The Possibilities Behind the Vita’s Only Publicly Available PSP Emulator Kernel Exploit
Over the past few week or so the PlayStation Vita scene has changed drastically. We’ve seen the leaked work of former developer, Coldbird, and the released work that is TN-A, a HEN equivalent for the Vita’s PSP emulator, but what really can we do with a sand-boxed PSP emulator kernel exploit. In it’s most basic form, the recently released HEN allows homebrew, plugins, and PSP UMD backups to be run, but what really is the purpose of a kernel exploit? After all, it’s not all that common as you would think.
Many of you who are long time members of wololo.net recall the past 9 months of vHBL releases, and possibly even before the PlayStation Vita, back to the original PSP 1000, 2000, and 3000 series. The constant cat and mouse game of exploits and updates has been going on for nearly 7 years, beginning with the launch firmware on the PSP 1000. In this time period, nothing has really changed. A usermode exploit allows for homebrew, created with the SDK, to be run, as well as other unsigned code. Furthermore, escalating higher than just usermode, we have the kernel mode exploit we are presented with today.
A kernelspace exploit allows for anyone to have access to the flash0 of the PSP, or in the case of the Vita, the sandboxed flash0, memory. This allows for custom firmware to be created and deployed, homebrew to be run, PSP UMD backups to be played, cheats to be used, themes to be changed, plugins to be installed, and so on. A kernel exploit in it’s highest form is one of the best forms of access to any given console. Once you have the kernel exploited, you can do pretty much anything.
How about in the case of the Vita, how far is too far? Sure, we’ve all seen Davee play ISO’s back on the Vita in March, and “Tony” play PS1 games in the same fashion, but what really can be done? The answer lies in the form of the PSP 1000. You see, Sony decided that it would be best to effectively emulate the PSP 1000 in terms of software and ram, inside of the Vita’s own user interface. The PSP emulator on the Vita is launched with any game that you have downloaded from PSN or transferred from your PS3. When the game is launched, the PSP is technically being emulated, such as it would if it was running in an emulator on your computer. Emulators have been around for years, this is no different.
By not having to allow a lot of ram to the PSP emulator, the Vita can continue to process everything it needs to in the background. This is good for the average user, but perhaps not so much for the developer.
I write this article purely on theory at this point, as I have to wait until Tuesday like the rest of you to get my hands on a kernelspace exploit, but I have come to an understanding of what really can be done inside of this sandbox Sony has lent us.
Perhaps the ram allowed for the emulator isn’t enough, but what I do know is that the entire system’s firmware is present, this is evident in the flash dump we had quite some time ago.
With all of the required files in place, I strongly believe that the PSP emulator inside of the Vita can be used in the same way a PSP you buy can be used. This means all the things you’ve grown to love as an original PlayStation Portable user, and everything mentioned above. Whether it be the Cross Media Bar (XMB) or anything else under the sun, I’m willing to bet we will at some point see it in the emulator on the Vita.
You might be asking yourself, does this mean we could see a full fledged PSP customer firmware running inside of the Vita’s PSP emulator? The simple answer to that very detailed question is fortunately a solid, yes.
Just as the PSP 1000 has it’s fair share of CFW, I believe the Vita will too inside it’s PSP environment.
Think about this. What if you were able to launch any PlayStation Portable game from PSN and be presented with the XMB you remember from the PSP’s golden days? From here you could watch movies or play games, and even homebrew. All this could very soon be possible.
Simply by having this one kernel exploit, and the many games that can be exploited to launch it (read: Monster Hunter, Urbanix) we have a whole world of opportunities.
As we approach what is soon to be another update, by definition of the cat and mouse game between Sony and us developers, I urge you not to update to whatever the newer firmware may be (be it 1.82 or 1.9) no matter the cost, as the only publicly available kernel exploit will be gone, forever.
Participate in the upcoming HEN release of TN-B and be involved in the ninja release by signing up for the /talk forums right here on Wololo.net, and get ready for an exciting future with the days that are to come.
Don’t let the opportunity pass you up this time, get involved.
still, wouldnt sony have signed up for the ninja releases long ago?
If we pull some files using PSPFiler, like, a BUNCH of files, and compare them as what they were before they were encrypted with CMA, then after, what do you think the odds are we could crack the encryption? Then eventually make something that actually mounts the Vita like the PSP did, while still making the CMA on the Vita think it’s trading data with CMA. I think that would be crazy useful. Then we wouldn’t have to overwrite the save data for our exploited game of choice
What you suggest is impossible. Read a bit about how encryption work, good encryption algorithms are especially designed to not be vulnerable to that type of “brute force” comparison.
That’s too bad. I guess I should have known it wasn’t possible after vHBL had been out for so long and it wasn’t suggested previously. Anyway, thanks for your (and your team’s (Not to forget TN)) hard work. If I have anymore questions or ideas, I’ll pop in here. If we’re lucky, we’ll see full out CFW 🙂
Now all we need is a dump program to dump the PSVita game cards and ill be set.
Wololo, sorry if this is a bad answer, but stop to show the exploited games even in ninja releases or leaks, see how much person would like to have cfe tn cfw in their psvitas and tell then to send to you (by email), and to other persons that you know who don’t will tell to everyone about the exploited game, to send their psn accounts (off course with the amount of money of that game will cost) and buy it and inform then by email that you have bought the exploited game, so much more persons will use that game…is an idea
And my email is andrebs1984@yahoo.com.br
Excellent post. Keeep writing ѕuch қind οf info οn үօur
ρage. Ιm гeally impressed Ƅү yoour site.
Ⲏі tһere, Үοu’ѵe performed ɑ ցreat job.
I ѡill definutely digg іt and іn mу opinion recommend to mу
friends. Ⅰ am confident they’ll bе benefited from thiѕ web site.
Feel freee tߋ visit myy site vay tin chap
Ηі there, Ι discovered your blog bу tɦᥱ ᥙѕe οf Google еѵеn as searching
fߋr ɑ гelated subject,
үօur website ɡot ɦᥱr սр,
it appears tо bе
like ǥreat. Ι’ѵe bookmarked іt іn mу google
bookmarks.
Ꮋi tɦere, simply turned іnto alert tօ үοur blog thru
Google, аnd found tɦat it’s truly informative.
I аm gonna watch out for brussels.
Ι’ll bе grateful іf ʏοu roceed thiѕ іn future.
Numerous other folks ѕhall bbe benefited from yоur writing.
Cheers!
Heere iis mʏ web blog nha khoa uy tin quan binh thanh
This design is wicked! You certainly know how to keep a reader entertained. Between your wit and your videos, I was almost moved to start my own blog (well, almost…HaHa!) Fantastic job. I really enjoyed what you had to say, and more than that, how you presented it. Too cool!