wololo.net has been one of the most important sources of information for PSP/Vita security since 2008. This page is a portal for our major articles and tutorials on the subject. If you’re interested in PSP Programming, how to do it, or its history, all you need is here. The information contained in these pages can also be useful if you look for knowledge about computer security in general.
Security tutorials
- How to find a Gamesave Exploit
- How to write a binary Loader
- How to port Half-Byte Loader to your game exploit
- Finding exploits with fuzzing
- Analyzing a crash in the XMB
A Crash is not an exploit
PSP Security history
Some of the milestones in the history of PSP Security
- 2010/12/24: Total_Noob’s Homebrew Enabler for OFW 6.20
- 2010/12/19: Minna no sukkiri Demo exploit
- 2010/08/24: Half Byte Loader on OFW 6.31 with “Minna No Golf”, port by J416
- 2010/03/29: Half Byte Loader on OFW 6.20 by M0skit0,ab5000 and wololo
- 2010/03/29: Patapon2 exploit on OFW 6.20 by wololo and malloxis
- 2009/11/29: Half-Byte Loader alpha release for OFW 5.50 by m0skit0 and ab5000
- 2009/07/10: MOHH Exploit by kgsws
- 2009/05/07: ChikHEN on OFW 5.03 by Davee
- 2009/04/12: Tiff exploit on OFW 5.02 by Matiaz
- Before that: the ancient times…wololo.net didn’t talk so much about security in those times. Cool stuff such as CFW, the first HEN, eLoader, pandora batteries…happened back then. Those were the days, and maybe I’ll write an article about it one day…
thanks for taking the time to organize all your articles. Now I can delete the all of the bookmarks and just bookmark this one page.
coooooooooooooool
now you can add the 6.30 exploit (getting it at that speed is a f****** win!!)
Wololo, Could you make a tutorail “How to create a hello world (in EBOOT) for PSP” ?
i hope they can hack psp3OOO ofw 6.00 and higher……
No matter how i try to load the HBL to my psp i get a corrupted file msg. and it won’t let me load it. Same thing with anything else i try to load. I have the PSP 2001, God of War edition, so i know it’s hackable, with OFW 5.55, which is more than i wanted but on it when i bought it.
help?
Imade a freeze/crash.Yahoo now i have to port this wololo please respond to this.My screen goes black it dosnt crash rather it reads my memory for a while and stays black.HOW DO I PORT THIS WITH HBL!
can you raed this say so please aperently i cant post
Anyway can someone make a user exploit soon just asking for me 6.31 is hopeless
Waiting for Hen 6.20. or I just make my PSP to a Mp4 Player. u r my hope.
hey wololo i have suggestion for you about new game if you are interested please replay
@wololo: Many thanks for all these tutorials. I’ve been able to modify and inject the bin loader into the savegame of EU version of Patapon 2.
I prefer EU Patapon 2 demo, because US version doesn’t work with TiltFx…
You were right, the exploit is very same. The only differences are: ram offset of loader code and the function addresses in Labo module.
I’m going to build new h.bin using generated sdk.S for Patapon2 EU. Do I also need to modify and recompile hbl.bin?
@McArrow : yes, you will probably need to re-adapt HBL to this version of the game, if it is too different from the US version. See this post: http://wololo.net/wagic/2010/09/14/port-hbl-to-your-game-exploit/
@wololo: I have recompiled Hellolo wololorld POC with sdk.S generated from P2 EU demo and it was working right away.
When I compile full HBL (patapon2) with proper sdk_loader.S and sdk_hbl.S (both generated by ruby scripts) and install it together with new imports.config_50x. The game exits to XMB after a while instead of running HBL.
dbglog is generated:
…
Relocating stub addresses from 0x08412B4C to 0x09D70000
…
Relocating stub addresses from 0x084C2520 to 0x09D10000
…
Relocating stub addresses from 0x0876B030 to 0x09D30000
…
Relocating stub addresses from 0x0877228C to 0x09D50000
…
Loading HBL
ERROR ALLOCATING HBL MEMORY
I still haven’t touched exploit_config.h. I’m not sure about TH, EV and SEMA lists to delete… Could it be the reason why HBL does not start?
@wololo: I know, I know – RTFM…
Now I see what TH, EV & SM should be deleted… 😉
@wololo: Everything done. HBL is now working with Patapon2 EU demo (NPEG90011/UCES01177 – green color) … 🙂
Are you or anyone else interested in my patches? Do you thing this is also fixed in 6.3x FW (I still use 5.03)?
McArrow,
I’d be interested in seeing your patches. Can’t have too many ways to make something happen, now can you? : )
Regards,
npt
HBL code and Patapon2 exploit loader is the same for US and EU demo, the only differences are the offsets of the functions in memory.
As I’m a newbie to PSP hacking, it took me 2 days to learn how to decrypt savegame data, decrypt PSN demo and use psplink and pspsdk.
I’m not sure if Patapon2 EU exploit mod is worth adding to HBL sources… Maybe only if it would still work with 6.3x FWs.
If you can download EU demo from PSN, then I can send you savegame and h.bin. It would be great if someone could give a try with 6.3x FW…
@McArrow
I have a fresh 6.31 install (it came this way) and would like to try your exploit. While from my reading it doesn’t look like it will but why not give it a shot.
OK, here you are…
http://rapidshare.com/files/431255711/patapon2_eu_exploit.zip
Savegame + h.bin (Hellolo wololorld POC) modified for Patapon2 EU demo (green) – must be downloaded from PSN.
@McArrow , that’s one of those “suck my nurts off…before and IF you get anything”” download sites….quit it…..loser 🙂 It doesn’t even want you to LEAVE. You gotta hit the BACK button 3 or 4 times real fast. Geesh….anything for attention
Use megauploads website for uploads next time. You don’t need to register and get SPAMMED. Yea….they ALL say you won’t get spammed 🙂 As for this website kinda “trapping” you there were a single CLICK with the back button does nothing>>>>I wouldn’t trust them with snot. Snot-snot-snot 🙂
Hey guys can i know how to hack my psp 3004 pb firmware version 6.30
when will tn hen 6.20 release. Give me the exact date. O_o
then tell us how to psp 3004 firmware version 6.30?
Hey wololo
I want to start exploitig the psp
what do you recomend I learn: c or c++?
Does this code::blocks work?
http://www.cprogramming.com/tutorial/lesson1.html
Thanks
May I know how to identify my psp 3001 whether it’s a 3g or 4g?
I bought it from amazon few weeks back (non bundle pack). I didn’t know about hacking for psp before this and the first I did upon starting my psp was update firmware to 6.35 sigh…
they have a 6.35 hen now
@wololo, this psp security history needs to be updated, all the stuff going on… the psp keys found in the ps3, the homebrew signing stuff, the hen for 6.35…
updating this now would reduce the work of updating this later you know.
have a look to the replay @ this topic ^^it isn´t heavy to count^^ another thing is the upcomming tnD and a better sign key! So why should he update! Wololo update his site often and this take time. 🙂 if someone try to be a dev. i think they found out the most be them self.
@kitson pspident0.7x
Hi!
This site is cool!
But I’ve got a little proplem whit my psp 2000.
After I launched the Fast Recorvery, I wanted to run games, but if I click on a game it write this: The game could not be started. (80010087)
What’s that?
Pls help
um…. excuse me wololo where do i put the fast recovery once i download it. do i put it in the ISO folder or what….. plz tell me btw my firmware is 6.35 pro cfw.
Fast recovery goes in the GAME folder too.
thank you for your answers yay now i === know where to put em”)
why naruto shippuden iltimate ninja heroes 3 could not start on my psp 3000 .im using cfw 6.35 pro b
its been a long time since the ofw 6.37 was released or atleast it feels that way and i was wondering why isnt hen out already
could you guys atleast give us a release date?
how many months i had to wait to hack my 3000 version 6.60
is there any hack for psp 3000 version 6.60
i had got bored of this firmware
I can’t play any games on it
If you know please reply me
I remember you once said you found another on the PSV loopholes, but now you said you don’t continue study, really very sorry, PSV hack is a must, just need a period of time, I hope you can use your spare time to study.
加油!