pandora

You are currently browsing the archive for the pandora category.

Borderlands 2 Vita limited edition bundle
Today was a big day for Iron Galaxy Studios; not only did the studio unveil a new character for their two button fighting game Dive Kick but their Borderlands 2 PS Vita port also got an official release date. Let’s not beat about the bush, mark your calendars for May 6th  because just under a month from now Borderlands 2 Vita will be available as a digital copy. May 6th is also the day that the new and “improved” PS Vita slim will be available in the US, sold as a bundle with aforementioned Borderlands 2 and a 8GB memory card.

Read the rest of this entry »



From the developer of the renowned Dolphin Emulator comes an update to the multiplatform, open source PSP emulator which has just been ported to iOS devices! Read the rest of this entry »

Developer ErikPshat just posted an impressive video showcasing the ta88v3 unbricker running. He surely trusts his work, as the video shows him intentionally bricking a ta88v3 (by removing the battery in the middle of an Official Firmware update), and bringing it back from the dead with a Magic memory stick.

Read the rest of this entry »

An unbricker battery compatible with the ta88v3 has been released recently, and scene dev Yoti uploaded a video demonstrating the tool. Read along…

Read the rest of this entry »

As most of you probably know, team Fail0verfl0w announced at the German Chaos Computer Congress that they completely broke the PS3 security, by finding the signing keys used by Sony on the system.

In clear words, they are able to sign content and have a (non hacked) PS3 believe this content is signed by Sony (and therefore the PS3 will run anything you want).

I have received many contacts from people asking me if this would have an impact on the PSP. After all, the PS3 is able to run (decrypt) some PSP games, activate PSP content (like Media Go), and overall there is such a symbiosis between the PS3 and the PSP that we can’t help but ask ourselves: “what if the PSP keys were also available on the PS3?”

Well, it seems the question was legitimate, as Mathieulh announced on Twitter that he can now sign PSP content.

For those who wonder what this means, well simply put: no need for any exploit, HBL, or HEN  in the future, as we will (?) be able to run our homebrews directly from the XMB without any hack. That is, if Mathieu releases his code.

If you still didn’t get it, this is a major breakthrough, with an impact similar to the pandora batteries and the first CFW on the PSP

Congrats Mathieu! Any plan for a release? :)

source: twitter via psp-hacks.com, thanks to Lune for the tip!

Warning: I want to add that console hacking teams do not work for money. People like MathieuLH or the team fail0verfl0w will NOT ask you for money in exchange for their work. If their work ever gets released, it will be available for free. Don’t get tricked by fakers (there are lot of fake failoverflow accounts on youtube apparently)

Did Datel hack the PSPGo? n00b81 sent me this interesting link today.

Datel is a company known for their various tools for many consoles. Their most famous product is probably the “Action Replay”, a series of software tools that allow you to cheat in many games (extra lives, extra gold, extra weapons, that kind of stuff…). Action replay is available for many console, and Datel have sometimes been criticized for making easy money on open source software (such as some code by Booster and the Prometheus team, related to the PSP IPL).

Datel was supposed to release an equivalent to the Pandora battery for the PSP 3000 in 2008, the “Blue Lite Tool”. Their press release, made on the site Maxconsole.net, was apparently only a buzz, as the battery was a standard pandora battery (it worked as expected on old PSPs, but didn’t do anything more than a regular battery on PSP 3000 models). It is still unclear if their Blue Lite Tool was a fake from the start, or if the lawsuit they got from Sony at that time was related to the tool.

Today Datel announce that they have a way to run the Action Replay software on the PSPGo. From the page in the link above:

Works with the original SONY PSP the PSP 2000 & 3000 plus the new PSPgo.

For such a tool to work on a PSPGo, it means that either Datel has become an official Sony partner (I highly doubt that), or they found a new way to run unencrypted code on a PSP Go, or their product description is lying (which happened in the past with the blue tool).

No doubt the hackers will get their hands on this product and debunk the scam if it is one.

Thanks again to n00b81 for the info.

If you own a PSP that you bought recently and haven’t been following the news lately yet are interested in unlocking your PSP, the whole PSP scene certainly looks like a huge mess to you, and you probably have no clue if your PSP’s hackable or not.

Things have been moving quite fast recently, so expect things to change soon, but here is the current state of PSP’s “hackingability” :

models

Below are details for each model.

PSP Phat and PSP2000 (except ta88v3)

If you own a PSP Phat (PSP-1000), or a PSP Slim (PSP 2000) that is NOT a Ta88v3, then your PSP, independently of its firmware, is 100% hackable with a pandora battery. It’s been the case for many months now, and it will not change as the exploit used for the pandora batteries is a hardware exploit and cannot be fixed with a new firmware.

PSP-3000 and TA88v3, Firmware 5.03 and below

If you are the unlucky owner of a “doomed” motherboard, but happen to have a firmware 5.03 or below, your PSP is “half-hackable” through the laughing man tiff exploit and the associated Homebrew Enabler, better known as “ChickHEN”. “half-hackable” means that your PSP can have all the features of fully hackable PSPs (homebrew, plugins, customizable themes, ISOs,…), but unlike fully hacked PSPs, if your hard-reboot your PSP, you’ll have to run the hack again. (For those who still don’t know, putting your PSP in sleep mode works fine and is the best thing to do to keep the HEN in Ram)

PSP-3000 and TA88v3, Firmware 5.50 and above

There is no “public” way to hack these PSPs currently. However lots of exploits have been made public in the past weeks, giving developers enough material to actually work on solutions for these models. A user exploit in the Game Archer Maclean’s Mercury exists up to firmware 6.10. A user exploit in the Game Medal of Honor Heroes (including Medal Of honor heroes 2) exists up to firmware 5.55. The Kernel exploit used in ChickHEN exists up to firmware 5.50, but (is not usable from a user exploit in a game). A Kernel exploit revealed by MathieuLH exists up to firmware 5.55. Team Typhoon revealed the existence of a kernel exploit up to at least firmware 6.10, but didn’t make it public. Technically, with the current public available info, these PSPs could be hacked up to firmware 6.10 for Homebrew through the Mercury Game, and up to firmware 5.55 for HEN (isos, plugins,…) through the kernel exploit revealed by MathieuLH

PSP Go

There is no “public” way to hack these PSPs currently. The PSPGo cannot technically use exploits in games. Well…it can, but as soon as a game is hacked, it gets patched. So either you own a hackable version of the game and can use it, either you’re screwed. The general idea is that we cannot use games as a “good” user exploit source for the PSPGo. Exploits still exist though, and most of the time kernel exploits valid for a given firmware will work on the PSPGo, so it’s only a matter of finding a user exploit in the XMB rather than in a game.

Vocabulary

Homebrew: User made (non official) applications. These include games such as Wagic, utilities, emulators…
ISO: In the PSP world, digital copy of a game, most of the time unencrypted, preventing it from running on an Official firmware. ISOs are often associated to game piracy.
plugin: Homebrews that are loaded in the Ram of the PSP to extend its functionalities. For example, the music plugin allows to play MP3s while playing a game or a homebrew on the PSP.
HEN: Homebrew ENabler. A program that patches the PSP Ram to allow running unsigned code (Homebrews). unlike eLoader, a HEN is in the Ram and therefore doesn’t require to be launched everytime you want to run unsigned code. To do this a HEN usually requires a Kernel exploit.
TA88v3 :A Model of Motherboard that was introduced on the PSP2000 in summer 2008. It fixes the vulnerability used by the pandora batteries. Several techniques exist to identify your PSP Motherboard. If you have a PSP 2000, the easiest way to identify if it has a “doomed” motherboard is to try a pandora kit (battery + memory stick) on it.

Note: Firmware 5.05 has been intentionally not mentioned as it was released to a very limited number of people.

If you own a PSP that you bought recently and haven’t been following the news lately yet are interested in unlocking your PSP, the whole PSP scene

certainly looks like a huge mess to you, and you probably have no clue if your PSP’s hackable or not.

Here is the current state of things:

Below are details for each model.

PSP Phat and PSP2000 (except ta88v3)
If you own a PSP Phat (PSP-1000), or a PSP Slim (PSP 2000) that is NOT a Ta88v3, then your PSP,

independently of its firmware, is 100% hackable with a pandora battery. It’s been the case for dozen

months, and it will not change as the exploit used for the pandora batteries is a hardware exploit and

cannot be fixed with a new firmware.

PSP-3000 and TA88v3, Firmware 5.03 and below
If you are the unlucky owner of a “doomed” motherboard, but happen to have a firmware 5.03 or below, your

PSP is “half-hackable” through the laughing man tiff exploit and the associated Homebrew Enabler, better

known as “ChickHEN”. “half-hackable” means that your PSP can have all the features of fully hackable PSPs

(homebrew, plugins, customizable themes, ISOs,…), but unlike fully hacked PSPs, if your hard-reboot your

PSP, you’ll have to run the hack again. (For those who still don’t know, putting your PSP in sleep mode

works fine and is the best thing to do to keep the HEN in Ram)

PSP-3000 and TA88v3, Firmware 5.50 and above
There is no “public” way to hack these PSPs currently. However lots of exploits have been made public in

the past weeks, giving developers enough material to actually work on solutions for these models. A user

exploit in the Game Archer Maclean’s Mercury exists up to firmware 6.10. A user exploit in the Game Medal

of Honor Heroes (including Medal Of honor heroes 2) exists up to firmware 5.50. The Kernel exploit used in

ChickHEN exists up to firmware 5.50, but (is not usable from a user exploit in a game). A Kernel exploit

revealed by MathieuLH exists up to firmware 5.55. Team Typhoon revealed the existence of a kernel exploit

up to at least firmware 6.10, but didn’t make it public. Technically, with the current public available

info, these PSPs could be hacked up to firmware 6.10 for Homebrew through the Mercury Game, and up to

firmware 5.55 for HEN (isos, plugins,…) through the kernel exploit revealed by MathieuLH

PSPGo
There is no “public” way to hack these PSPs currently. The PSPGo cannot technically use exploits in games.

Well…it can, but as soon as a game is hacked, it gets patched. So either you own a hackable version of

the game and can use it, either you’re screwed. The general idea is that we cannot use games as a “good”

user exploit source for the PSPGo. Exploits still exist though, and most of the time kernel exploits valid

for a given firmware will work on the PSPGo, so it’s only a matter of finding a user exploit in the XMB

rather than in a game.

Vocabulary
Homebrew: User made (non official) applications. These include games such as Wagic, utilities, emulators…
ISO: In the PSP world, digital copy of a game, most of the time unencrypted, preventing it from running on an Official firmware. ISOs are often associated to game piracy.
plugin: Homebrews that are loaded in the Ram of the PSP to extend its functionalities. For example, the music plugin allows to play MP3s while playing a game or a homebrew on the PSP.
HEN:Homebrew ENabler. A program that patches the PSP Ram to allow running unsigned code (Homebrews). unlike eLoader, a HEN is in the Ram and therefore doesn’t require to be launched everytime you want to run unsigned code. To do this a HEN usually requires a Kernel exploit.

PSP Hacking news  

It’s been almost 3 month since I got my psp3000 and made an “offer” to give half of the donations received through Wagic to the group of hackers who would allow me to run wagic on the new PSP.

Lots of things have been going on in the “underground” world of the PSP in those 3 months. Datel’s new battery (and maxconsole’s disgusting lies), brokencode’s “out of the blue” cracking of the pre IPL thingy, fake downgrade announcements… In the end it seemed like all attempts were leading to a dead-end, and Dark_Alex’s silence on the issue in the last 3 months didn’t help.

A few days ago, I myself gave it a try through a libtiff vulnerability, and managed to get the attention of a few hackers and psp sites… but honestly I don’t see my crash thingy getting any further, especially since a far better proof of concept has been revealed by MaTiAz on lan.st, using a buffer overflow in the game GripShift (but I’ll keep trying with libtiff).

After all, it seems part of the money from the donations is going to be sent to an ebay seller :p

Whatever this proof of concept leads to, I think there is one important thing to remember : people should not rely on only one guy to help them with their unhackable PSPs. This is just unhealthy for the scene. I’m against the deification of hackers.

Libtiff Crash by me :)

Gripshift buffer overflow POC by MaTiAz

Give me homebrew !  

Got my PSP3000 today. It’s pretty neat, really light, the screen has indeed richer colors, and the firmware adds loooots of stuff. I see lots of people complaining about Sony not adding enough new stuff to their firmwares, but I can tell you that if you jump from a Phat with 3.71 to a Brite with 4.20, you’ll see a big difference. The radio feature is pretty neat (it’s probably been on the new firmwares for months, but I told you, I’m on 3.71…), I tested skype with the integrated Mic, and although it’s not as good as on the PC, it’s pretty cool to be able to make a phone call to my friends, 10 000kms from here, in my bed, for free.

I now have to wait until the 3000 is hacked so I can start working on network features for Wagic.

I’m not a hacker, so I can’t help much here, but I’ll send 50% of the donations received through Wagic until Day X to the team or individual who publicly releases an affordable (not an expensive modchip) and relatively secure (not too high percentage of bricks) way of running homebrews on the PSP 3000.

  • This includes the donations I’ve received so far
  • Day X is the day where the “method” to enable homebrews is publicly released.
  • If several teams contribute to this, I’ll choose the one I’ll send the money to.
  • The promise is over if I get enough donations to buy a second hand phat or slim psp (and I hope this does NOT happen)

This announcement is definitely not going to speed up the process, or even give motivation to the hackers working on that, but that’ll be my way to thank them whenever that happens.

Let’s cross fingers, now !

This was to be expected, but the first reports of people trying the pandora batteries and DdC7 on the new PSP 3000 seem to be negative :(

http://sceners.org/index.php?itemid=16

Edit: This has been confirmed by Alek on dark-alex.org

Edit: F#ck ! Some bots have bought all the preorders on amazon.co.jp >.< Now I’m gonna have to wait to get one

Edit: got my preorder, but that was tough !