Finding the memory layout of the vita?

[m0skit0]

Doesn't the EBOOT.BIN on the PS3 use the ELF format? If the Vita does the same, we can use the program headers in the elf files.

So what? PSP too uses ELF format. In fact Linux too uses ELF, as does OS X (IIRC). But on Sony's devices those ELFs are fully encrypted. And what you want to do with program headers anyway?

[yifanlu]

Doesn't the EBOOT.BIN on the PS3 use the ELF format? If the Vita does the same, we can use the program headers in the elf files.

So what? PSP too uses ELF format. In fact Linux too uses ELF, as does OS X (IIRC). But on Sony's devices those ELFs are fully encrypted. And what you want to do with program headers anyway?

Wait, so even if we can decrypt the vita beta pkgs, the actual binaries still cannot be decrypted? Darn.

[Green Ranger]

That has a common name: fake.

It was actually PSV Beta/Retail (<1.00) packages decryption programs. These packages were encrypted with the PSP AES PKG Key, which is available.

I wonder what happened to this, though: http://streetskaterfu.blogspot.com.br/2 ... -flaw.html
I remember SKFU stating that he could decrypt/encrypt PSV savedata... But I don't know if he's trustworthy... Such a thing could probably be used for a buffer overflow, couldn't it? Not an exploit, as we don't have the memory layout, but at least a crash.
It could possibly be a fake too and that was actually a Beta package that he decrypted with the PSP key. Again, I don't know if SKFU is trustworthy

SKFU is trustworthy, and he released some useful Programms for the Vita. Yifanlu schould ask him, because he worked on it month ago.

[yifanlu]

That has a common name: fake.

It was actually PSV Beta/Retail (<1.00) packages decryption programs. These packages were encrypted with the PSP AES PKG Key, which is available.

I wonder what happened to this, though: http://streetskaterfu.blogspot.com.br/2 ... -flaw.html
I remember SKFU stating that he could decrypt/encrypt PSV savedata... But I don't know if he's trustworthy... Such a thing could probably be used for a buffer overflow, couldn't it? Not an exploit, as we don't have the memory layout, but at least a crash.
It could possibly be a fake too and that was actually a Beta package that he decrypted with the PSP key. Again, I don't know if SKFU is trustworthy

SKFU is trustworthy, and he released some useful Programms for the Vita. Yifanlu schould ask him, because he worked on it month ago.

I emailed him my potential exploit like two weeks ago and haven't heard a thing from him, so I don't think he's reading/responding to his emails.

[wololo]

I will try to get in touch with him. He rarely reads email, but is quite often on skype.

[sss0]

I will try to get in touch with him. He rarely reads email, but is quite often on skype.

Thank you, wololo.
That'd be really nice

[wololo]

So, I contacted SKFU and he confirmed to me that even though the firmware package itself can be extracted and decrypted, the files inside are still encrypted. We therefore both agreed that it was not worth the risk for him to share any files he could have access to.

[stingray1059]

Doesn't the EBOOT.BIN on the PS3 use the ELF format? If the Vita does the same, we can use the program headers in the elf files.

hmm.. talking about ps3.... is it possible to have save game exploit in the ps3? just like the vita, psp, wii , ps2 and xbox?

[m0skit0]

Yes, but please, ask such questions in the PS3 forum and avoid off-topic-ing.

[jigsaw]

have u guys read this?

http://www.playstation.com/pss/develope ... erview.pdf

It confirms that there's a mono running inside of vita. All the games/apps rely on mono env.
And Sony is following Apple to create a more open ecosystem, with evil c#. Sad.