Playstation Suite US Open Beta Available now!

[yifanlu]

Would it be possible for someone to use this to cause an overflow or to create an exploit using these tools? Would be directly under vita as well no need to mess with the psp emulator.

No, in theory, everything is sandboxed in a VM environment. This is LIKE another emulator basically. However, I say in theory, because there are many possible ways of getting out of the sandbox. Two things that interest me right now are USB serial debugging and the GPU access (opengl calls and compiled shaders).

[yifanlu]

Here's some more information on the vita's pssuite debugging protocol.

First, the device is connected vita a serial port over USB. It implements Mono's Soft Debug: http://www.mono-project.com/Soft_Debugger
Here's the packet format and the kinds of commands to send over: http://www.mono-project.com/SoftDebugger:WireFormat

It would be worth the time to send commands over manually and see what happens.

Also, try adding

Code: Select all

#define DUMP_SERIAL_IO_TO_CONSOLE

to the beginning of your program source. See what happens and let me know (I can't test PSSuite right now).

[Musoka]

There is currently no way to get that pkg on page 1 for the app onto a vita on a lower firmware currently, is this correct? I was hoping to play with the SDK but really don't want to update. All my research so far points to no, just thought I'd ask those a little more familiar with the vita's workings. Thanks

[xerpi]

Also, try adding

Code: Select all

#define DUMP_SERIAL_IO_TO_CONSOLE

to the beginning of your program source. See what happens and let me know (I can't test PSSuite right now).

I have tried that but I don't see any appreciable difference, so if I have to do something else just tell me and I'll ty again

[wololo]

For those who want to discuss the SDK from a "normal" dev's perspective, I created a new subforum: viewforum.php?f=54

I want to separate the discussions on reverse engineering/security from the discussions on how to use the SDK, games creation, etc...

[StepS]

For those who want to discuss the SDK from a "normal" dev's perspective, I created a new subforum: viewforum.php?f=54

I want to separate the discussions on reverse engineering/security from the discussions on how to use the SDK, games creation, etc...

i was going to suggest that subforum, you read my mind thanks

[m0skit0]

there are many possible ways of getting out of the sandbox

Examples?

[yifanlu]

there are many possible ways of getting out of the sandbox

Examples?

Sorry, I misspoke. I meant "there are many ways that we might get out of the sandbox" for example, what happens if we invoke the debugger on an invalid location? What if we try to debug an invalid symbol or a symbol that is part of the pss library? What if we send invalid data through the USB serial port? What if we fuzz the USB serial port and see if there are undocumented debug commands? What about the compiled shaders, do they execute in the gpu directly? Could we do something with that? What if we play with the System.Execute class in PSSuite? It only supports URL "commands" to launch the browser, but what if we try other things or malformed urls? On and on.

[SsJVasto]

there are many possible ways of getting out of the sandbox

Examples?

Sorry, I misspoke. I meant "there are many ways that we might get out of the sandbox" for example, what happens if we invoke the debugger on an invalid location? What if we try to debug an invalid symbol or a symbol that is part of the pss library? What if we send invalid data through the USB serial port? What if we fuzz the USB serial port and see if there are undocumented debug commands? What about the compiled shaders, do they execute in the gpu directly? Could we do something with that? What if we play with the System.Execute class in PSSuite? It only supports URL "commands" to launch the browser, but what if we try other things or malformed urls? On and on.

I don't remember who said I was dumb (the person didn't use those words) to assume that I could decompile the PSVita executables, but you can! I had fun decompiling some of the examples that come with the PSS (that I build myself) and it produces a cute little code.
Here is a dump of the MonoDevelop.Pss.dll object (some types might be missing because I didn't know what DLL had "MonoDevelop.Core" namespace in it):
http://dl.dropbox.com/u/73104932/MonoDevelop.Pss.zip

"and here is a screenshot of Reflector.Net:"

In the \MonoDevelop.Pss\MonoDevelop\Pss\Vita directory, there are a couple of cute files that explain how the PSS Studio communicates with the Vita via USB:
http://dl.dropbox.com/u/73104932/PssVit ... rEngine.vb
http://dl.dropbox.com/u/73104932/PssVit ... Session.vb
http://dl.dropbox.com/u/73104932/PssVit ... artArgs.vb
http://dl.dropbox.com/u/73104932/PssVit ... artInfo.vb
http://dl.dropbox.com/u/73104932/PssVitaDevice.vb
http://dl.dropbox.com/u/73104932/VitaSerialPort.vb
http://dl.dropbox.com/u/73104932/VitaUsbConnection.vb


Edit: Oups, I decompiled in VB instead of C#... Anyone want me to redo it? Reflector.Net can decompile to "IL", "C#", "Visual Basic", "Delphi", "MC++" (Managed C++), "Oxygene" or "F#", so make your pick! XD
- IL seems to be some sort of "Invoke Language", which is basically a CLR dump...
- C# is C-Sharp......
- Visual Basic - like it is in the files, currently. Same exact thing as C#, except no ; and very wordy
- Delphi - old-school OOP, I guess
- MC++ - Managed C++... Basically Microsoft's version of C++ that comes with a Garbage Collector (you don't need to delete[] your variables when you're done, the OS does it when it feels like it, like Java or C#
- Oxygene - No idea...
- F# - Object-oriented Fortran? No idea, I took a guess...