(UPDATED) Here is a very cool release for the PS3 Hacking community, as developer AlexAltea publishes Full RSX VRAM /IO Access Exploit. While this release is only intended for developer's consumption, it could lead to something more promising down the road for the end user as the developer hope someone can make use of this research and exploit, The capabilities are explained as followed "It just gives you access to something inaccessible before with userland/supervisor privileges". So now developer's can explore new areas on [break]j[/break]the PS3 and nothing better to explore then the RSX chip of the console. Checkout all the details from AlexAltea in the quote below:
Full RSX VRAM/IO access exploit
This allows userland/lv2 access to the entire 256 MB RSX VRAM range and the entire RSX IO address space and works on all firmwares up to the last version. Particularly interesting here, is that this allows to access the last 2 MB of VRAM, reserved only for the LV1 driver, and maybe slightly less interesting, accessing 'vsh.self' VRAM area and IO mapped memory.
Disclaimer The requirements are quite hard to satisfy (many of you either don't need this, or can't run this) and it's only relevant for devs (so some don't need to care about it either). It just gives you access to something inaccessible before with userland/supervisor privileges, nothing else. That's the ONLY reason I'm posting this (and maybe the hope of someone being able to do something better with it).
You need either:
- Userland entry point (e.g. Browser exploit , <= 4.78?) + NAND console (although probably if you have this, you already hacked it and have LV1 access).
- LV2 entry point (e.g. RSXploit , <= 4.45?). You will need to replace the `sys_rsx_context_attribute` LV2 syscall with the `lv1_gpu_device_map` LV1 call in the source code of the PoC provided below (and remove all the GCM library code among other things).
- Source code available here (documentation inlined as comments): https://github.com/AlexAltea/ps3autotests/blob/master/exploits/user_vram_access/user_vram_access.cpp
Thanks a lot to @3141card, for his LV1 RE files, and to people from Nouveau/Envytools people, specially mwk.
-  There's a browser-based (was it Webkit?) memdump PoC for PS3. So, just dump memory, find gadgets and build a ROP chain to load userland code.
-  There's a flaw in 'sys_rsx_context_allocate' that allows that. More info on the RSXploit thread.
See Post # 3 Below for UPDATE
PS3 [PS3] Full RSX VRAM/IO Access Exploit by AlexAltea
By STLcardsWS on Mar 23, 2016 at 9:38 PM
multiMAN Web Services could be discontinued in 2019 (developer seeking support)Developer @deank needs a little help, so he can help us all. The legendary dev known for various projects like the iconic multiMAN / webMAN & SMAN for the PS3 needs some help to keep multiMAN's web services going strong into 2021. To accomplish this goal the developer is seeking 500 Euro's in donations. The good news is deank is almost at 50% with his goal (as of writing this (12/16)). The bad news we only have a couple of weeks to meet that mark. Which in all honesty, should not be that big of an issue and very easy to accomplish. If the many reading this gives a small amount You can find details about donations in the link at bottom of this post..Continue reading
[7x Update (Dec. 17)] HW Acceleration (RSX) Project Update by RenéRebe7x UPDATE (December 17) - Now the 8th Video Released in last days / weeks
(Original Article from Nov. 14) Is the PS3 a bit closer to gaining Hardware Acceleration (via RSX) in OtherOS (Linux) with a proper driver to enable the GPU chip? We are not there, but we may be getting closer to a reality. Earlier this year (back in April) we detailed some of the progress that the busy dev RenéRebe has made with unlocking the potential of the PlayStation 3's RSX chip and now today we have been greeted with a new video and what we can expect with this project as the developer starts to undertake the challenge of further unlocking one more component of the Ps3 hardware,. The developer has alot of videos on other intresting subjects in his diverse YouTube channel >>> (Bits and More) <<< many very informative video's..Continue reading
Exploiting PS4 Video Apps (to run unsign code) -- presentation coming (Dec. 28) by m0rph3us1987Developer m0rph3us1987 will be giving a talk "at #35c3 on the Chaos West stage. on December 28 and the dev will be discussing exploiting the official PS4 Video Apps. This should be a very interesting topic as the dev has stated "I'll show you how to exploit them to run your own unsigned code (regardless of the firmware version installed)" already known for his work with one of the few PS4 Homebrew's (PS4NES) and his work on the "holy grail HEN" looks to elevate the PS4 with something exciting. Will this be the event the PS4 needs, This will certainly be something to pay attention to as we get closer to the 28th later this month and i think we need all may need to say thank you to m0rph3us1987's wife Continue reading
Share This Page
- henkaku homebrew
- homebrew game
- playstation 2
- playstation 2 resources
- playstation portable
- playstation portable cfw
- playstation portable resources
- playstation tv
- ps vita
- ps2 emulator
- ps2 resources
- ps3 cfw
- ps3 homebrew
- ps3xploit 3.0
- psp cfw
- psp emulator
- psp resources
- pstv homebrew
- vita homebrew
- webman mod
- User Record:
- Latest Member:
- Med Hedi
MegaMan- War of the Past OpenBOR OPL ready ISO -Neill Corlett
Beats Of Rage OpenBOR OPL ready ISO -Neill Corlett