: http://lolhax.org/vita.htm At first the exploit only supported 2.60, which happens to be the firmware my vita is on. The exploit now supports up-to version 3.18 and code execution demo with ROPTool will be shown over the next while. Lets talk about how this all came to be. ...