(UPDATED) Here is a very cool release for the PS3 Hacking community, as developer AlexAltea publishes Full RSX VRAM /IO Access Exploit. While this release is only intended for developer's consumption, it could lead to something more promising down the road for the end user as the developer hope someone can make use of this research and exploit, The capabilities are explained as followed "It just gives you access to something inaccessible before with userland/supervisor privileges". So now developer's can explore new areas on [break]j[/break]the PS3 and nothing better to explore then the RSX chip of the console. Checkout all the details from AlexAltea in the quote below:
Full RSX VRAM/IO access exploit
This allows userland/lv2 access to the entire 256 MB RSX VRAM range and the entire RSX IO address space and works on all firmwares up to the last version. Particularly interesting here, is that this allows to access the last 2 MB of VRAM, reserved only for the LV1 driver, and maybe slightly less interesting, accessing 'vsh.self' VRAM area and IO mapped memory.
Disclaimer The requirements are quite hard to satisfy (many of you either don't need this, or can't run this) and it's only relevant for devs (so some don't need to care about it either). It just gives you access to something inaccessible before with userland/supervisor privileges, nothing else. That's the ONLY reason I'm posting this (and maybe the hope of someone being able to do something better with it).
You need either:
- Userland entry point (e.g. Browser exploit , <= 4.78?) + NAND console (although probably if you have this, you already hacked it and have LV1 access).
- LV2 entry point (e.g. RSXploit , <= 4.45?). You will need to replace the `sys_rsx_context_attribute` LV2 syscall with the `lv1_gpu_device_map` LV1 call in the source code of the PoC provided below (and remove all the GCM library code among other things).
- Source code available here (documentation inlined as comments): https://github.com/AlexAltea/ps3autotests/blob/master/exploits/user_vram_access/user_vram_access.cpp
Thanks a lot to @3141card, for his LV1 RE files, and to people from Nouveau/Envytools people, specially mwk.
-  There's a browser-based (was it Webkit?) memdump PoC for PS3. So, just dump memory, find gadgets and build a ROP chain to load userland code.
-  There's a flaw in 'sys_rsx_context_allocate' that allows that. More info on the RSXploit thread.
See Post # 3 Below for UPDATE
PS3 [PS3] Full RSX VRAM/IO Access Exploit by AlexAltea
By STLcardsWS on Mar 23, 2016 at 9:38 PM
[Update] multiMAN 04.85.01 - Official Update from deank adds 4.83-4.85 CFW Support + PS3HEN SupportUPDATE 04.85.01 - Improved PS3HEN Support Added
Original: Appears that developer @deank has pushed an official update for the popular PS3 Homebrew known as multiMAN (or mM). We have not seen an official update since firmware 4.82 (albeit from some unofficial modified version, that were not ideal), there was not much of a need for an update since the previous official update of 4.82 worked fine as is on 4.83 /4.84 / 4.85. In that time Sony's changes in 4.8x era of firmware were minimal and presented little changes for the PS3. The only thing that was missing was firmware detection of 4.83 and greater, as it was impossible for the application to know the offsets of future firmware's. However, deank quietly pushed an update via the applications online update. This new update provides official support for CFW 4.83 - 4.85 which will recognize and properly fix the cosmetic issue and display the new firmware presents.
Other then that its the same old classic multiMAN, which is not a bad thing as this was and still is an iconic applications for the PS3. This powerful Homebrew is packed with tons of functionality for your cfw enabled PS3, Regarding support for PS3HEN user's I am not sure as of writing this if this version supports PS3HEN fully, (see 04.85.01 update) nothing is mentioned so we should not assume. On brewology there is an unofficial multiMAN 4.84 PS3HEN version (* in previous releases), but not sure how compatible many of the feature are (maybe we could have user's comment below with some feedback regarding ps3hen) PS3HEN user's in general should also realize that many PS3 Homebrew apps were created with CFW in mind. so there can be compatibility issue with some features..Note that ManaGunZ is supporting PS3HEN w/ a special PS3HEN mode that will disable the CFW features.Continue reading
[New PS2 Exploit] Hacking the PS2 using Yabasic on (PAL) demo disc ( by Cturt )The PlayStation 2 is still in the cross-hairs for many developer's in the homebrew scene, hacker Cturt known for his work with PlayStation 4 exploits has turned his attention to the PS2. The motive for this exploration was to provide a "slightly more convenient" way to execute homebrew on the PS2 and also with the newer consoles being hacked via webkit exploitation and the PAL models Ps2 demo disc that contain Yabasic, the hacker seen the potential and now that potential has came to fruition with the release of this write up of exploiting a PS2 with Yabasic on a PS2 Demo Disc in PAL regions. The developer states in NTSC there may be a future solution (as mentioned in the conclusion of the writeup)Continue reading
[UPDATE] PS3HEN v2.4.0 - View latest changes to the PS3 Exploit for SuperSlims & nonCFW models4.85.1 HFW post by @Joonie
UPDATE (10-07-2019): Version 2.4.0 has been released.
See below for additional Details!
See also: The Great PS3 HEN All in One (AIO) Guide
Here is v2 of the latest PS3 Hack to hit the PS3 Scene with the recent release of PS3HEN. This exploit for nonCFW console's provides homebrew support and a number of Custom Firmware intangibles for those console that can not install a traditional CFW, with those being lat production PS3 Slim models and all of the SuperSlim Consoles. While this is a tremendous release and breakthrough the information behind PS3HEN has been lacking and has served more questions then answers that could be provided. This is due in the way this was delivered and presented. We paused the reporting this on the frontpage until we were pleased with the documentation. So we took it upon ourselves to get the ball rolling on a new PS3HEN F.A.Q. detailing various aspects and info that will be useful for PS3HEN user's. Also we have started forming the PS3HEN Homebrew & Plugin Compatibility Chart
Version 2.x.x has come with a number of new additions for a better experience. Some of the new changes provide full PS3ISO Support ,As well as full BDISO and DVDISO support has been added, plus new improvements to PS3HEN's stabiliContinue reading
Share This Page
- henkaku homebrew
- playstation 2
- playstation 2 resources
- playstation portable
- playstation portable cfw
- playstation portable resources
- playstation tv
- ps vita
- ps2 resources
- ps3 cfw
- ps3 homebrew
- ps4 homebrew
- psp cfw
- psp resources
- pstv homebrew
- vita homebrew
- webman mod
- xmb mod
- User Record:
- Latest Member:
- Leonard strong