Release: ROPTool by Davee, could help homebrew development on the 3DS and PS Vita
If you don’t know who Davee is, here’s something to refresh your memory: before the PSVita ever existed, there was the PSP. And Davee was a major part of the hacking scene of the PSP for years. Between Kernel exploits, downgraders, and the occasional hint that he was still looking closely at the PS Vita, it was difficult to miss Davee from any hacking news site a few years ago. But he’s kind of gone off the radar recently…
His latest blog post, more or less one year after his previous one (did I mention he’s off the radar?), announces the release of ROPTool, a tool that will be useful to further analyze ARM systems in the context of an exploit.
ROP (Return Oriented Programming) is a technique widely used these days by hackers to exploit modern systems. Modern systems have various security in place to prevent running arbitrary code, and ROP is here to bypass that kind of security. Wikipedia explains it better than I could:
An attacker gains control of the call stack to hijack program control flow and then executes carefully chosen machine instruction sequences, called “gadgets”. Each gadget typically ends in a return instruction and is located in a subroutine within the existing program and/or shared library code. Chained together, these gadgets allow an attacker to perform arbitrary operations on a machine employing defenses that thwart simpler attacks.
The problem with ROP is how convoluted it is to use, so Davee started to work on ROPTool to facilitate the work, specifically on ARM processors (more tools exist for x86). Roptool “will take a script language and a list of gadgets and provide a binary stack layout with data references“. Most Mobile devices today use an ARM processor, making them an interesting target for hackers in general. As Davee says, releasing tools such as ROPTool is always a double edged sword, that could be used by security researchers and black-hat hackers alike.
Davee mentions the 3DS and the PS Vita (both running on flavors of ARM processors) as potential targets for this tool, and specifically explains it could help in the long term with homebrew development on these devices. The PS Vita is indeed leveraging several of the embedded security features of the ARM CPU, such as NX bit and ASLR. There’s a chance this could be useful for the people working on the recently announced Webkit exploit on Vita’s firmware 3.18.
Download
ROPTool’s source code can be found here
Source: Davee
Sounds like perfect timing to be released 🙂
I think he should focus more on hacking the 3DS. We are already getting so much support for the Vita and i want to see the 3DS get hacked completely. I’m tired of this FW4.5 BS limit. I wanna play homebrew.
Yeah, you wanna play some sweet “homebrew”… like every nds-card like the supercardDS2 is able to and runs nearly on the newest fw…
if you want to play backups of you games, you have to stay on 4.5 and I don’t see a problem there
Yeah, “homebrew”, like unlimited health, ammo, instant kill for MH4(G). LMAO
I meant, playing homebrew on my SD card. I don’t wanna keep buying flashcarts everytime a new FW comes out. Every time I try to update my card I always get an error
Sounds like an issue on your end or you are buying crappy flash cards. Should just get a DSTwo Supercard
3ds is already hacked for homebrews? Vita is not.
the 3ds was already hacked for homebrew for all firmwares, and it was about to be released right up until nintendo announced a new hardware model and the hacker decided to hold back.
google up smealum
He plans to release after his new 3ds is delivered in 2 weeks.
But for real tho, when can we play backups on the 3DS on the current FW? I agree with Rum, The 4.5 limit needs to end.
And the scene is getting hotter and hotter =P
Wish we will be able to play ps vita games for free
dat bait post
get a job
Getting job and studying !!! If you hate piracy, why are you spending your time here ?
Obviously you dont know davee.
He purposely crippled hen from his chickhen exploit so that iso’s would fail to load
> If you hate piracy, why are you spending your time here ?
wut. That should be
>If you love piracy, why are you spending your time here?
This blog is not about Piracy, and if you even spent a tiny bit of time here, you’d realize that Wololo, the majority of guest bloggers, and the majority of the community here does not agree with piracy. That is not what the vita hacking community is asking for, and that is not what this site is about.
The vita in it’s current state would not handle piracy well at all, if you wish for piracy on the vita, you wish for a premature end of a console that isn’t doing well to start off with. It can be argued that Piracy doesn’t affect the majority of markets much, but the vita community is incredibly niche, Piracy would definitely affect the vita in a negative way, that you can be assured of.
I guess that I should be the one asking that to you.. If you are into piracy why are you here? You know that this website doesn’t support piracy..
I am here because I am looking for a way to dump my Vita carts, I guess you don’t know what it’s like to have 20+ carts and the hassle of swapping them again and again..
That’s why I am telling you to have a job and stop living off of your mom’s basement and money because you won’t know the satisfaction of having a shelf full of game discs and a room full of limited editions that you bought on your own hard work…
Cheers! 😀
Preach my handsome modasucka! Preach!
And at the end we get no new Games anymore because of Users like you. The Vita have a difficult stand even without piracy.
Yeah, remember that absolutely dead, day one hacked PSP? Absolutely no games were released. Ever.
go buy 3DS, you can pirate that 240p screen. lulz
Made me reply
Piracy sucks! Homebrew and dumping your carts is the way to go!!
*Those Limited Editions*
Do you use the eCFW on the vita for isos? If you do, you can’t say piracy sucks.
I have dumped most of my PSP’s UMD and those are the one’s that I use on my vita, the only time I download ISO’s are only for preview purposes mainly for Japanese only games.. If it is good I’ll have the game bought and shipped to mine and then dump it again..
well no use for noobs
Great news from davee!
The only thing that is left now is dark_alex to comeback!
Good work guys, Keep it up!
It will be last day for unbacked Vita, if he comes back, I so desperately wish it !
“the last day of unhacked Vita”
Ah yes, DAX from the good ol PSP days…
Piracy Piracy Piracy im so tired of this fear it bull there is no way that every person on here plays games they own for all the emulators out there i cant and wont believe i. yes it does suck and can be a little of a hit to big company’s but how many of you really own all the games you play with the help of homebrew. i own over 3000 games form collecting over the years . so stop trying to act as if your all so honest cause the numbers are stacked not with the moral but with the hacker. just tell the truth and enjoy the games you play and soon enough we all will be playing games for free once again.
Lol thank you exactly
3 years are passed and ps vita still no piracy, no AAA games are coming, sony takes is money to create ps4’s games and do you think that piracy/hack will kill definitely ps vita ? I think it will save ps vita from the limbo.
yeah dude I agree with you
Yet another *** who thinks that piracy will magically make Sony want to support the device. When common sense dictates it will do the direct opposite. I’m starting to wonder the age group of posts like this….. People agreeing with those who want piracy must be between the ages of 10 – 16. Teens/young adults. If they are older, they sure as heck lack the common sense/ability to do simple research.
Piracy is pretty much on every console/system. You can’t avoid it despite what DRM or protective measures they may put onto your device. Piracy probably isn’t going to magically revive the system but it isn’t going to destroy it either. I think a simple analogy is actually this. Whenever console gamers talk about PC gamers they always reference the massive amount of piracy that goes on. It’s the easiest and simplest system to do it on. The thing is though is that it isn’t a deterrent for developers anymore. Over the past few years PC gaming has seen a resurgence. A ton of console exclusive titles and series have been gradually making their way to PC. Just about every single game that isn’t developed in house is also multiplatform anymore. Despite the massive amount of Piracy the numbers of pirates still pales in comparison to the number of people actually buying the game and as such are having a less than noticeable impact. I’m sure the same will apply for the Vita.
You are right, sony will block the development of the tons of AAA that are coming on ps vita, but wait, there aren’t tons of AAA coming for vita xD. Sony doesn’t care about vita’s user. Why must we stay without homebrew, emulator or piracy?
m33 tech built
roptoolchain
ropruntime
ropbubbleInstaller
roppkginstaller
ropxbmc
ropxbmp
ropshowtime
roptnv
ropark
roppsvitalink
roppsplinkwifi
ropskopf
The 3DS much like the NDS and NDSi have something i believe vita does not or at least not as evident nintendo has a habit of using RSA security and saying so on the device exterior if i recall correctly doesnt RSA have some Security holes just thought it was worth a mention
i don’t see how this tool will work with ASLR as is
Honestly , the only reason for me to use ps vita isos or ” pirate ” vita games would be test the game and decide if its worth buying or not. I bought the damn vita to play games like cod and killzone mercenary online . Sony doesnt deserve my money if cit can’t put out AAA games or some new experience and yeah I am absolutely sick of the indiestation vita. If there were a way to pirate games on the vita today , I would probably use the method just to satisfy the rage built up inside me towards vita since the last few years, even if I dont wanna play that particular game or even if it’s japanese or other language . I don’t support piracy but hate these big *** cheating companies. Peace out.
yup
Thank you good sir.
This is why they call us the entitled generation. When going to a restaurant, do you eat the food and then decide to pay or not? Even if the food is bad you just suck it up and not come back in the future, but you’re not entitled to eat there just as you’re not entitled to try games before deciding to pay for them.
What if the restaurant offers you a shiny plate with a promise to feed you the best food and then does not. Are you going to stay hungry for the rest of your life if what you have is only that plate?
Stop moral policing others. Morality should lie within the individuals and not within the ideologies of a sony paid employee.
Lol in the real world, when that happens, yes. You suck it up and admit you were fooled by the restaurant and then you just don’t eat there anymore.
Also, none of the people here are stopping you from pirating anything. Go ahead. Pirate to your heart’s contents. Just don’t get butthurt when they refuse to help you.
Vita piracy would not be so bad then, i think. ita its just abandoned, no AAA games, not masterpiece like FF, RE or MGS, nothing of nothing. In this chase, piracy don’t ruin anything, because just all developer abadoned the ps vita…
Vita is abbandoned. Like it or not. Hack scene, like dumping memory, unveiling cryptography and running homebrews and backups is more likely to up vita sells, than down them. But I fears that when those hacks finally comes, vita indeed already became a live-corpse. Much more than it already is now.
How Nintendo can do so beautiful work on 3ds and Sony can’t with Vita? Sony’s fault. So, i agree that piracy, homebrews, etc have to reach psvita, and a expect sony learn by vita that, for worst piracy is, stay it’s system half open permits people buy it, and nobody at all aims piracy! They just like a little but of freedom!
Good bye vita, I will vome back when you could runs dumped games.
Hack does not affect the vita, but motivate those who still does not have the vita, as the vita sales increase because of this, Studio games developers turn interest on the console.
The vita is a powefull console that hacking does not mean only play a copy of your game, mean the possibility of using all the power of the vita that is still closed to us.
I just want to play backups that a friendly guy on the internets is sharing. I wouldn’t consider this piracy. 🙂
Then your an idiot. That’s the very definition of piracy. People on the net uploading backs for people to download IS PIRACY. It always has been. How do you think pirated games are made available to begin with? Someone get’s a copy of the game from a retail store early such as gamestop, etc and then uploads it to the net. THAT IS PIRACY!
Backups are backing up your physically owned gaming medium and using it only on your own machine. Not uploading to for the masses.
JESUS CHRIST! Most of these posts seem to be from kids/teens who have no idea what piracy is.
http://i.imgur.com/XCJ2Skw.png
I am getting sick and tired of all this Piracy/Anti-Piracy stuff.
First of all, anyone using an emulator [NES, SNES, Sega Genesis, Etc.] that doesn’t have the tools to back up their own ROM’s and gets them online? That is piracy. Anyone using ROM’s or ISO’s that did not come directly from Physical Media that they own is guilty of piracy.
That being said I neither condone nor condemn the actions of anyone that decides piracy is worth it for them. It has been worth it for me in the past, and will be again I am sure. For example, I use an ISO of Phantasy Star Portable 2 on my vita. The only game that I still own a PSP UMD of. However, the ISO I use is not from my PSP UMD as I no longer own a PSP and have no way to make my own backup. This is therefore technically Piracy, even though many would see it justified simply because I own the UMD.
Secondly, to the DB ***’s that keep repeating nonsense about previous posters’ age and people being too young and other such nonsense. Physical age does not accurately represent level of maturity. Anyone biased enough to put someone else down for their age, or for any other reason for that matter, needs to take a look at themselves and deal with their own level of immaturity.
Thank you. If these same people are bothered by piracy so much, why are they on this website in the first place? Smh, a lot of people on here embrace piracy. They are just smart enough to keep that hidden.
@Acid_Snake are u russian?
@topic Native Vita Hack would be so Awesome please make it happen will stay on 3.18 for ever if i have to and just buy another Vita for onlineplay
thats no impotant,all people are the same,he is not E.T.
have another question please Reply….
I Have a PS VITA on 3.18 and patapon 2 exploit (TN-V10) and 8 GB memory card…
I want to buy a 16 GB memory card now can i log on with my Pfofile with patapon 2 without update
Or is here a way to log in to psn on 3.18 (with proxy)?
Please reply want really know it (I understand English, German and Russian) you can reply in any of this three languages and i will understand
want to change memory Cards is it possible on 3.18?
Not sure why so many people are crying about piracy when native homebrew isn’t even an option yet. The way that I see it, if you resort to only piracy and never buy games afterwards, you were probably never planning on buying games anyway. That said, I look forward to whatever actual homebrew might come in the future. I’d like to be able to read my comics already.
Support piracy on new platform = no money, lazy, hassle free live wannabe
Anti piracy = have money to spend, actually care to pay on something, elitist.
Pfft, piracy , heh,
Reloading on 3.01 Japanese release Vita, so thats a good sign.
As for those of you who ask what it should look like if it worked on 2.60 I will assume “HELLO WORLD”
I have not sifted through everything yet but I hope to have some free time to look further into this 😉
Davee really did an amazing job at documenting everything so it shouldn’t be long before more people start getting their eyes on this.
~evil
Tested this on 3.01 as well, but from http://lolhax.org/vita.htm
had two popups appear, one finding a webkit after pressing start, then i hit refresh causing another saying “Congrats, this vita is vulnerable”.
progress i guess 😀