• Steam recently changed the default privacy settings for all users. This may impact tracking. Ensure your profile has the correct settings by following the guide on our forums.

[RELEASE] 5.03 TIFF Hello World

Status
Not open for further replies.
W

WalangAlam

New Member
Thanks! This is a great news indeed. At least, it doesn't require us to buy any UMD. I will be waiting for the exploit for the slim and 3k.

Sony wants you to find these vulnerabilities so that their sales will increase. They made it difficult to find so the GameDevs will not be discourage. Maybe Sony is celebrating right now and now their programmers have something to patch which will help them maintain their jobs.
 
C

charsiukitty

New Member
So... How do I play hacked games/emulators? Is there more to it or is it a kind of hack that just highlights the .tiff exploit and does nothing more? While I know my way around a PC, I'm kind of a n00b to hacking up my PSP so any info is greatly appreciated.
 
W

wololo

New Member
charsiukitty said:
So... How do I play hacked games/emulators? Is there more to it or is it a kind of hack that just highlights the .tiff exploit and does nothing more? While I know my way around a PC, I'm kind of a n00b to hacking up my PSP so any info is greatly appreciated.
Click to expand...
Right now it is useful for developers only. There's quite a way to go before it can be used for homebrew.
0) it is unstable/random
1) There is no associated SDK for homebrew development
2) it only works on Phat PSPs
3) The whole "Hen won't be released unless another kernel exploit is found" problem is still here, so don't dream too much about Kernel mode

Regarding the randomness, I have a suggestion, although I haven't looked at the file enough yet to claim it *will* improve things:
the randomness is due to a bunch of addresses (hardcoded into the tiff file) that cycle through a defined set of values. Is that correct?

Since the PSP rarely crashes when the hack fails (instead, it just displays the thumbnail), how about having several instances of the file, with several hardcoded addresses in them?
If the XMB displays the first picture correctly (i.e. the exploit fails), it will then try to display the second one, which embeds a different set of addresses, and therefore has more chances to work. If the second image is displayed correctly, the XMB will try to display the thumbnail for the third one, and so on...

I'm not sure this is where I should be posting this, but since no thread was made over at lan.st, I guess here's the best place to discuss this...
 
A

Archaemic

New Member
wololo: Looking at the exploit, I don't think this will work. However, I can't make any guarantees about if this will work. It might. I didn't actually peer too deeply into it, but I think I see what I was missing, as well as where the payload is, etc. I think if it continues, it just doesn't do the requisite writes, instead of continuing unperturbed. However, from the behavior of the TIFF, it perhaps does perturb the RAM. I don't actually know what MaTiAz did/how this thing behaves (despite poking at it myself) well enough to make any guarantees. Looking at the payload, what it does is first blank the VRAM. However, the next portion of the payload seems to determine the payload's position and then does all of the rest of the calls relative to that, so really, the crashing or not running seems to be inherent to the exploit, and not the payload or the jump. But I am having a bit of trouble reading this, as I've only been going at this version of the exploit for a little while.
 
F

FreePlay

Member
Just a bit of FYI...

If you guys see 'malloxis' going around talking about how this is 'his exploit'... kindly correct him. He discovered a crash by randomly tinkering with a file.

MaTiAz said it would help if he knew what "malloxis" did, so when asked, here's what malloxis said:

"I've put in so many enigmas and puzzles into this laughing man tiff that it will keep the professors busy for centuries arguing over what I did to this tiff, and trying to crack my code wont solve anything i want to see if you can crack my code A man of genius makes no mistakes; his errors are volitional and are the portals of discovery.Dark Alex Your battles inspired me or have i solved much more in a matter of minutes then you all in hours How rare and wonderful is that flash of a moment when we realize we have discovered how simple things are listen The value of an idea lies in the using of it so what i tell you is not is to not think so simple like those idiots but to understand simply step outside your box and into Pandora's box but i have found i have learned how to accomplish great things with this tiff is something so simple thank you "

In other words, he's full of sh*t (probably a bit loony too), and he just discovered it completely by accident.
 
W

wololo

New Member
FreePlay said:
he just discovered it completely by accident.
Click to expand...
I agree, but without his (lucky) discovery, we wouldn't have this hack. So if he claims to be the "hacker who did all this", it is true that he needs to be corrected, but he sure doesn't deserve to be insulted.

I know you know what I mean, but I'm worried about how other people will understand your post.
I also know he's not helping himself by claiming that he is a "hacker" when clearly he is not, but there's no need to start a fight over that, really.
 
Robby

Robby

Los Doyers!
Judging from the name, I will say that's Davee with a kmode version poc.
 
W

WalangAlam

New Member
wololo said:
I agree, but without his (lucky) discovery, we wouldn't have this hack. So if he claims to be the "hacker who did all this", it is true that he needs to be corrected, but he sure doesn't deserve to be insulted.

I know you know what I mean, but I'm worried about how other people will understand your post.
I also know he's not helping himself by claiming that he is a "hacker" when clearly he is not, but there's no need to start a fight over that, really.
Click to expand...

I totally agree with wololo. Even if he "accidentally" discovered it, still he was the one who found it and should be given credit for that. Come on guys it just credit, is it really that too difficult to give credits these days?
 
M

MaTiAz

Contributor
Yeah, I just updated the post with slim version and proper credits. It was just a bit annoying that when being asked details about how he made the tiff, he spouted some insensible stuff.
 
W

wololo

New Member
MaTiAz said:
Yeah, I just updated the post with slim version and proper credits.
Click to expand...
That was fast :w00t:
It's really annoying that the slim version doesn't work on PSP3000 models though...now there is no easy way to find the correct values/addresses for these models I guess :huh:
 
W

WalangAlam

New Member
MaTiAz said:
Yeah, thanks for the little tidbit of info on the tiff :)
Click to expand...

credits like this should be given to those who contributed like wololo. Is it hard to give "thanks" these days?

---------- Post added at 01:08 AM EST ---------- Previous post was at 01:01 AM EST ----------

Thanks to malloxis, FreePlay, Archaemic, wololo, Cloudy, Davee and everyone else who was involved. <--- there you go.

Wow! Thanks again MaTiAz. You're fast.
 
A

Archaemic

New Member
No PSP-3000? That's kind of disappointing :/ But still good work! Thanks for the credits, even though my research on this technically was in parallel and ended in a dead end.

I've been messing around with this and wrote my own h.bin. Was going to post it yesterday, but I couldn't verify that it worked until just now when the thing actually launched. There's still one little bug (+10 points if you can find it), but I'm too lazy to fix it. It's a little more...interesting...than the stock h.bin. Not kernel mode, but still. Attached is the file. It's marked as a .txt, but you'll need to remove that to get it to work. It was smaller this way than as a .zip because the file is so tiny.

Okay I know I'm a bit late for April Fools', but you can use this to freak people out if you want. If it works, haha. I promise it doesn't do anything malicious. All it does is mess around with the framebuffer. You'll need to yank the battery or hold the power switch to turn it off.

Written in straight assembly, no PRNG or syscalls used :)
It looked better with the old waves than with the new ones :(
 
S

sable0119

New Member
So Cool! Good Job!

---------- Post added at 03:12 AM EST ---------- Previous post was at 03:01 AM EST ----------

3k bring you to the world of hope, in any event, to be grateful to you

I would like to say in Chinese:你真的很棒!好樣的!
!

---------- Post added at 03:14 AM EST ---------- Previous post was at 03:12 AM EST ----------

3k bring you to the world of hope, in any event, to be grateful to you.


I would like to say in Chinese:你真的很棒!好樣的!
:p
 
Status
Not open for further replies.
Top