Release: Wagic for OFW (yes, signed homebrews are a reality on the PSP)

Things are going very fast. For those who are just joining us: until now there were basically two solutions to run homebrews on a PSP. Either you had a hackable PSP on which you could install a “Custom firmware” (CFW), or you owned one of the new models (basically every PSP that was sold since summer 2008), and had to rely on some “exploits” such as the Patapon exploit, which was used to run HBL (a homebrew loader), and later on a HEN (Homebrew Enabler).

CFW or HEN, that was basically the choice we had so far to run homebrews.

Then came fail0verfl0w, and Mathieulh. A group of developers found a critical security issue in the PS3 system, which led to a full analysis of the PS3 firmware, in which some keys used for PSP Game encryption were found. After a few weeks of hard work involving many developers, tools started to emerge. I’ll spare the details for now, but it is basically possible to sign your own games (I’m talking here about games you created, not games you get on the PSN), and run them directly on a PSP without any “classic” hack, or without a Custom Firmware.

Yeah, we're superheroes, you love us

In the video below I’m showing Wagic running on a 6.35 PSP3000. Note that I cold reboot the console, to show that no exploit is running there.

The tools to sign your homebrews, although not entirely user friendly yet, can easily be found with our friend google (and if not now, tomorrow they will be). I used prxEncrypter by bbtgp and fix-relocations by JJS.

These signing techniques still rely on some external data, and Sony could probably fix this in further firmwares by creating a whitelist of allowed Eboots. Will they actually do it, or are they now focusing on the PSP2? For now, this is only user mode (yes, liquidzigong did sign his Hen, but this Hen still relies on a kernel exploit to work, and that’s easy to fix…), which should keep us away from any form of piracy, at least for now (and, alas, from plugin support or CFW as well)

Download and Install Wagic for OFW

  1. Download Wagic from the official Wagic download page
  2. Unzip the archive at the root of your PSP
  3. Replace PSP/GAME/WTH/EBOOT.PBP with the EBOOT.PBP in this file
  4. Run the game on an official firmware :)

Signing tools used

How to sign your homebrew

This assumes you have access to your homebrew’s prx. If you only have the EBOOT, you can extract the prx with pbp unpacker (data.psp == your prx)

  1. if your prx has relocations type 7, run fix-relocations on it (fix-relocations mygame.prx) (if you don’t know, run that anyways, it shouldn’t hurt)
  2. run PrxEncrypter on your prx (prxEncrypter mygame.prx)
  3. run pack-pbp the way you usually do it in a makefile (pack-pbp EBOOT.PBP PARAM.SFO icon.png NULL pic0.png pic1.png NULL  data.psp NULL )
  4. That’s it

There are still lots of limitations (no kernel mode, prx should be less than 5MB, no static elf support,…), but tools are being progressively built to make this easier, so I’m sure that as I type this, more convenient tools will already be available. I spotted some tools that allow to sign static elfs by embedding a loader inside of the eboot.

Enjoy :)

  1. Dee’s avatar

    Tested on 6.36 OFW, the Signed Wagic works.
    Thanks Wololo for the work. now need not to bring both PSP and the GO when I suddenly want to get a game of Wagic.


    1. psphacks’s avatar

      I made a video on how to sign any homebrew and play it ofw


  2. psphacks’s avatar

    I made a video on how to sign any homebrew:


  3. lane’s avatar

    Yes, we’re superheroes. You know you love us.


  4. kukelekuuk00’s avatar

    this is not signing
    this is just placing homebrew in a already signed package
    thats why no iso loaders work


  5. ness151’s avatar

    unable to get Wagic to run on 6.37ME-6. Bluescreens after starting from xmb using the modified/signed Eboot listed in the directions.

    Dump is here:


  6. ak’s avatar

    I’m having trouble extracting the new Eboot file. Is this file still available? WinRAR indicates that it is corrupted. please help…



  7. toBsucht’s avatar

    @ak the best thing is if you use easypbprx to sign (and shrink) the eboot. It supports up to 8mb eboot other tools only 4mb. With this tool you have a higher chance to run the homebrew. Download it @ check out the signed homebrew list ~200 signed hb´s @ page 1 ;)


· 1 · 2


Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>