The malicious code hackers put in their software

wololo

We are constantly looking for guest bloggers at wololo.net. If you like to write, and have a strong interest in the console hacking scene, contact me either with a comment here, or in a PM on /talk!

61 Responses

  1. Lucif3r says:

    Adding malicious code in a program used by the public is inexcusable. Period.
    As the article states, bugs exists, some ultra-rare condition might trigger that malicious function, and BAM, a completely innocent person gets his device bricked, wiped, or whatever.

    Programs that contains any malicious code is no better than a damn virus, and should be treated as such.

  2. Cat says:

    I think the behavior is correct dev tn, nobody likes to be pressured to release something and insult him up ..

    • You says:

      Some people simply deserve it, Period.

    • kenpokiller says:

      Much agreed, this is intellectual property and despite it being shared it’s disgusting how some websites even try to cash in that, *** THAT NOISE EAT STRONK CODE

    • If he is using other peoples work, then he should release the source, there are only two reason for him not to releases the source code:

      1.) He is ripping of other developers work
      2.) He wants all you people to keep sucking off his ePeen, if he released the source, he would have a smaller ePeen

      Reasons he should releases the source:
      1.) So people can improve the code, make it better.
      2.) So people don’t have to wait on him being in a bad mood or not to see if he will release something.

      • Broose says:

        Or so corporate can study the code n find a way to patch it for ever and the scene wouldn’t “advance” so well.
        you’re seeing the glass half full, nothing wrong with that but you have to consider the fact that if smth is released, it won’t be only dev on this scene that would use it…

        • Broose says:

          (Wololo, why are my comments ALWAYS have to wait for moderation ?) I don’t like it 🙁

        • AliceTheGorgon says:

          Dude, Sony has enough money and developers that they don’t need the source code to figure out how to patch the hacks.
          Anything a group of hobbyists can do, Sony can do *way* better if they want to.

        • Acid_Snake says:

          “Or so corporate can study the code n find a way to patch it for ever and the scene wouldn’t “advance” so well.”
          Are you aware that PRO CFW has been open source for half a decade now? And ARK was made open source last year? Tell me how the scene has not progressed due to PRO being open source for so much time.

      • No says:

        Your whiny attitude helps nobody. Accusing him of ripping off of others’ work and having an ePeen is very mature and a great way to get him to release the source code /s. See how well that worked out for The Zett.

        This scene is the result of contributions from many devs, some of whom used other’s work to contribute in their own way. If TN’s work is just a trivial copy as you are implying, make your own eCFW. He spent his own time working on his eCFW and has no obligation to share the eCFW with you or anyone else in the first place, let alone the source code.

        • Acid_Snake says:

          He explicitly said that PSX was his work when it was qwikrazor and I who found it in the first place thanks to Coldbird’s initial investigation. TN was doing nothing but waiting for us to get him code execution so he could copy-paste parts of TN-V into it and call it a super awesome and hard job.
          I have no problem with TN sharing his code or not, I have a problem with him usually using other devs work for his own and never giving anything back. Do you know how many exploits of all kinds we gave him so he could continue working on TN-V? Have you seen any little bit of gratitude from him for that?
          It’s super easy to defend this guy when you have never had to work with him.

  3. ANU815 says:

    I totally remember the DAX M33 move. M33 itself was an Easter egg. For those that don’t remember “M33” stood for March 33rd, or April 1st, which is April Fools Day. On that day there was code that I think displayed some sort of splash screen if I remember. Look, I think bricking is evil, when there is no unbrick solution. Deleting on persons memory card content, which everyone one of us in the scene backs up religiously, it just silly fun.

  4. Michael says:

    The Z is an annoying little brat. Although I advocate him getting owned I don’t agree with backdooring software you’ve made available to several thousands of other people. As stated, although intended to wipe his device, bugs happen and could subsequently nuke innocent civilians you didn’t intend to harm. Why risk casualties of war and harm your reputation? If you’re eager to commit crime to silence him then break into his web server or have a hacker friend do it

  5. Warfather says:

    if total_noob wanted to do this its fine by me if the Z hates total_noob why even bother using it, he’s just a whiny ***, and dont bust a commie on me let my comment reach the ppl

    • Fallenleader says:

      unless things changed recently, The Z said he DISLIKES TN, but likes TN’s work. Even I feel the same way. I think TN is a ***. Doesn’t mean his work is ***. Doesn’t mean I shouldn’t use it and certainly doesn’t give him the right to nuke my device because of personal feelings.
      I have yet to see The Z ever claim hate against TN, just extreme dislike for him as an individual. People seem to confuse the personal feelings with the feelings of the product.
      It doesn’t matter the personal history of anyone. Malicious code is wrong. Period.
      From following the scene, I have seen many attacks from TN towards The Z. All the comments from The Z I have seen are in retaliation, not initiation.
      The actions of TN has made me loose all respect in him as an individual, and the fact that he released malicious code to the public period is reason enough not to trust him.
      The Z has shown plenty of times coding competence. Funny enough, TN called him out on a youtube video making assumed statements (probably as a derogatory insult).
      Sorry to say this to someone who has helped me, but in the past, I was trying to help the scene by sharing a possible (but unfortunately it wasn’t in the end) exploit. The Z was busy and his comments seemed a bit cold. This could be taken the wrong way instantly, and I have a feeling that TN got *** over a comment made in this way that Z made which started the whole BS. It goes even deeper than that to a degree that anyone really trying to take a side of the fence is showing ignorance. I only speak from what I have personally seen and the fact remains that TN is a A-hole, both in how he is approaching the situation like a *** high school tween who got her crush “stolen”. The Z isn’t improving the situation with his snide remarks, but can anyone else here honestly say that if someone kept attacking you, you wouldnt make a snide remark or two? Stop playing holier than though. TN needs to grow up, and The Z needs to stop giving the Noob the time of day.
      Acid_Snake can vouch, plenty of things were handed to TN on a silver platter.
      While I think closed source is a D move, that is not the biggest jerk move he can make. it’s his current actions that are truly unacceptable.

  6. I’m on the fence about it. As long as it doesn’t affect me I could really care less. Honestly I think it’s funny what Total_Noob did, though now it’s done he should remove it. My my worthless opinion anyway.

  7. Gaze says:

    If the malicious code bothers people, they have the option of not using the software. Everyone should understand playing with unofficial software carries a risk. Personally, I’ve bricked my psp2000 three times and that was without malicious code. Luckily I had an early phat psp that could make a pandora battery…

  8. lmao says:

    So people talking about ethics when they using an unofficial releases (aka Hacks)?…
    Haaaaaaaahaha this is funny.
    Bi*ching something like this now, really?
    If you don’t want risks, then just use the Godddamn official firmware from Sony.

    • lmao says:

      There’s always risk of Sony banning your account even if you are using non-malicious hacks

      • Alex says:

        The reason why people need to modify their devices is because of certain companies like sony microsoft or nintendo that make closed devices.

        I want to develop for my machine.

    • AliceTheGorgon says:

      Some people *actually* have ethical systems where jailbreaking your own purchased device is fine, and intentionally harming someone else’s stuff is not fine.

      Don’t assume your morals are the only valid ones.

  9. LaFlex says:

    total n00b is free to program whatever he wants into his releases.

    you are free to use, or not use, his releases.

    somewhere in all this is a lesson about biting the hand that feeds you.

    Final thought: total_n00b has been keeping the ePSP scene alive with his releases, almost single handedly. Politics aside, respect due

    • Jorcor says:

      highhandedly?
      i guess the sheer metric ton of stuff quikrazor has released along with the z and several other devs just doesn’t even count

      • Jorcor says:

        singlehandedly?
        i guess the sheer metric ton of stuff quikrazor has released along with the z and several other devs just doesn’t even count

        • Acid_Snake says:

          Let’s not forget TN-X wouldn’t even exist if qwikrazor didn’t help me develop a crash I found into a full exploit, along with finding how to write to vram which allowed TN-X to use homebrews. TN would still be battling PEOPS on TN-V getting half-*** sound and uncompatibilities on PSX games right now if it weren’t for Coldbird, qwik and me. TN didn’t even believe that the Vita’s PSX emu was just a special pspemu, he called bullsh*t to everything Coldbird said about PSX emu and it turned out true.

    • acid_leak says:

      dont try and cover up for TN
      hes an idot and deserves to be punished

  10. warfaren says:

    Anyone remember DSBrick? There’s another one for you.

  11. cory1492 says:

    Hah I remember that, “website in question” banned me from trying to warn people away from the edited binaries, in fact IIRC they removed any post that was related to bricking and left the edited binary up. I find it hard to think of dark_alex as the malicious party in this case, it was right in the (unedited!) readme what would happen if the binary was tampered with.

  12. DarkenLX says:

    i can think of some “evil code” Ps3 CFW…(Fake ones.)

  13. Shaggy says:

    I’ve heard that Krikzz, the creator of Everdrives also put out an update on Master Drives that would intentionally brick cloned Master Drives. I understand the dude needs the money, but unsuspecting users who bought something they didn’t know was a clone is kinda backwards.

  14. Brian Witzberger says:

    In all actually its the users fault because they should not modify the hardware to begin with you said your self Z …..trust is a big issue!;-)

  15. NakedFaerie says:

    I know that website that modded the M33 files and I DID take revenge. I am banned from there for life which is a joke as I’ve been a mod there 3 times since. LOL.
    I did what DA didn’t. I corrupted his forum and it took him about 6 months to fix. That was my F.U. to the site for modding the files and all the sufferers who wanted his website corrupted. Your welcome.

    I wondered since then and too this day when will the scene GROW UP and stop acting like little ***? This is NOT kindergarten but they act like it is.
    The only way the scene has moved on is from leaks. Nobody releases anything anymore unless someone else leaks it first.
    Its really good when people like TN release something without all the bitchiness of someone else leaking it but when he puts malicious code in it that’s just kindergarten *** and needs to stop. GROW UP and move on.

    There is no need for that malicious code, dongles, or any kind of payment for CFW or backup support. Just release it and you will get the praise. If you release a dongle CFW or non backup support all the praise will go to the person that does release a patch to remove the dongle or add backup support.
    Stop being *** and move on. If you want to release a CFW without backup support then go back to kindergarten and *** to people that care. Thats NOT a CFW, a real CFW has backup support and does all the things you *** about.
    WHY are you in the scene to start with? People want a CFW to play backups so why release one without it? (BTW, I’m pointing my finger at the latest 3DS patch as its NOT a CFW its a patch only and its a lame one at that)

  16. ilovepsvita says:

    Ah now I understand I was not right… TN was not right…

    @DarkenLX yeah the bricking PS3 CFWs like SGK Team CFW or Hishamage
    Warning dont try to install them on your PS3 your console will brick

  17. PSVITAorPSDEAD? says:

    always check the Md5 of the UPDAT.PUP you are trying to install on your CFW PS3 to avoid a possible brick!

    • sniffinpoprocks says:

      There used to be an app that had a database of valid MD5 hashes for official and known scene releases but… I don’t think the database part is maintained anymore. Anyone Know?? I got sc*** by this as well, updating one of my ps3’s to a ‘fake’ CFW that was actually official CFW.

  18. Thrawn says:

    Actually I would not be that worried about malicious code that is put in on purpose… because you actually expect something like a cfw or flash card to have some kind of horse leg…
    I would be a trillion times more worried on the things that are inside our devices… hidden deep in the layers of silicon and embedded in microcodes and bootloaders… anyone noticed the nice little malware affecting hard drive firmwares, persisting even after formatting the hdd?
    There was a neat article about that some weeks ago.
    Also, it has been proven that firmware of usb sticks/ssd’s and their respective controllers can be overflashed, turning such a device effectively into a host and infecting all other devices it gets into contact with. 🙂
    I’m a the point to believe that every router with wifi/device with wifi is able to bypass any kind of wifi security if a “master order” is either sent or received. Something like a shadow network, only active if a device goes to standby or gets “shutdown” or manually disconnected from wifi/3g/lte…

    Here some nice things to get ppl to wake up:
    http://en.wikipedia.org/wiki/Sony_BMG_copy_protection_rootkit_scandal
    http://blog.trendmicro.com/trendlabs-security-intelligence/mcdonald27s-japan-recalls-promotional-mp3-players/
    http://thehackernews.com/2014/03/nsa-hacked-servers-of-chinese-telecom.html
    http://blog.kaspersky.com/equation-hdd-malware/
    https://srlabs.de/badusb/

  19. nebu_187 says:

    I would go nuts if my device gets bricked or wiped.

  20. tryrush deppy says:

    how dare they!!! i ask you all, IS THERE NO HONOR AMONGST THIEVES ??? [ ) o_0 )

  21. Mr. MaGoo says:

    Don’t forget about the true blue dongle for the ps3

  22. NakedFaerie says:

    Is this site playing up again or was my post deleted? I couldn’t see it when I posted it but it said it was a duplicate post.
    I checked a few hours later and it showed up. I check again now a few more hours later and its gone again.

  23. Dalton_Corazon says:

    That is why they are humble but awkwardly modest hahaha. Pity shame. I want to be COOL! go to the fridge my friend! 😀 Darn Insecurity! I want to be a coder hope they will not forge it will.

  24. dabigswan says:

    Lets face it, most “hackers” are annoying brats.
    I’m not talking about those 12 year old morrons DDossing useless *** to feel like full grown bearded pirates, those are the scum of the earth, far beyond any help.
    But even some exploit devs are missing the point of community sharing. Just like any scene, they only care about being the ones that bring people what they long for.
    That’s why most scenes are in the middle of childish “wars” (war is much too strong, more like schoolyard scuffle).
    Think how strong we could be against corporations with a true sense of sharing work and thoughts.
    Instead of that we’ve got childrens playing messiahs, and other licking their *** to be on their good side.
    No suprise we get PSN hacked instead of wall street. God, that’s so sad.
    There should only be one scene, or no scene.
    Just my two cents.

    • DayVeeBoi says:

      This is why it’s always referred to as a “scene” and not a “community”, like over at say the Raspberry Pi sites. I’m not dissing or anything. There’s just a lot of ego involved in console hacking

  25. Musashiro says:

    i think the_z effing deserves it.. tn has been there since the psp era and he has a good reason for doing what he did.. eff

  26. V13 says:

    wololo, were you 1 of the victim of DA’s incident?

  27. GermanAIRasscrash says:

    How can you know for certain that every update to a cfw won’t have a malicious code? Some readers on here are straight up buttholes i swear.I say that because of the responses written on here saying “well then don’t download it” somewhat of a response a child not even in jr high gives. Fact is if your into the scene your going to take risks and therefore the results is what you may or may not expect so get over the *** already this is work that devs do give out for free for the most part.

  28. RaZiel says:

    There was a PSP emulator for the PS3 during the early days that would cause a brick as well.

  29. WhyIsThisAllowedToHappen? says:

    Why is malicious software allowed on this website? I would treat TN as I would treat a virus programmer… I would have him banned, and his software removed from any server it resides on.

    The Z is a major asshat, I get where you guys are coming from, but putting malicious code into something that thousands of people use, just to get The Z, is completely out of line, and threatens the data… Maybe even the devices of those who run TN-X.

    If The Z and TN have issues, they need to work it out some other way, and not this petty *** of turning eCFW into a nuke for anything that has The Zett on it.

    Also, I find the name Total_Noob fitting… Because that’s what he is. A complete noob, who solves his issues by putting malicious code into the software that thousands use, just to get one person…..

    So… Why is he even allowed to do this? Why is he not banned? What he is doing is borderline creating viruses…. You know how many people will be affected by some glitch that executes the code?….. How do we know that Total Noob doesn’t have other malicious code in TN-X? For all we know, he has a kill switch built into every copy, ready to be executed at his command. If he’s willing to risk the safety and security of the people who use his software, then there is no telling what else he has put in that code. I don’t trust him, and neither should you.

  30. acid_zett says:

    In my opinion Total_Noob made the right move.. Somebody had to do it.

  31. angelic_sedition says:

    Hooray for closed sourced software! No thanks, I’m not using TN.

  32. Dalton_Corazon says:

    Without TN firsts move of PSP scene in the new generation. PSP will be died by now . Dark_Alex was a legend. Yet of course there will be always a competitor. Competitors are the tricky ones. Programmer waste there time coding night and day maybe with shower and prepare life just to bring ask the Ready-To-Use software for free. Then one show up and copy it. Purpose he will not publish his open source because he did not want to be copied. I pass the exam 80 over 100 and my competitors just glance unto me and to another guy and pass 98 over 100. While he studied graveyard whlist that guy just a have a night life. The point is RESPECT every persons life. you study and make a code and feel how this atmosphere goes.

  33. Arc Futahito says:

    I don’t see the point in bricking device. I mean, if you don’t like someone adding credit to the picture on PSP you just tie it to hash and display a message like “go to bla-bla-bla for hack” on fail.

  34. roswell108 says:

    Why can’t these kids resolve their immature problems on the playground like the other children. Someone gets a black eye, goes home crying, and everyone gets on with their lives. Is it because they are too mature for that? Sure sounds like it…