Ps3 hacks you probably don’t know about

With all the rage about CFWs and leaked keys, the Ps3 system has been opened widely. But long before this, other hacks were found that allowed homebrew apps to be ran, amongst other things. While most of these hacks are patched, some are still accessible, even on the latest OFW.

- Ps2 homebrews and backups
One of the first hacks that existed on the Ps3 was not even a Ps3 hack, but rather a Ps2 hack, similar to how we can hack the Vita’s pspemu. This hack required an original copy of Swap Magic 2.6 or up and allowed you to run pretty much any Ps2 homebrew (by means of UlaunchElf) and even Ps2 backups on a usb hdd (by means of USB Loader or Open Ps2 Loader). This method is still available today to any user with a backwards compatible console, but the availability of the Swap Magic discs have been reduced, greatly, since this method was discovered. Swap Magic works on a Ps2 and a Ps3 because it’s pressed the same way as any other Ps2 game, so it would be very difficult (and even impossible) for Sony to patch it.

- Blu-ray Disc Java
BD-J is essentially a way of adding software content to Blu-ray Discs, similar to the Dreamcast’s Mil-CD. This allowed hackers to code BD-J homebrews and play it on a USB stick as the Ps3 recognised them as video files. This method was patched so you can’t play them on a USB anymore, but it’s still doable on a burned Blu-ray Disc.
Very little homebrews were created for this, amongst them we can find pong and an nes emulator with no sound. For more information about BD-J, check this: http://en.wikipedia.org/wiki/BD-J

- RSX access in otherOS
A hack was found that allowed access to the RSX in otherOS and a linux kernel was compiled with such access. Unfortunately, it was patched in version 2.10, and people who have a version lower than that (if there is anyone on earth with such a low firmware) are better off updating to 3.55 CFW and use otherOS++.

- Media Files Exploits
Different exploits and possible exploits in media files, such as image files or video files were found, here is a list of them:
- Tiff exploit
A tiff exploit was found for firmware 1.90, it was alleged that it could allow the playback of ps1 backups and a youtube video showed up demonstrating it. While the tiff exploit was real and allowed one to bypass the firmware update check, it’s use to play ps1 backups was never confirmed. Other such methods were tried to hack the ps3, including corrupted mp3 files that the ps3 recognized as working and later crashed when trying to play it.
- Mp4 exploit
It is also known that firmware 3.21 fixed a potential vulnerability in the playback of mp4 files, we may never know what this vulnerability was and what it could have brought to us, but if Sony patched it, it was for a reason.
- libMPEG exploit
This exploit was found in an mpeg video file, but sadly nothing more than a POC came out of it, it might not even be an exploit (as you might have learned from the psp scene, not all crashes are exploits).

- Open Remote Play
A vulnerability was found that allowed the use of Remote Play on non-PSP systems, such as a PC, by simply disguising our PCs as a PSP, this was patched in firmware 2.80, but not for long since we can now patch the official Vaio Remote Play to use on any PC.

- Resistance: Fall of Man and Motorstorm exploit
This exploit allowed you to bypass the firmware update check to play newer games without updating. It required an original copy of Resistance: Fall of Man and was performed by starting the campaign, pausing the game, ejecting the disc, putting the other game in the drive and selecting “quit game” in the pause menu. Apart from this, apparently Team ICE managed to get unsigned code working using this exploit, but nothing good came out of this. A similar exploit existed in Motorstorm.

- Infectus modchip
The infectus modchip allowed you to downgrade firmware 1.60 to 1.50 but the amount of soldering required, plus the fact that this method was patched, made this hack irrelevant.

- mkfs.self exploit
Little is known about this exploit, but the consequences it could have had were huge. This was the first exploit that allowed to boot blu-ray backups of games. The problem is, these games didn’t run, they booted, but not run, and the exploit was patched above firmware 1.11, so it was clear that very little people could have had access to it. I do not know very well how this exploit worked, but I think it has something to do with renaming mkfs.self (one of the system files?).

Well, as you can see, the ps3 scene has been very active since its beginning, but, for the most part, nothing usable really got out of it.

    1. boom’s avatar

      Think of Sponge Bob with rainbows above his hand

      Nobody Cares

      (“Imagination” Tone)

      Reply

      1. ricerrr’s avatar

        But…..but, being first makes me special! :(

        Reply

        1. Alex’s avatar

          dude, commenting things like”1st”, “I’m first”, makes you stupid, not special ;) remember that :D:D

          Reply

          1. Different55’s avatar

            It’s not the same ricerrr, bro. People all have their own picture. This fake ricerrr has a squarish one, and also posted below faking as ricerrr. The real one, if he ever dares to show his face again, will have a happy star-shaped picture.

          2. ricerrr’s avatar

            I’ll try to remember that. XDDDDDD

    2. Theboss’s avatar

      I don’t get why kids scream first on every topic, grow up kid and come out of your closet

      Reply

      1. ricerrr’s avatar

        I have nothing better to do in life, LEAVE ME ALONE!!!111 D:

        Reply

        1. blackjesus’s avatar

          Your mom sleeps with the plumber

          Reply

      2. Cercata’s avatar

        Because people like you react like you did. If you just ignore then, there will be no fun in doing it :P

        Reply

    3. Huntyz’s avatar

      Very nice I didn’t know about these.

      Reply

  1. Gregow’s avatar

    Read ps3history.net for more ps3 history, this article barely scrapes what happened in the scene prior to ps jailbreak.

    Reply

    1. wololo’s avatar

      Nice link. Pretty sure I already read a similar gigantic (and very instructive) forum post by you on ps3hax

      Reply

  2. GregoryRasputin’s avatar

    Wtf happened my name o.o

    Reply

    1. wololo’s avatar

      Autocorrect?

      Reply

      1. GregoryRasputin’s avatar

        Ahh that is probably what it is, was using my Tablet when i posted.

        Reply

  3. nCadeRegal’s avatar

    another nice read snake. keep em coming

    Reply

  4. Keneth’s avatar

    Some more Vita News or updates would be great…

    Reply

    1. W00t’s avatar

      Very interesting read. Thanks to Gregow for the PS3history.net link, reading that now.

      Why are you people demanding Vita news? Do you want them to make sh1t up? If there was news to report it would be here.

      Reply

  5. Jacob’s avatar

    I am unemployed, but still have a PS3 from when I was employed.

    I am hopeful the new lvl 0 keys might open up the way for a softmod. I can’t pay for a $59 game, let alone an $89 flasher to downgrade.

    Perhaps I am delusional to think a softmod is something any groups are interested in working on. Maybe all the hackers already have flashers and downgraded so don’t need a softmod?

    Reply

    1. kagaelus’s avatar

      UUUhhhhhhh you should pay for games bro.!!!

      On another note thanks for the ps3 news

      Reply

      1. Jacob’s avatar

        Yarr certainly are right matey! *cough*

        You’re certainly right about that bro.

        Reply

        1. Theboss’s avatar

          Jacob if you can’t afford games then sell your ps3, it’s one luxury that you can live without.

          Reply

          1. Jacob’s avatar

            Well I would lose a lot of money reselling my PS3, so I don’t like the idea of that much. But I do not disagree with your reasoning – the PS3 is not required for me to continue breathing oxygen.

            So you are right there, I theoretically COULD live without it. However it may be possible to eat it. I will investigate that further if things get that dire.

          2. the elitist’s avatar

            ya jacob don’t you know that if your poor you’re not allowed to hAve any fun. Sure its ok to steal food to feed your belly, but to steal video games to feed your mind….never worm these video game companies need their billion$ and everytime (eventhough you have no money) you play a pirated game, you are taking a sale away from these billion dollar companies.shame on you

          3. Minimur’s avatar

            yes, sell your ps3 so you can buy games for the ps3!!!!

    2. svenn’s avatar

      Get a job.

      Reply

  6. crayotic games’s avatar

    This was a really awesome read.
    Thanks for sharing this!

    Reply

  7. errm’s avatar

    Cut the bullshit were is tn-c 

    Reply

    1. Acid_Snake’s avatar

      I’ll tell you what I tell everyone with the same attitude as you: DO NOT READ THIS OR EVEN POST IF YOU DON’T CARE

      Reply

  8. power_bi’s avatar

    in Ukraine 75% of ps3 owners didn’t pay for games.

    Reply

  9. power_bi’s avatar

    and 40 percent had never
    bought the intellectual
    property. So that one person
    does not change the
    situation.

    Reply

  10. power_bi’s avatar

    «No one is right, everyone is
    wrong»

    Reply

  11. Roland’s avatar

    Did you totally do the DC security post just to tie into this? (I smiled hard when I saw the tie in)
    lol I see what you did there.

    Reply

  12. VinsCool’s avatar

    OK then I missed alot… And what about savegame exploits? Could it be possible to do the same as on psp since the savegame system is similar? This is just a noob question, because I managed to change the pic0.png without corrupting it and also the param.sfo, I wrote a lot of fake informations on it, putes it on my usb stick and my ps3 accepted it without any questions… But is it possible to change data of savegame, to make a crash, by doing a filename longer than N characters? Finally using it to jump to an ELF loader? Sorry if it was too long, because I’m curious about yours opinions.

    Reply

    1. Acid_Snake’s avatar

      In theory they should exist, but nobody have dug into, and I think their decryption/encryption mechanism haven’t been discovered yet

      Reply

  13. marlewuk’s avatar

    nice article acid_snake, some cool hacks there – shame were discontinued.

    Reply

  14. 1fff’s avatar

    One question where i get an CFW for 4.30 ?

    Reply

Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>