yifanlu wrote: m0skit0 wrote:
yifanlu wrote:there are many possible ways of getting out of the sandbox
Sorry, I misspoke. I meant "there are many ways that we might get out of the sandbox" for example, what happens if we invoke the debugger on an invalid location? What if we try to debug an invalid symbol or a symbol that is part of the pss library? What if we send invalid data through the USB serial port? What if we fuzz the USB serial port and see if there are undocumented debug commands? What about the compiled shaders, do they execute in the gpu directly? Could we do something with that? What if we play with the System.Execute class in PSSuite? It only supports URL "commands" to launch the browser, but what if we try other things or malformed urls? On and on.
I don't remember who said I was dumb (the person didn't use those words) to assume that I could decompile the PSVita executables, but you can!
I had fun decompiling some of the examples that come with the PSS (that I build myself) and it produces a cute little code.
Here is a dump of the MonoDevelop.Pss.dll object (some types might be missing because I didn't know what DLL had "MonoDevelop.Core" namespace in it):http://dl.dropbox.com/u/73104932/MonoDevelop.Pss.zip
- "and here is a screenshot of Reflector.Net:"
In the \MonoDevelop.Pss\MonoDevelop\Pss\Vita
directory, there are a couple of cute files that explain how the PSS Studio communicates with the Vita via USB:http://dl.dropbox.com/u/73104932/PssVit ... rEngine.vbhttp://dl.dropbox.com/u/73104932/PssVit ... Session.vbhttp://dl.dropbox.com/u/73104932/PssVit ... artArgs.vbhttp://dl.dropbox.com/u/73104932/PssVit ... artInfo.vbhttp://dl.dropbox.com/u/73104932/PssVitaDevice.vbhttp://dl.dropbox.com/u/73104932/VitaSerialPort.vbhttp://dl.dropbox.com/u/73104932/VitaUsbConnection.vbEdit:
Oups, I decompiled in VB instead of C#... Anyone want me to redo it? Reflector.Net can decompile to "IL", "C#", "Visual Basic", "Delphi", "MC++" (Managed C++), "Oxygene" or "F#", so make your pick! XD
- IL seems to be some sort of "Invoke Language", which is basically a CLR dump...
- C# is C-Sharp......
- Visual Basic - like it is in the files, currently. Same exact thing as C#, except no ; and very wordy
- Delphi - old-school OOP, I guess
- MC++ - Managed C++... Basically Microsoft's version of C++ that comes with a Garbage Collector (you don't need to delete your variables when you're done, the OS does it when it feels like it, like Java or C#
- Oxygene - No idea...
- F# - Object-oriented Fortran? No idea, I took a guess...