Sony patched up to 20 exploits with Vita firmware 3.00


We are constantly looking for guest bloggers at If you like to write, and have a strong interest in the console hacking scene, contact me either with a comment here, or in a PM on /talk!

63 Responses

  1. Drugs_r_bad_4_health

    I love you

  2. G0l3m

    I don’t think Sony is really looking into anything but maybe they wrote a nice letter to the gamedevelopers to look out for bugs in theyr products. We all know how the lawyers at $ony work …

  3. Reynkz

    Features of Firmware 3.00 or exploits; I prefer exploits, hackers and modders tend to develop more fun apps than the companies themselves.

  4. infinix

    i believe Sony made special division to handle FW security on PSVita and PS4.

  5. Dmaskell92

    It must be on their end somehow, if nobody is disclosing the names of exploited games, it could be some sort of detection system added to 2.61. My friend on PS3 once noticed (Through PSN) I was running a SNES emulator. As Devs are using private exploits, and connected to PSN it may be a red flagging Sony. This is just a thought, as I have no idea about the inner working of the Vita. Can anyone add anything to this theory?

    • Haze7

      Hey, maybe the capability to play on PSN with a lower firmware was put in place intentionally by Sony to flag the device or exploit(You know to thin out the crowd).

    • Jd8531

      Unless you were using an SNES emulator on a PS3 that has CFW there isnt any way for them to see what homebrew you’re using on a Vita. VHBL is running within a game in the pspemu and the homebrew subsequent of that. Using VHBL is masked by the game you are playing.

  6. Haze7

    There might be a double agent. Or I saw some people in this scene showing their MAC addresses in tutorials(or simply their PSN ID). Maybe they are tracking your purchases to narrow down what games could be exploited and well….trying to exploit it. I would recommend that you burn every trusted hacker and start the “Circle of trust” from scratch.

  7. Pronwan

    Well, if I see the number of existing “private” exploits and compare it to the number of serious “hackers” out there, it’s not too difficult to find them. The problem is only limited to the costs of trying out every single mini game. Since this is priceless for sony, it’s probably enough to have one guy sitting there all day long, trying to create a buffer overflow on every single psp game. I guess, this is the easiest way to find a large number of exploits. If they don’t have an own “hacker”, there might be one out there, telling them exploits he or she has found for a certain amount of money. Let’s say 100 bucks per game or whatever. There will probably be many people out there, willing to do this for some amount of money.

    The bigger problem in my opinion is, that we probably won’t have another exploited game released with TN-V. It might still be workin on the remaining exploitable games, but the virtue of such a game could be too great to release it, just for the fame and at the same time lose it with the next patch.
    I’m guessing, that TN or another guys who still has a handful of games won’t share them. At least I wouldn’t, if I had them. Those who shared a game or two in the past, probably had 5 or 10 exploits running, ensuring, that they can continue their work after the next patch. The only reason to make an exploit publicly known, is to get some fame and still be able to continue working with other exploits, after the public one gets patched. Noone is going to release it’s one and only knows exploit. Possibly even not, if he or she has two or three exploits.
    That’s what I think. So I guess, the PSP emulator will be closed for a loooong time.

    Of course I still HOPE to see another exploitable game, but I don’t think so. – At least not very soon. I can imagine, the next official patches will maybe close another 10 exploits – maybe some, that aren’t known at all. Cause Sony has proven to us, that they are willing to test, test and test as much as they can. And believe me, they have the possibilities to test A LOT… I’m staying at 2.61 these days.

    • Pali

      Try to think other way… maybe everybody now want to give their private exploits to public because it DOES NOT MATTER if they do it or not and their games will be patched anyway :)… think positive

      • Pronwan

        Hehe, nice idea 😉 I q didn’t order oysters cause I couldn’t afford them. You’d buy a hundret, hoping to be able to pay them with the one pearl inside, right?

    • gunblade

      said mostly i mean there like way over five hundred psp game since the psp came out not counting mini so u would think there be a lot of games even with the psp there was a lot of updates weird tough it jus a psx in a ps2

  8. publishe

    can anyone help, I’m a little confused, I thought usermode exploits could only be usermode, but somehow TN-V4 is being ported to them all, how can this be if it doesn’t have access to the kernel commands in say, fieldrunners, which runs in “userland”. Maybe I’m just stupid, any help guise?

    • mlc

      The usermode exploit and the kernel exploit are two different things. A kernel exploit isn’t in the game, but the pspemu itself. A usermode exploit is simply necessary to be able to run the code to trigger the kernel exploit. This is why any firmware below 2.02 can run the kernel exploit that was released with UNO, and any firmware(with a usermode exploit) will be able to run the TN-V4 kernel exploit until it is patched after release in 3.01 or higher.

      There may be a tiny chance of Sony introducing a new bug that leads to a kernel exploit, but it’s 99% certain that any kernel exploit has always existed in the pspemu, and will work on any firmware below the one on which it is released. Unless, of course, it is caught in a wave of unexpected patching like these usermode exploits in 3.00.

      So, in summary, usermode and kernel exploits are two different bugs in two different places, you just happen to need a usermode exploit in order to launch the kernel exploit. (the usermode exploit is in the specific game, the kernel exploit is in the PSP emulator)

    • Acid_Snake

      it’s called privilege escalation, look it up

  9. kukux89

    it’s well know that the largest companies like sony or microsoft. hire people just for playing, hacking or crashing their games to fix all the vulnerabilities for their consoles and the VBHL and TN topic is gaining fame (i’m from mexico and even here we’re tracking down all updates from this scene) so i believe that they’ve a team doing just like you but to make the patches before the game exploits get to public, to finish i want to congratulate everybody working on vita hacking because sony are selling us very expensive the save space to buy their games i.e here 32GB vita memory card cost about $120-130 us dollars

  10. Zyphs

    I thought it was going to impact the TN-V4 exploit for 3.0, i was wondering if it was the right choice to update.

  11. Sony President

    Who the *** is going to upgrade now???? I’m keeping my 2.02 and UNO, who is with me?????

  12. Acid_Snake

    here’s my two cents: I don’t think Sony are actively looking for exploits, what I think is that when we released the Arcade games exploits they realized that publishers tend to reuse the same engine and code on all their games, so a publisher with a game that has a vulnerability has other potential games with similar vulnerabilities. Sony simply looked into other games from publishers with an already known game exploit. Take a look at who made each of the private exploits that got patched, chances are its the maker of another game that did go public. They just connected the dots. As for the utility thing, well it’s safe to assume that TN releasing his test binaries where the cause of it, as they hint to where the kxploit is (although not at the kxploit itself) so it’s natural that Sony at least tried to decrease the amount of games that have access to those utilities.

  13. DeadPixel99

    Wow if Sony would have taken actions like these in the beginning of the psp’s life time it might not have become the open pirate handheld that it has become.

  14. ivo

    maybe they have build in an exploit radar and when seen an exploit instead of preventing it now … blacklist for later ?

    something like the buildin wifi radar on some jp firmware

  15. Nickolas

    Could this be a possible leak? Not meaning to pick at anyone here, just wondering. Also, are the exploits going to be released now? They could prove of some educational value.

    • wololo

      3 of these exploits have already been released in the past 4 days. They all use the same buffer overflow techniques described in my tutorial, so there is not much educational value in them, really.

    • phil87700

      Maybe they should not release all exploits.. considering possibility that in next firmware update the patches are removed… and people on lower firmware can still put them on their Vitas, using the Open CMA or Clarles method 😉 Just a wild guess.

  16. ivo

    bytheway is there some sort of vita psp emulator sorta
    psplink with nethost for vhbl ?
    then maybe …

  17. DarkenLX (Louis Royal)

    One Word “GeoHot” Remember They Gave him a position on thier security team

  18. Adams Myth

    They’re pulling out all the stops.

  19. xj107359

    That’s too bad. Sony has begin to patch undisclosed psp exploits. Maybe I should keep my vita in v1.8@GC.

  20. Jzc:D

    So, when is the release date of new exploit for 3.00 ????

  21. gunblade

    now till next year..

  22. Concerned Citizen

    I smell a rat, please find the common denominator as soon as possible to prevent further damage.

    • wololo

      I don’t like this idea because the “common denominator” would likely point to people I trust a lot on the scene, including… myself 😛
      It just doesn’t make sense. Acid_Snake’s explanation (they audited games from the same development studios that had been exploited in the past) is much more likely

      • Concerned Citizen

        Pay for an audit on a per game, per auditor basis… or pay a hacker to infiltrate the community for all games and many auditors… I too dislike the idea.

        I am sure this event has reminded the honest developers of the value of their treasures.

  23. Infam0us

    Has the release date really been changed till next year?

  24. PlaGeRaN

    my guess, most exploits work threw savedata,
    so testing each and every game in that or similar way won’t be impossible.
    long but not impossible.

  25. elrafu


    Is there any working exploit (kernel better I suppose) in PSVITA OFW 1.60 yet?

    Can I use UNO fron the PS Store?


  26. Akay

    Sony is probably paying someone or a team of guys to keep up with forums and also to hack their consoles the best that they can.

    i guess they can monitor online when a hack is in progess.

  27. BeefStew

    I’ve been following for some time now. Tried to make my vita “more psp friendly” when I had 2.06…. utter failure. Can anyone help me step by step so I am ready for an exploit that comes out for 3.0? Pretty please. Also, you must know that I am an idiot and need to be handled with kid gloves when it comes to ‘technical jargon’.

  28. razor

    After updating I found that the Mortal Kombat 9 invite player option isn’t working at all. F**k u Sony X(