Sony patched up to 20 exploits with Vita firmware 3.00


We are constantly looking for guest bloggers at If you like to write, and have a strong interest in the console hacking scene, contact me either with a comment here, or in a PM on /talk!

63 Responses

  1. Drugs_r_bad_4_health says:

    I love you

  2. G0l3m says:

    I don’t think Sony is really looking into anything but maybe they wrote a nice letter to the gamedevelopers to look out for bugs in theyr products. We all know how the lawyers at $ony work …

  3. Reynkz says:

    Features of Firmware 3.00 or exploits; I prefer exploits, hackers and modders tend to develop more fun apps than the companies themselves.

  4. infinix says:

    i believe Sony made special division to handle FW security on PSVita and PS4.

  5. Dmaskell92 says:

    It must be on their end somehow, if nobody is disclosing the names of exploited games, it could be some sort of detection system added to 2.61. My friend on PS3 once noticed (Through PSN) I was running a SNES emulator. As Devs are using private exploits, and connected to PSN it may be a red flagging Sony. This is just a thought, as I have no idea about the inner working of the Vita. Can anyone add anything to this theory?

    • Haze7 says:

      Hey, maybe the capability to play on PSN with a lower firmware was put in place intentionally by Sony to flag the device or exploit(You know to thin out the crowd).

    • Jd8531 says:

      Unless you were using an SNES emulator on a PS3 that has CFW there isnt any way for them to see what homebrew you’re using on a Vita. VHBL is running within a game in the pspemu and the homebrew subsequent of that. Using VHBL is masked by the game you are playing.

      • Dmaskell92 says:

        That makes sense, I was in fact on CFW PS3. Still, how the heck do they know what Vita games have exploits?

  6. Haze7 says:

    There might be a double agent. Or I saw some people in this scene showing their MAC addresses in tutorials(or simply their PSN ID). Maybe they are tracking your purchases to narrow down what games could be exploited and well….trying to exploit it. I would recommend that you burn every trusted hacker and start the “Circle of trust” from scratch.

  7. Pronwan says:

    Well, if I see the number of existing “private” exploits and compare it to the number of serious “hackers” out there, it’s not too difficult to find them. The problem is only limited to the costs of trying out every single mini game. Since this is priceless for sony, it’s probably enough to have one guy sitting there all day long, trying to create a buffer overflow on every single psp game. I guess, this is the easiest way to find a large number of exploits. If they don’t have an own “hacker”, there might be one out there, telling them exploits he or she has found for a certain amount of money. Let’s say 100 bucks per game or whatever. There will probably be many people out there, willing to do this for some amount of money.

    The bigger problem in my opinion is, that we probably won’t have another exploited game released with TN-V. It might still be workin on the remaining exploitable games, but the virtue of such a game could be too great to release it, just for the fame and at the same time lose it with the next patch.
    I’m guessing, that TN or another guys who still has a handful of games won’t share them. At least I wouldn’t, if I had them. Those who shared a game or two in the past, probably had 5 or 10 exploits running, ensuring, that they can continue their work after the next patch. The only reason to make an exploit publicly known, is to get some fame and still be able to continue working with other exploits, after the public one gets patched. Noone is going to release it’s one and only knows exploit. Possibly even not, if he or she has two or three exploits.
    That’s what I think. So I guess, the PSP emulator will be closed for a loooong time.

    Of course I still HOPE to see another exploitable game, but I don’t think so. – At least not very soon. I can imagine, the next official patches will maybe close another 10 exploits – maybe some, that aren’t known at all. Cause Sony has proven to us, that they are willing to test, test and test as much as they can. And believe me, they have the possibilities to test A LOT… I’m staying at 2.61 these days.

    • Pali says:

      Try to think other way… maybe everybody now want to give their private exploits to public because it DOES NOT MATTER if they do it or not and their games will be patched anyway :)… think positive

      • Pronwan says:

        Hehe, nice idea 😉 I q didn’t order oysters cause I couldn’t afford them. You’d buy a hundret, hoping to be able to pay them with the one pearl inside, right?

    • gunblade says:

      said mostly i mean there like way over five hundred psp game since the psp came out not counting mini so u would think there be a lot of games even with the psp there was a lot of updates weird tough it jus a psx in a ps2

  8. publishe says:

    can anyone help, I’m a little confused, I thought usermode exploits could only be usermode, but somehow TN-V4 is being ported to them all, how can this be if it doesn’t have access to the kernel commands in say, fieldrunners, which runs in “userland”. Maybe I’m just stupid, any help guise?

    • mlc says:

      The usermode exploit and the kernel exploit are two different things. A kernel exploit isn’t in the game, but the pspemu itself. A usermode exploit is simply necessary to be able to run the code to trigger the kernel exploit. This is why any firmware below 2.02 can run the kernel exploit that was released with UNO, and any firmware(with a usermode exploit) will be able to run the TN-V4 kernel exploit until it is patched after release in 3.01 or higher.

      There may be a tiny chance of Sony introducing a new bug that leads to a kernel exploit, but it’s 99% certain that any kernel exploit has always existed in the pspemu, and will work on any firmware below the one on which it is released. Unless, of course, it is caught in a wave of unexpected patching like these usermode exploits in 3.00.

      So, in summary, usermode and kernel exploits are two different bugs in two different places, you just happen to need a usermode exploit in order to launch the kernel exploit. (the usermode exploit is in the specific game, the kernel exploit is in the PSP emulator)

    • Acid_Snake says:

      it’s called privilege escalation, look it up

  9. kukux89 says:

    it’s well know that the largest companies like sony or microsoft. hire people just for playing, hacking or crashing their games to fix all the vulnerabilities for their consoles and the VBHL and TN topic is gaining fame (i’m from mexico and even here we’re tracking down all updates from this scene) so i believe that they’ve a team doing just like you but to make the patches before the game exploits get to public, to finish i want to congratulate everybody working on vita hacking because sony are selling us very expensive the save space to buy their games i.e here 32GB vita memory card cost about $120-130 us dollars

  10. Zyphs says:

    I thought it was going to impact the TN-V4 exploit for 3.0, i was wondering if it was the right choice to update.

  11. Sony President says:

    Who the *** is going to upgrade now???? I’m keeping my 2.02 and UNO, who is with me?????

  12. Acid_Snake says:

    here’s my two cents: I don’t think Sony are actively looking for exploits, what I think is that when we released the Arcade games exploits they realized that publishers tend to reuse the same engine and code on all their games, so a publisher with a game that has a vulnerability has other potential games with similar vulnerabilities. Sony simply looked into other games from publishers with an already known game exploit. Take a look at who made each of the private exploits that got patched, chances are its the maker of another game that did go public. They just connected the dots. As for the utility thing, well it’s safe to assume that TN releasing his test binaries where the cause of it, as they hint to where the kxploit is (although not at the kxploit itself) so it’s natural that Sony at least tried to decrease the amount of games that have access to those utilities.

  13. DeadPixel99 says:

    Wow if Sony would have taken actions like these in the beginning of the psp’s life time it might not have become the open pirate handheld that it has become.

  14. ivo says:

    maybe they have build in an exploit radar and when seen an exploit instead of preventing it now … blacklist for later ?

    something like the buildin wifi radar on some jp firmware

  15. Nickolas says:

    Could this be a possible leak? Not meaning to pick at anyone here, just wondering. Also, are the exploits going to be released now? They could prove of some educational value.

    • wololo says:

      3 of these exploits have already been released in the past 4 days. They all use the same buffer overflow techniques described in my tutorial, so there is not much educational value in them, really.

    • phil87700 says:

      Maybe they should not release all exploits.. considering possibility that in next firmware update the patches are removed… and people on lower firmware can still put them on their Vitas, using the Open CMA or Clarles method 😉 Just a wild guess.

  16. ivo says:

    bytheway is there some sort of vita psp emulator sorta
    psplink with nethost for vhbl ?
    then maybe …

  17. DarkenLX (Louis Royal) says:

    One Word “GeoHot” Remember They Gave him a position on thier security team

  18. Adams Myth says:

    They’re pulling out all the stops.

  19. xj107359 says:

    That’s too bad. Sony has begin to patch undisclosed psp exploits. Maybe I should keep my vita in v1.8@GC.

  20. Jzc:D says:

    So, when is the release date of new exploit for 3.00 ????

  21. gunblade says:

    now till next year..

  22. Concerned Citizen says:

    I smell a rat, please find the common denominator as soon as possible to prevent further damage.

    • wololo says:

      I don’t like this idea because the “common denominator” would likely point to people I trust a lot on the scene, including… myself 😛
      It just doesn’t make sense. Acid_Snake’s explanation (they audited games from the same development studios that had been exploited in the past) is much more likely

      • Concerned Citizen says:

        Pay for an audit on a per game, per auditor basis… or pay a hacker to infiltrate the community for all games and many auditors… I too dislike the idea.

        I am sure this event has reminded the honest developers of the value of their treasures.

  23. Infam0us says:

    Has the release date really been changed till next year?

  24. PlaGeRaN says:

    my guess, most exploits work threw savedata,
    so testing each and every game in that or similar way won’t be impossible.
    long but not impossible.

  25. elrafu says:


    Is there any working exploit (kernel better I suppose) in PSVITA OFW 1.60 yet?

    Can I use UNO fron the PS Store?


  26. Akay says:

    Sony is probably paying someone or a team of guys to keep up with forums and also to hack their consoles the best that they can.

    i guess they can monitor online when a hack is in progess.

  27. BeefStew says:

    I’ve been following for some time now. Tried to make my vita “more psp friendly” when I had 2.06…. utter failure. Can anyone help me step by step so I am ready for an exploit that comes out for 3.0? Pretty please. Also, you must know that I am an idiot and need to be handled with kid gloves when it comes to ‘technical jargon’.

  28. razor says:

    After updating I found that the Mortal Kombat 9 invite player option isn’t working at all. F**k u Sony X(

  29. 110706 says:

    Not only the Vita is a sinking ship, but looks like Sony wants to take out the fun of homebrews and PSP emu stuff too. Keep it up Sony!

  30. isnizal says:

    i already update to 3.00..huhuh…hoping they will exploit for ps vita tn v 4

  31. Voltromik says:

    They got us in a corner,, im getting closer and closer to putting up my white vita with uno exploit.. im just tired of lack of games. Tired of limited OS and bugs. Tired of this 4 core device being wasted. Things have changed,, they wont ever be the same. We have begun an era of secure devices,, exploits are a thing of the past.

  32. Chaosruler says:

    Can you release the GameIDs or the game names and region, considering that now is too late? maybe the games has something in common that alerted Sony…

    on another note, I am really suprised Sony released an update that did not include a feature or a function that attracts update so much, but included so much security patchs

  33. phil says:

    in the process of trying to get vhbl+fieldrunners i updated my vita to 3.0 accidentally. i know theres no current exploits released… but i was wondering where i can find these “ninja releases” as i would like to beat sony to there next patch. i check wololo on the daily but id rather know for certain that im not just looking in the wrong area all together.

  34. jon says:

    I too updated my firmware to 3.00 accidentally..
    hoping for some trophy something…

    but then when I tried placing some files, Open CMA 5 isn’t working anymore.. the PS vita asks me to update my said CMA..

    I don’t care about the games that are being exploited yet.. as long as I can make use of my 32G memory for videos and songs, I’ll be as happy as before..

    I Hope there will be an open CMa for firmware 3.00.

  35. Hi mates, its wonderful post ɑbout cultureand fսlly
    defined, κeep it up all thhe time.

    Mʏ web site :: dich vu seo uy tin