It was nearly 7 years ago since we have seen a PS3 Official Firmware Exploited (3.55 being the last), which predates many PS3 models and thus why those later Slim & SuperSlim models could never install Custom Firmware (CFW) and/or Downgrade. However that could all change as a team of three have been developing a new project (4.81 OFW Exploit) called PS3Xploit. The "Unhackable PS3 models" will be a term of the past, but the exploits not quite there yet but the possibility of a HENkaku (vita) style hack is very plausible. Currently the exploit has allowed for access to enable Flash dumps on all consoles, Then Write access to Flash, unhackables (25xx +) will not be able to write but all previous PS3 will so that means Goodbye Hardware Flashers and Hello Software Downgradrs. The team is consisting of psx-place's very own @bguerville, @esc0rtd3w and W form the team behind PS3Xploit.
The theory behind the project started off when bguerville was looking through some of the webkit source code (for unrelated research) and stumbled on a discovery and a discussion here on the psx-place forums was formed with theories on how the PS3 could be attacked with his findings. As time passed the team formed and an idea became a full-fledged project in development, A request came to temporary remove the said discussion as the idea spawned a project with alot of potential. Sadly this is not ready for release quite yet (but soon), while we know it is working there is additional development needed to make this complete. The team has a goal of 2018 (first Q1) target for the release of the exploit.
Recently team member esc0rtd3w announced the tentative release date on another forum and it seemed some were so grateful they decided to intrude and breach his MEGA account and leak what they thought was the exploit / key component but was only a small puzzle piece of the entire thing and quite useless itself . While the good news it did not harm the project or discourage the development team behind Ps3Xploit. However esc0rtd3w did lose some personal files and also the community lost the huge collection of NoPSN Apps for the PS3. But don't cancel those subscription service's just yet, as esc0rtd3w is in the process of re-uploading the collection, you can follow the progress here .
Also, I have been personally told by the team that some of the details being reported elsewhere are not 100% accurate, but rest assured we have first-hand information about this upcoming exploit and we will set the record straight and keep you flowing with the facts as they become available. bguerville has provided us with some details about this release and also tells us about what they plan to release first and that is coming in the next 24 hours in the form of a IDPS Dumper for 4.81 (All PS3 Models). (UPDATE >> Released)
Additional details via @bguerville
(NOTICE - Please Read ALL TABS contains IMPORTANT Details about the project !!! )
I started investigating the ps3 webkit about 6/7 months, but at the time, it was only to gather information, I had no idea I would eventually be the one working on it!
End of August, I gave the information I had to esc0rtd3w & expected he would work on it alone. However, he knew nothing about webkit exploitation & he started to collaborate with W. By hijacking webkit, we inherit its privileges which means we are root & we get access to lv2 syscalls. However the ps3 OS is protected by NX (No eXecute is the bsd/linux equivalent of DEP on Windows), no address randomisation though. Executing our own payload is made impossible by NX but we can still execute code despite NX using ROP (Return Oriented Programming).
The principle is simple, select snippets from the system code (snippets like these are called gadgets) & assemble them so execution jumps from one gadget to the next until the task we planned is done. It requires providing values/parameters & offsetting to each gadget instruction as well...
First week of September, I joined their effort & 2 weeks later we had ROP execution.
From that moment, I have been doing all the ROP development work alone while the other 2 helped with testing & researching (and debugging for esc0rtd3w).
Right now I have 2 ROP chains ready, one for idps dumping & the other for flash memory dumping.
The next part of the job is to modify the flash dumper into a flash writer.
- The idps dumper is about to get released. (UPDATE Released >> Click Here)
- The flash dumper will be released later.
When that is done & released, ps3 hardware flashers will have become mostly obsolete.
FYI, the idps dumper should work on any nor/nand model of ps3. Same goes for the flash memory dumper.
It was tested ok on superslim.
Once the ROP work above is finished , there is much more to be done & hopefully more releases to come...
The Current Status
For now the main project we are working on will not jailbreak all consoles.
It will enable flash dumps from all consoles but flash write only to all consoles up to 25xx so consoles that are are not cfw compatible will not really benefit just yet, except for dumping flash & idps but not for JB.
For those with cfw compatible consoles on ofw, once flash is overwritten with a db ofw copy, a user can reboot then install the cfw of their choice. Hardware flashers being then obsolete.. You could also overwrite the flash memory in more recent consoles but that would result in a brick due to metldr2.
It's only after that flash management project is done, in hopefully March that we will begin working on exploiting lv2. If we get the results we wish, we should be able to make a TaiHEN type of hack for all consoles including superslims.
Once lv2 is exploited, I am not sure yet how far I will take it, whether I will also try to take on lv1.. Or leave it for someone else to build on by releasing a fully commented & dev friendly version... We will see how things go, ......
However, even without lv1, direct access to lv2 functions using the right parameters would allow us to run homebrews (except those needing lv1 peek/poke) & backups without problems along with many other things.
I figured i would add this (tab) to add some news and thread related to this project, that has arisen after this article.
- November 11 >> IDPS Dumper (PS3 NAND / NOR ) - 4.81 OFW Compatible by Team PS3Xploit
- November 12 >>> PS3 4.81 IDPS Dumper eMMC (Only for 12Gb models) Testing and Research Area
- November 12 >>> PS3Xploit NOTICE - Stay clear of any Incoming Firmware Updates on the PS3.
- November 24 >>> 4.82 OFW Software Flash Writer + Nor Dumper (install CFW on 4.82 OFW)
- November 25 >>> PUBLIC WARNING - Fake Exploit Pages
- November 27 >>> NOR DUMPER (Lower OFW Ports)
Stay tuned to psx-place.com as this story develops, we have the inside scoop on all the details as they flow. This is a huge breakthrough for the PS3 Community and will only progress from here on out!!!
UPDATE : IDPS DUMPER HAS BEEN RELEASED> >> NEWS Coverage
(Please Note - You should not update your PS3 firmware past 4.81 if a Software Update goes Live)
PS3 Official Firmware 4.81 Exploit - Software Downgrader & More Incoming! Could SuperSlim be hacked?
By STLcardsWS on Nov 9, 2017 at 6:45 PM
Meet "PSVshell" - a very beautiful and useful Overclocking Plugin by ElectryThe PlayStation Vita was a "powerful" Handheld Console back when it was released by the end of 2011 - wow, already 8 years old btw . But claiming by Sony that it can bring you the same power and good Gaming Experience like a Home Console, soon many people found out that this isn't the case for all Games released. But luckily, thanks to the great Homebrew Community behind the PSVita, we already saw in the past many "Overclocking Plugins", which can bring you the full potential to your PSVita, even more powerful than Sony would allowed. But sometimes, even those weren't perfect . Either they slowed down your Games when in use, they crashed the whole System or it was just some simple things like that the whole Screen was "crowded" with the Details of each of your setting everytime when you needed to change them. But the cool thing is, this Homebrew Community hears your complaints. So Developer Electry worked on that and introduced his very own Overclocking Plugin - it's "yet another overclocking plugin" to quote him - by fixing all those problems mentioned before. And the coolest thing is, it looks pretty damn good and it's very useful as well, if you ask me!Continue reading
PS-Phwoar! (for 5.05): A new Exploit Host Menu (with PS4 Home inspired theme) by LeefulWe re-tweeted this when it was released a week or so ago but wanted to get something up on the news page about this project, Developer leeful has recently released a new Exploit Host menu for serving up the essential payloads for exploited PS4 (5.05) Consoles's. This host menu theme is based on the PS4's main home screen bringing a seamless look. The host menu contains descriptions of various payloads it provides (which is about all) that will provide alot of features when executed such as Fan Controls, Linux Loader, Mod Menu's, firmware spoof, Update blocks ect.. You can see many of the payloads included in the sceenshots attached. Various methods to using this exploit host menu are available , see additional details in the installation tab below about using this new host menu:.
The host menu also adds the convenience of replacing the User Manual (first option in Settings>>User Manual/Helpful info) for easy and quick launching for when you power on your Console and have to activate HEN.Continue reading
Mednafen v0.3 (PS4 Homebrew) - Multi-System Emulator adds support for new emulationThere has been a PS4 developer's known as Znullptr who has ported several emulators to the PS4 (jailbroken) already with systems like the Sega Saturn, Dreamcast & PS1 to name a few of the ps4 homebrew ports present on the GameOS side of the console (ps4). We know already that emulation via PS4 Linux is capable of running many more emulators like RetroArch (Linux) for example, but lets be honest ps4linux can be a bit of process to get up and running when you power on your console for some quick convient play. So when we see new things on the PS4's main menu that is exciting to see, when its in regards to emulation especially.
This time around the dev decided to port a popular multi-system emulator, no not RetroArch but Mednafen, originally the port was released some weeks ago by port developer Znullptr and presented to us by Markus95 and since @Markus95 has seen presented some improvements with regards to the cfg file that has fixed several broken platforms (Virtual Boy, WonderSwan & WonderSwan Color) due to the control scheme that was not compatible with the DualShock 4 layout, with a re-configured "mednafen.cfg" file those issue are eliminated. There has been 4 player support added also and a few new tweaks Markus95 plans on addressing via future tweaks of the cfg file.Continue reading
Share This Page
- henkaku homebrew
- playstation 2
- playstation 2 resources
- playstation portable
- playstation portable cfw
- playstation portable resources
- playstation tv
- ps vita
- ps2 resources
- ps3 cfw
- ps3 homebrew
- ps4 homebrew
- psp cfw
- psp resources
- pstv homebrew
- vita homebrew
- webman mod
- xmb mod
- User Record:
- Latest Member: