Yes, you read the title right.
You are currently browsing the archive for the HBL category.
Exactly 3 years ago, I announced the release of wMenu for HBL (Half Byte Loader). The early releases of HBL shipped with an embedded menu that was not nice looking and caused some headaches to our team related to the GPL license (details below). With the amount of good quality menus available for VHBL today, it doesn’t look like it, but at the time wMenu was a giant step up. Today, as the initial reasons to make it closed source are not really valid anymore, and with the recent changes to the vita Firmware (which will require additional changes to the way menus install Homebrews on the Vita moving forward), I decided to make wMenu open source.
Finding PSP exploits without owning a PSP was considered impossible because of the absence of PSPLink. But now, PSP emulators are finally starting to behave like the real thing. They have become so accurate that now it is possible to find exploits using just the PSP emulators on a PC.
Famous scene hacker Coldbird, one of the core developers of the Pro CFW, announced a few weeks ago on the prometheus forums that the “online” feature of Pro Online might become available to Phat (PSP 1000) models, after he discovered a new way to get 4MB extra ram available on the PSP.
The most requested feature ever for the HBL, is an iso loader: many “developers” promised the release of an iso loader for HBL, but nobody managed to code one so far. To understand what an iso loader is and why it won’t work on HBL, first, we have to know what a .iso file is.
Syscalls, NIDs, Imports?? If you know what HBL is, you have at least heard one of those three terms, especially “syscall”. Most time spent on developing HBL was trying to improve syscall estimation (even if now it’s broken again). Syscall estimation is one of the most advanced and important parts of HBL, without it you wouldn’t able to run so many awesome homebrews on your PSV or PSP! Most of the times, people talk about this and have no idea what they’re talking about, so here’s a brief explanation.
I just submitted an update to file “gen_exploit_config.rb” in the HBL svn, you can find the file here.
That file is experimental (and also in need of some massive cleanup), but basically it should generate almost everything that is needed to get VHBL to compile and run (including, and especially, on the PS Vita) assuming you already have an exploit and the associated binary loader.
This is still experimental, and I need to update the “how to port HBL” tutorial with this new information, but mid term this should allow you to port HBL to your game exploit in about 5 minutes (compared to about 1 week for people without experience now).
Developer Yosh (a.k.a. wth) recently found another savegame exploit on a PSP game, which he confirmed to work on the vita (video below).
Today developer SKFU was able to confirm that my port of HBL to Teck4′s exploit is still working on 1.52 (this also means that Teck4′s exploit is still here on 1.52, which had been confirmed by mamosuke a few days ago). He also confirmed that the potential vulnerabilities and other stuff he’s found so far are still available in vita 1.52, so it’s relatively safe to upgrade to 1.52 if you own a Vita (I am myself still on 1.51). On Twitter he also posted a picture of a homebrew running through HBL.
I want once again to thank Teck4 for the trust he put in me with this exploit, and for agreeing with the idea of making this exploit available to trusted people like SKFU before we attempt any public release.
Mamosuke confirmed to me today that Teck4′s exploit for the PSP Emulator in the vita is still working on 1.52. Note that it doesn’t guarantee 100% that some of the techniques used to get HBL to work on top of this exploit haven’t been patched, as I haven’t tested myself. But for now I’m confident. I might update to test that, at some point.
The 1.52 Vita firmware can be downloaded here
I managed to port HBL to the US version of Teck4′s exploit in exactly 45 minutes (including writing the savedata exploit and the binary loader), which is a new personal record, thanks to the scripts included in HBL’s repository, and also to the fact that the different versions of the game are internally fairly similar (which is to be expected because technically the game is supposed to be the same, just translated, but I seem to recall it wasn’t that easy for the Hotshots golf exploit)
We’ve seen through Teck4′s exploit that PSP exploits run flawlessly on the PSP emulator of the Vita. I’ve spent the past 3 weeks working on leveraging Teck4′s exploit and port HBL to it. I’ve been receiving lots of questions (probably from people who haven’t used HBL back when it was the only possible way to play homebrews on the PSP Go) and will try to answer them here.
In the past days I stabilized HBL for Teck4′s exploit and got some major homebrews to work. In the video below I’m showing a few homebrews running on the PS Vita. I also included Picodrive again to show that fixing the sound issue is relatively easy as it is just a setting in the emulator. Check the video below. Read the rest of this entry »
A quick report: I’m making some progress on porting HBL to the Vita. Although I’m sad to say that I can’t get syscall estimation to work, I got some major homebrews such as Doom to run already, so overall I think it’s in an acceptable shape. Because it is roughly stable now, today I focused on porting HBL to the EU version of the exploited game (I was working – obviously – on the Japanese version of the game so far). This went smoothly and I can confirm HBL runs fine on the EU version of the game, although of course I could only test on a PSP, not on a Vita.
I used the opportunity to refresh my two guides, how to write a binary loader and how to port HBL. The guides are now simplified, and the binary loader tutorial now has download links to the tools used in the examples.
Writing the first “usable” version of HBL for the patapon exploit took several developers and about 4 months. Thanks to the portability of HBL, bringing it to Teck4′s exploit took me only a few days. Adapting that to the EU version took a couple hours (including porting the exploit itself), so I am confident for the US version.