Is your PSP hackable?

If you own a PSP that you bought recently and haven’t been following the news lately yet are interested in unlocking your PSP, the whole PSP scene certainly looks like a huge mess to you, and you probably have no clue if your PSP’s hackable or not.

Things have been moving quite fast recently, so expect things to change soon, but here is the current state of PSP’s “hackingability” :

models

Below are details for each model.

PSP Phat and PSP2000 (except ta88v3)

If you own a PSP Phat (PSP-1000), or a PSP Slim (PSP 2000) that is NOT a Ta88v3, then your PSP, independently of its firmware, is 100% hackable with a pandora battery. It’s been the case for many months now, and it will not change as the exploit used for the pandora batteries is a hardware exploit and cannot be fixed with a new firmware.

PSP-3000 and TA88v3, Firmware 5.03 and below

If you are the unlucky owner of a “doomed” motherboard, but happen to have a firmware 5.03 or below, your PSP is “half-hackable” through the laughing man tiff exploit and the associated Homebrew Enabler, better known as “ChickHEN”. “half-hackable” means that your PSP can have all the features of fully hackable PSPs (homebrew, plugins, customizable themes, ISOs,…), but unlike fully hacked PSPs, if your hard-reboot your PSP, you’ll have to run the hack again. (For those who still don’t know, putting your PSP in sleep mode works fine and is the best thing to do to keep the HEN in Ram)

PSP-3000 and TA88v3, Firmware 5.50 and above

There is no “public” way to hack these PSPs currently. However lots of exploits have been made public in the past weeks, giving developers enough material to actually work on solutions for these models. A user exploit in the Game Archer Maclean’s Mercury exists up to firmware 6.10. A user exploit in the Game Medal of Honor Heroes (including Medal Of honor heroes 2) exists up to firmware 5.55. The Kernel exploit used in ChickHEN exists up to firmware 5.50, but (is not usable from a user exploit in a game). A Kernel exploit revealed by MathieuLH exists up to firmware 5.55. Team Typhoon revealed the existence of a kernel exploit up to at least firmware 6.10, but didn’t make it public. Technically, with the current public available info, these PSPs could be hacked up to firmware 6.10 for Homebrew through the Mercury Game, and up to firmware 5.55 for HEN (isos, plugins,…) through the kernel exploit revealed by MathieuLH

PSP Go

There is no “public” way to hack these PSPs currently. The PSPGo cannot technically use exploits in games. Well…it can, but as soon as a game is hacked, it gets patched. So either you own a hackable version of the game and can use it, either you’re screwed. The general idea is that we cannot use games as a “good” user exploit source for the PSPGo. Exploits still exist though, and most of the time kernel exploits valid for a given firmware will work on the PSPGo, so it’s only a matter of finding a user exploit in the XMB rather than in a game.

Vocabulary

Homebrew: User made (non official) applications. These include games such as Wagic, utilities, emulators…
ISO: In the PSP world, digital copy of a game, most of the time unencrypted, preventing it from running on an Official firmware. ISOs are often associated to game piracy.
plugin: Homebrews that are loaded in the Ram of the PSP to extend its functionalities. For example, the music plugin allows to play MP3s while playing a game or a homebrew on the PSP.
HEN: Homebrew ENabler. A program that patches the PSP Ram to allow running unsigned code (Homebrews). unlike eLoader, a HEN is in the Ram and therefore doesn’t require to be launched everytime you want to run unsigned code. To do this a HEN usually requires a Kernel exploit.
TA88v3 :A Model of Motherboard that was introduced on the PSP2000 in summer 2008. It fixes the vulnerability used by the pandora batteries. Several techniques exist to identify your PSP Motherboard. If you have a PSP 2000, the easiest way to identify if it has a “doomed” motherboard is to try a pandora kit (battery + memory stick) on it.

Note: Firmware 5.05 has been intentionally not mentioned as it was released to a very limited number of people.

If you own a PSP that you bought recently and haven’t been following the news lately yet are interested in unlocking your PSP, the whole PSP scene

certainly looks like a huge mess to you, and you probably have no clue if your PSP’s hackable or not.

Here is the current state of things:

Below are details for each model.

PSP Phat and PSP2000 (except ta88v3)
If you own a PSP Phat (PSP-1000), or a PSP Slim (PSP 2000) that is NOT a Ta88v3, then your PSP,

independently of its firmware, is 100% hackable with a pandora battery. It’s been the case for dozen

months, and it will not change as the exploit used for the pandora batteries is a hardware exploit and

cannot be fixed with a new firmware.

PSP-3000 and TA88v3, Firmware 5.03 and below
If you are the unlucky owner of a “doomed” motherboard, but happen to have a firmware 5.03 or below, your

PSP is “half-hackable” through the laughing man tiff exploit and the associated Homebrew Enabler, better

known as “ChickHEN”. “half-hackable” means that your PSP can have all the features of fully hackable PSPs

(homebrew, plugins, customizable themes, ISOs,…), but unlike fully hacked PSPs, if your hard-reboot your

PSP, you’ll have to run the hack again. (For those who still don’t know, putting your PSP in sleep mode

works fine and is the best thing to do to keep the HEN in Ram)

PSP-3000 and TA88v3, Firmware 5.50 and above
There is no “public” way to hack these PSPs currently. However lots of exploits have been made public in

the past weeks, giving developers enough material to actually work on solutions for these models. A user

exploit in the Game Archer Maclean’s Mercury exists up to firmware 6.10. A user exploit in the Game Medal

of Honor Heroes (including Medal Of honor heroes 2) exists up to firmware 5.50. The Kernel exploit used in

ChickHEN exists up to firmware 5.50, but (is not usable from a user exploit in a game). A Kernel exploit

revealed by MathieuLH exists up to firmware 5.55. Team Typhoon revealed the existence of a kernel exploit

up to at least firmware 6.10, but didn’t make it public. Technically, with the current public available

info, these PSPs could be hacked up to firmware 6.10 for Homebrew through the Mercury Game, and up to

firmware 5.55 for HEN (isos, plugins,…) through the kernel exploit revealed by MathieuLH

PSPGo
There is no “public” way to hack these PSPs currently. The PSPGo cannot technically use exploits in games.

Well…it can, but as soon as a game is hacked, it gets patched. So either you own a hackable version of

the game and can use it, either you’re screwed. The general idea is that we cannot use games as a “good”

user exploit source for the PSPGo. Exploits still exist though, and most of the time kernel exploits valid

for a given firmware will work on the PSPGo, so it’s only a matter of finding a user exploit in the XMB

rather than in a game.

Vocabulary
Homebrew: User made (non official) applications. These include games such as Wagic, utilities, emulators…
ISO: In the PSP world, digital copy of a game, most of the time unencrypted, preventing it from running on an Official firmware. ISOs are often associated to game piracy.
plugin: Homebrews that are loaded in the Ram of the PSP to extend its functionalities. For example, the music plugin allows to play MP3s while playing a game or a homebrew on the PSP.
HEN:Homebrew ENabler. A program that patches the PSP Ram to allow running unsigned code (Homebrews). unlike eLoader, a HEN is in the Ram and therefore doesn’t require to be launched everytime you want to run unsigned code. To do this a HEN usually requires a Kernel exploit.

  1. eric’s avatar

    good work .this is very helpfull to those noobs.thank you .

    Reply

  2. khalim’s avatar

    i don’t get it…why does sony efforts so much on making it so unhackingly? i mean seriously…i use my psp for playing homebrews, emulators, ebooks MORE than i use it for umd games…and i’m pretty sure every does the same…just like the memories..i doubt people would buy higher than 2gb msticks for just savedatas and some music.
    why don’t sony don’t get it till now? if they don’t want to make it hackeable…let 3rd party developers create their homebrews under supervision of sony, i’m sure people don’t buy psps just for umds.

    Reply

  3. wololo’s avatar

    Well, Sony made good efforts recently with the Minis, and by decreasing the price of the Devkit. Still homebrew developers probably don’t have the time and money to turn a simple hobby into some “serious” business…

    For example Wagic could become a Mini. But it would become much more restricted, as it would need to be bug free, which basically means we would remove lots of “dangerous” features such as the ability to create your own cards. Also it would become much more stressful for me if it became a real business, if people pay for my games I’d have to pay much more attention to bugs…

    Lots of homebrews offer much more features than what official content provides, but they could never make it into an “official” content because of the insane number of bugs/vulnerabilities (often in direct relation with the cool features they offer) they have.

    Reply

  4. Magicwings’s avatar

    I just got one thing to add. I have (alright, actually had, since it broke) a PSP-1000 that was hacked via ChickHEN. Just like to point that out since your handy little chart is slightly misleading into thinking that PSP-1000′s can only be hacked with Pandora. The PSP was Firmware 5.03 when it was hacked, it’s not like I did anything special, other than use ChickHEN on a PSP-1000.

    And if Wagic became a Mini, you’d also probably be under more fire from a certain company with a certain card game with a similar sounding name to Wagic.

    Reply

  5. wololo’s avatar

    @MagicWings: regardin Pandora on the PSP1000. This is very true, but I still don’t understand who in their right mind would go through the hassle of using a hazardous technique (software downagrade through chickHEN) when they can use a Pandora. I intentionally don’t mention the usage of chickHEN for pandora-compatible PSPs since I strongly believe people who can use a Pandora shouldn’t even think about using other techniques. It’s not like a pandora battery is expensive, it’s much more convenient and less risky.

    You are right about the legal thing. If Wagic became a Mini, I would probably have to create new rules for the game :)

    Reply

  6. Magicwings’s avatar

    @wololo When I hacked my PSP, I actually did make the choice between Pandora and ChickHEN. I went for ChickHEN because honestly it seemed more practical. The way it worked seemed less complicated when I started, so I’d say the ChickHEN is more practical. But, I havn’t tried Pandoras yet, so I can’t say if its any better.
    But compare “Get a weird battery” or “run this weird program”, and ask which one people will probably try on first impression.

    And on a side note, why does everyone capitalize the W?

    Reply

  7. wololo’s avatar

    Magicwings: I’ve used both software techniques and pandora+DDC kits over the past 4 years. Trust me, Pandora is way better, and the only reason anyone would want to use anything else is because they haven’t tried the battery technique. Which is your case. Try the battery once, you’ll never go back to anything else :)

    The W… in wololo? or in Wagic ?

    Reply

  8. toBsucht’s avatar

    btw psp go is now hackabel

    Reply

Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>