You can’t wait for the next exploit? Here’s how to find one yourself!

You may also like...

99 Responses

  1. owanef says:

    i wanna try but i sold my psp

  2. soulscape says:

    Thanks for the info, I just recently got into the scene and was curious about the process.

  3. dey says:

    I don’t have a psp, Can I use the psp emulator(eg: jpcsp) to try it.

  4. Aye Guy says:

    I honestly don’t mind waiting but i am interested in this

  5. Xinefury says:

    Third, and was wondering if i will ever get the chance to download games on vita for free like when i downloaded iso’s and cso’s for psp….

  6. tianjianerp says:

    I heard you third flaw is not a perfect operation right, and the addition of a hacker to find new PSV vulnerabilities to you the development of new third game bugs!

  7. itsugawakun says:

    Somehow i can’t really update my psp2000 to 6.60 since its stuck on 5.50

    • jd20dog says:

      change the version.txt in flash0 or flash 1 to to have 5.50 in it instead of 9.00
      this was done so people wouldn’t brick they’re systems or update out of cfw back in the day

      • I should have seen that from before. Guess i didn’t really try to get there. anyways i could not get anywhere anyways cause of the fact that the psp could not read anything higher than 1gb. My lowest was 2gb and it kept blinking so i transferred this screen to another psp that i had that was missing a screen and basically going with that psp since it is at a 5.01 m33 firmware. upgrade that and be on my way into helping the scene. can’t wait to get home today.

  8. Tvivallo says:

    but i don’t have a psp, i have only the ps vita

  9. NakedFaerie says:

    Very nice tut. I’ll be giving it a go later tonight.

  10. Maxilus says:

    Haha! I think most of us doesn’t have PSP anymore. Some move on to PS Vita. No wonder I see alot of 2nd-hand used PSP being sold in game store.

  11. jerryming says:

    It’s Very good of you.I very want to know how to exploit the psv more than only play a video game.

  12. ssxangel says:

    too bad my psp were stolen

  13. xoombie503 says:

    wololo..after we save the sdata.bin how do we load it in the psp or how do we encrypt it? do we put back on savedata plain or where.thanks

  14. ssxangel says:

    err this is not wololo =)

  15. Mazet says:


  16. heritol says:

    this means that the new exploit was false?

  17. BuzzSaw says:

    Hey, look, someone else who likes HxD.

  18. gunblade says:

    dang missed the seven day head start bumers .Psp go on the first though.

  19. riowzl says:

    I’m gonna grab a preowned psp at gamestop…

  20. Bromanbro says:

    Good tutorial. Thanks.

  21. bronz777 says:

    я бы хотел чем либо помочь, но я не понимаю как это сделать!
    хотя тут все прекрасно описано.

    • V says:

      Trying makes best practice and google makes you smile.. the best part is you found the program, you even have people to ask. This is an advantage already comparing to developer who started with nothing(eg. Dark Alex)

    • >_> says:

      Не волнуйтесь о нем, то, пусть профессионалы это сделать.

    • kl8on1 says:

      закидываешь сейв димер сюда:ms0:/SEPLUGINS/ folder, потом запускаешь любую игру, которая есть в пс сторе, создаешь профиль и сохраняешься, сейв димер создаст какую-то папку с сейвом, но уже с декодированным, там через редактор хекс таблиц находишь имя профиля и дописываешь много символов “а” в него, сохраняешь его, потом подгружаешь псп-линковские плагины usbhostfs.prx and psplink.prx, in game.txt and in vsh.txt. Потом запускаешь pspsh.exe and usbhostfs.exe. Теперь с загрузки модифицированного профиля будет выдавать ошибку pspsh.exe и её нужно копирнуть на форум, а девелоперы скажут, можно ли сделать эксплоит с помощью данной игры) Что-то вроде того, сам не имею псп, если бы мог попробовать сам, то описал бы точнее)

  22. garv says:

    Could it be that someone is being devoted to the release of the PSVita 3G network?

  23. w7y7a7t7t says:

    umm i don’t want to be rude, but wololo wrote a much more detailed and better explain tutorial on this a while back, he also didn’t tell you to rely on others to confirm it. i would that just reposted that is you wanted to remind people it’s not to hard to find an exploit :p

    • w7y7a7t7t says:

      umm i don’t want to be rude, but wololo wrote a much more detailed and better explained tutorial on this a while back. he also didn’t tell you to rely on others to confirm it. i would have just reposted that if you wanted to remind people it’s not to hard to find an exploit :p
      (my grammar was soooooo bad above, i had to fix it in the reply haha)

  24. xj107359 says:

    Hi, I’ve tried , neither the gamesave file nor SDDATA.BIN contain username after enable SaveGame-Deemer. Is there any other tools can decrypt savegame file?
    Thanks in advance.

  25. francis says:

    psvita are being used right now…never mind psp..lets move on to the vulnerability of the psvita…come on!

  26. Darton Staker says:

    Thanks wololo, you really helped clear that up!

  27. AsifWani says:

    hey wololo can i somehow load plugins in ps vita it’ll help me in loading the psp dlc’s using the NPLoader….
    so far i’m successful in playing all the iso’s,cso’s and homebrews through the CFW for vita but the plugin thingy bothers me as it needs going in the recovery mode of psp…
    as far as i know…. hope u help me… :)

  28. Chema says:

    Wololo Hello, I have a doubt about this.

    Is it possible to find the exploits in psp games that you download from a different place to the store and that they function in ps vita? Buy games and games until one works is very expensive.

    Sorry for my bad English.

    • h4ckvit4 says:

      hey i’m trying but many games have an autosave… is it possible to find explois “aaaaaaaaaaaaaaaaaa” with autosave?

  29. >_> says:


  30. m0rb1t says:

    are there similiar mac programs?

  31. Victor says:

    I’ll try out tonight. Thanks for the post wololo.

  32. harrd100 says:

    i got no psp or psp go
    so guess ill wait for the hack to come
    ”sigh” ill never play kingdom hearts birth by sleep

  33. Seddik says:

    Can you please wololo give way to hack ps vita without need psp

  34. SupahLeecha says:

    Come on people, let’s have a try (for those who still have a psp.) My psp stuck on 6.39 PRO-B6 since i adopt PSVita. Tommorow I’ll go on 1 day urgent leave and spend my time on this. I might discover somethin interesting. That’s the spirit people, don’t lose hope. “If there is wheel, definitely there is a way.”

  35. kramoyag says:

    ill just wait for the next exploit…i have patience…maybe ill wait till the next firmware update and maybe soon after the release of next update wololo will release the next exploit…^_^

  36. abelhinhaz says:

    This tutorial is for the PS VITA?

  37. h4ckvit4 says:


  38. Leonardo says:

    Hi, Just one stupid question. I don´t have a PSP to find a exploit, can it be done on PS3 CFW?

  39. m0rb1t says:

    is there asimiliar way for OSX?

    • h4ckvit4 says:

      i have osx too i installed bootcamp and after you can run osx or windows 7 on your macbook. I installed it for this reason because the programs doesn’t exist for osx.

  40. h4ckvit4 says:

    grrrr i tried 20 games today…. when i put many “aaaa” everywhere and when i load, some game continue to play normally, other are stop on an image and the sound continue, but i have 0 game crash :(:(:( i continue

  41. fresno says:

    Does this TUTO works wuth a UMD game or not?

  42. kgsws says:

    Hey but wait, you forgot about format-string exploit … people always forget about this one. Basically it is same as tons of ‘a’, you just use something like %500X – this could substitute 500 ‘a’ (spaces actually), if name field is vulnerable to format-string exploit.
    But remember that this might be exploitable later in game, like in MOHH, exploitable part was when player died, not when game loaded modified save – it tried to display your name – with 500 characters instead of simple %500X. Check every place where you can find your name if you plan to try this.

  43. h4ckvit4 says:

    when i remplace with many “a” i write maybe 4 or 5 line of a and i delet the other letter who was write before, the exploit can be run?

    • Victor says:

      May be you can try to use Mad Blocker Alpha first? Then you’ll know how’s the behaviour of the game that works on the exploit? Just a suggestion…

  44. Kenny530 says:

    Do we actually have to have a PSP with CFW 6.60? I don’t feel like updating my PSP.

  45. Yesterday i was born says:

    I wanna know where is the freaking exploit at? :{

  46. hgoel0974 says:

    I wish PSPLink worked on Vita, I really want to contribute but don’t have a PSP

  47. Deagle275 says:

    I’m having some problems with psp savegame’s not working on killzonde liberation!

  48. error15701 says:

    interesting,i will attempt

  49. seddik says:

    please wololo can you do hack with ape quest pack demo

  50. stOneskull says:

    who cares if you don’t have a psp or other problems in your life… get a blog. tired of these useless facebook type comments. if you have a psp and want to help follow the directions and read comments, including previous forum posts about the subject. then the comments can be easier to read and freed up for those who ARE participating to get their questions easily seen and answered.

  51. mr.sigint says:

    Sorry if this is a dumb question, but does upgrading to OFW 6.60 disable/block pandora battery. I’m on 5.50 prome-4 and I want to try and find and exploit on DFF012 prologus, but I need to be in 6.60 CFW. I can’t try it right now because the select button on my psp is stuck and won’t let me switch between options. I have a faulty home bar and I already ordered a replacement from DX but I don’t know when it will arrive.

    • ChaosAgent says:

      Pandora battery is a hardware hack. If your hardware supports it (1k only?), then it can not be blocked by software. The battery puts your PSP into a repair mode allowing you to flash any firmware you want (or at least any your system is capable of running). So, as long as your have access to a hacked battery (or do the hardware hack on a normal battery) you can update as high as you want or as low as your original firmware (the one it had when it was new).
      Does anyone know if the batteries themselves were updated (removing the ability to to do the hardware hack on them or something similar)? I have a total of 5 minutes of battery life on my current battery (making it a PSUnportable :) ) and need to buy a new one.

      • mr.sigint says:

        Thanks. I just didn’t want to upgrade and find that I can’t downgrade anymore if I wanted to or that my game saves were corrupt.

    • Dilan Parmar says:

      I had a PSP I had a temporary hack so when I pull the battery out or completely discharge you have to run the program again. I used to run 6.60 pro-b I even think there is a pro-c now

  52. walala says:

    is there anyone find some?? share please, even title of the game only, thanks in advance…

  53. Chris says:

    How do u do this sombody tell me all easy way

    • ChaosAgent says:

      Check the forums. I can not imagine an easier way to explain the process. If you’re determined enough though, all the info is in this and the linked above post from Wololo or in the forums of this very site. I wish you luck 😀

  54. m0rb1t says:

    got everything working now….

  55. Mojo jojo says:

    It’s all part of my elaborate plan >:)

  56. Azio says:

    Hey wololo i talking with u i need the texas hold em poker zynga.Can u make it homebrew?

  57. Dilan Parmar says:

    Hey wololo I had a great idea when my Vita crashed I had to go to the recovery menu to reboot (how to access the menu you turn off psp and hold Ps button and the r(toggle) button and you have several options. One of which is to update. I am not sure if it ANY use at all. But it could allow possible downgrading.

  58. Xinefury says:

    There has bin no news about vita hacking for days now…

  59. tglforwololo says:

    it is used for sb who missing the chance. Thanks for sharing…

  60. tglforwololo says:

    just come on. We will suport u all the time

  61. does the save gotta come from an original UMD or can we use an iso to do this?

  62. xyphon says:

    wololo,may I ask a question?

  63. Sephisel says:

    recently, i have been looking for exploits within psp games, but i have difficulty for the games in which you dont put a name. Usually most minis dont have the option to put a name to your save game. Now, my question is how do you create a buffer overflow with these, where should a place a bunch of “aaaa” in order to get a crash?
    Any help will be welcomed.

  64. Sergey says:

    i have a question … i have edited the file from the SAVEPLAIN but when i try to load the save data the name on my save is still the same ???

  65. Sergey says:

    do we still need to encrypt the save data ???

Leave a Reply

Your email address will not be published. Required fields are marked *

Most comments are automatically approved, but in some cases, it might take up to 24h for your comments to show up on the site, if they need manual moderation. Thanks for your understanding