A FAQ for HBL on the Vita

We’ve seen through Teck4′s exploit that PSP exploits run flawlessly on the PSP emulator of the Vita. I’ve spent the past 3 weeks working on leveraging Teck4′s exploit and port HBL to it. I’ve been receiving lots of questions (probably from people who haven’t used HBL back when it was the only possible way to play homebrews on the PSP Go) and will try to answer them here.

What is HBL?

HBL stands for “Half Byte Loader”. This is a homebrew loader for the PSP, which was written initially by m0skit0, then improved and maintained by a bunch of devs including myself (those two links are good old memories, when HBL wasn’t loading a single homebrew properly). It basically allows to run fanmade games, emulators, etc… on the PSP. We’ve found that it can run on the PS Vita through the PSP emulator.

Will this allow to run PSP backups (isos)?

Although in theory that would be possible, HBL only has access to the PSP “user mode” which is fairly limited. Practically, all teams who have tried to create an iso loader in user mode on the PSP have failed so far.

Will this allow to run PS Vita game backups?

No

Does this give us access to the Vita hardware (touch screen, etc…)?

No. HBL accesses the hardware through the PSP emulator, and therefore only has access to what is mapped to the PSP controls. It also only has access to 32MB of ram, etc…

Does this give us possibilities to hack the vita further?

Most likely, not. HBL is stuck in user mode, in a sandboxed emulator. To get access to Vita information, we would need first to get kernel access in the emulator (through a psp kernel exploit), and then find other exploits in the emulator/OS itself to break away from the sandbox (which, if the Vita OS is as secure as I think it is, is close to impossible)

But will it give us more horsepower than the psp? Can we expect emulators to run faster, etc?

This still needs to be investigated deeper, but from what I’ve seen, not really. Memory stick access is definitely faster on the vita (Wagic loads between 5 and 10 times faster on the vita than on a psp go), but the rest seems to follow the psp limitations (as one would expect from an emulator)

Will this be made public?

Yes. Teck4 (who found the exploit) and I agreed to making this public at some point.

When will this be made public?

Some time after the Vita is released worldwide.

I heard Sony can patch this very easily as soon as it’s made public?

Yes. Since this uses a vulnerability in a PSP game, as soon as they know which game it is, Sony can remove the game from the PS Store. Once they do that, they can patch the Vita firmware to reject the “malicious” files (either by preventing them from being copied through the content manager assistant, or by patching the PSP emulator, or by patching the PSP game, etc…). At that point, people who don’t already have the game on their console won’t be able to use HBL. Also, people who do have HBL will need to never upgrade their firmware, will have to use some tools such as OpenCMA in order to copy files to the vita, and will be locked out of the PS Store as long as they want to use homebrews.

So shouldn’t you keep this under wraps instead?

Meh, it’s not like anything is really secret here besides the name of the game. It’s already pretty sure this is not useful for hacking the vita further, so even if it gets patched I don’t think we will lose “too much”.

No iso, no access to the vita internals, and Sony will patch it as soon as it’s out, so basically it’s useless?

Yes and No. Technically, a hacked PSP is way cheaper and will allow you to do more than that. But this is, as I write these lines, the only way to run unsigned code on the Vita, which in itself makes it a great achievement (and it’s always cool to show your friends that your Vita can run Mario, and theirs can’t). Also, it didn’t take too much time to adapt since most of the code was already available from our past work in the psp scene. It would have been even more useless to say “oh yeah, interesting, we can run psp exploits on the vita” and not do anything with it.

How do you copy/install homebrews to the ps vita, since it cannot be mounted as a regular usb drive?

This will be explained when HBL is released.

  1. StepS’s avatar

    Thanks for the faq :D

    Reply

  2. blankdeleter’s avatar

    Thanks a lot for these clear informations !

    Regarding the:”HOW DO YOU COPY/INSTALL HOMEBREWS TO THE PS VITA, SINCE IT CANNOT BE MOUNTED AS A REGULAR USB DRIVE?”

    i suspect that you just mount the MEMORYCARD using your PSVITA using a specific driver…

    That would be great also to think about a MAC support when you release it…since from what i know OpenCMA is PC only … ;-(

    Thanks again for your precious time spent to help the scene ! It’s greatly appreciated!

    Reply

  3. rafael707’s avatar

    what im trying to fiqure out is how would be able to get the game/exploit onto our vita, because as soon as you guys release it publicly, i bet sony guys are monitoring this page, and will patch the game before anyone can download/install it..

    just my opinion..

    Reply

    1. Kirby1997’s avatar

      If you were in the scene at the time of the Everybodies golf exploit you would know Sony took quite a while to remove it from the store and patch it. Hopefully it will be the same this time round.

      Reply

      1. Guardian’s avatar

        You just brought me good memories, I remember rushing into the store to buy the game, then going back home and tears of happiness once I saw HBL for the first time, it was like if light was coming from the screen and angels were singing on each side of the console!

        Reply

        1. rafael707’s avatar

          ive been around since the beta days, you aint gotta say shit to me

          Reply

          1. rafael707’s avatar

            And just because the game wasnt patched immediatly, doesnt mean that it will be the same for the vita… god the way people think…

          2. rafael707’s avatar

            and BTW, patapon 2 demo exploit for HBL was the best… it doesnt cost a penny

          3. Guardian’s avatar

            Wait are talking to me or to him?

          4. Kirby1997’s avatar

            Why do you need to swear at me? I was only trying to help and give you some information.

        2. flayer’s avatar

          Or in my case, rushing to the store to buy the game then going back home only to realize that hbl would not execute because with my luck i obtained the wrong version of the game. Then i completed 6 trillion surveys on points2shop to get a free psn card but the game took up an overly excessive amount of space on my mem stick and i had no space left for homebrews. good times.

          Reply

    2. aksiz’s avatar

      Sony did take some time to fix the patapon 2/ Everybodies golf exploit, but it’s because these demos can be downloaded from anywhere and launched.
      The only way for Sony to block the exploit was to take a look at the exploit used and create a new firmware. (but Sony still took a while to make a new firmware. I guess Sony didn’t really care as the exploit didn’t allow back-ups to run)

      but this time, as wololo said Sony can simply remove the game from PSN right away, then patch it later.

      Reply

    3. flayer’s avatar

      Sony probably has better things to do than to monitor every site involved in the scene… probably

      Reply

  4. xcanox’s avatar

    Playing Mario on your Vita?

    Yo dawg, I herd you like classic games, so I put an emulator in yo emulator, so you can game while you game.

    Reply

  5. xerpi’s avatar

    “HOW DO YOU COPY/INSTALL HOMEBREWS TO THE PS VITA, SINCE IT CANNOT BE MOUNTED AS A REGULAR USB DRIVE?”

    Could it be possible renaming h.bin (or whatever file) to .mp3 or any file type that PSVita accepts?

    Reply

  6. brandonheat8’s avatar

    I have a pretty good guess on how its performed, but i don’t want to say just in case it’s true, its really quite ingenious, kinda like the hack for the original xbox in some ways. Great job everybody on their respective work, hope it stays awesome :)

    Reply

  7. Tyson’s avatar

    Someone will probably make a memory card reader for the vita so your Vita won`t have to be on and connected. Like Lexar or Sandisk.

    Reply

  8. Cercata’s avatar

    About Sony patching it, there will be other exploits in the future I guess.
    HBL forever !!!!!!

    Reply

  9. knight’s avatar

    you are very cool~~!i love you~!i hope you can be best

    Reply

  10. iSWORD’s avatar

    I haven’t read the whole post, but I searched the page for ‘touch’ and knew what I wanted to know. I ‘think’ this is useless unless we get access to PS Vita’s goodies. Why would someone emulate PSP’s software on the PS Vita?!

    Reply

    1. Guardian’s avatar

      Just for the fun of it? Everybody has their own reasons to do something.

      Reply

      1. flayer’s avatar

        An exploit on day 1 can only be good for the scene.

        Reply

  11. kaye’s avatar

    I am a programmer,I want to learn to crack!
    I want to be a hacker like you!
    I want you to be my teacher!

    Reply

    1. flayer’s avatar

      The best way to learn is to teach it yourself.

      Reply

  12. Kazama’s avatar

    You mention something about getting kernel mode exploit in the emulator, but you are assuming that kernel mode exists in the emulator.

    The emulator is very likely to be HLE, and thus, there wouldn’t be kernel, the emulator itself would implement the kernel.

    Reply

    1. wololo’s avatar

      That’s a very good point, this is highly possible

      Reply

  13. MHazell’s avatar

    Interesting. I’ll be looking forward to the info on how to get homebrews on the Vita when it comes out.

    Reply

  14. SZ’s avatar

    YOU ARE NB THANK YOU

    Reply

    1. pdos_95’s avatar

      NB 能看懂么?

      Reply

Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>