Game Save Exploit!

TeamDNS · Feb 2, 2010

PSPJoke found a save game exploit.

Thread->

Freshmilk · Feb 2, 2010

Link's blocked out for some reason. Where are you trying to link too?

adamdon · Feb 2, 2010

Looks like he's trying to link to lan.st:
lan.st/ showthread.php?t=2697

Deathrow · Feb 2, 2010

No doubt about a buffer overflow. But from what game I wonder

$jr ra - 0xEEEEEEEE --> 0x41414141 is your proof.

I also find it funny its corresponding in a bunch of 0xDEADBEEF landmines

Cloudy · Feb 2, 2010

It's worth pointing out that this isn't actually an exploit. It's a crash, that may be exploitable, but it's not an exploit until it's exploited ;-)

Deathrow · Feb 2, 2010

Cloudy said:
It's worth pointing out that this isn't actually an exploit. It's a crash, that may be exploitable, but it's not an exploit until it's exploited ;-)

PSPJoke was able to overwrite the $ra IIRC at lan.st

NoEffex · Feb 2, 2010

Deathrow said:
PSPJoke was able to overwrite the $ra IIRC at lan.st

His point is that even though it's exploitable, it's not an exploit yet, it's just a crash.

An exploit is something that exploits the crash to do something, and since it doesn't yet do that, it's only a crash

.

However an interesting one it may be..

Hellcat · Feb 2, 2010

Cloudy said:
it's not an exploit until it's exploited ;-)

lulz

At least something sensible for a change.

Crank · Feb 3, 2010

Deathrow said:
I also find it funny its corresponding in a bunch of 0xDEADBEEF landmines

That's because the kernel resets some registers to 0xDEADBEEF after returning from a syscall, to prevent information from leaking from the kernel.

Itanium · Feb 3, 2010

0xDEADBEEF

Funny hexspeak, lol

jeerum · Feb 3, 2010

NoEffex said:
His point is that even though it's exploitable, it's not an exploit yet, it's just a crash.

An exploit is something that exploits the crash to do something, and since it doesn't yet do that, it's only a crash .

However an interesting one it may be..

hey smart guy

Its buffer overflow, not just a crash!

Deathrow · Feb 3, 2010

NoEffex said:
His point is that even though it's exploitable, it's not an exploit yet, it's just a crash.

An exploit is something that exploits the crash to do something, and since it doesn't yet do that, it's only a crash .

However an interesting one it may be..

"It's exploitable" <----Do we honestly need video proof? The facts are presented, the calls are claimed. I guess some people sometimes need visual aid, but that would just cause calamity in the scene. "WHERES ME 6.20CFW!! I WANT IT NOAA"

Posting the ASM instructions and proof of him changing the $ra is good enough for me.

IIRC, the exploit was given to SS, surely by now he has determined its potential.

Cloudy · Feb 3, 2010

Deathrow said:
"It's exploitable" <----Do we honestly need video proof? The facts are presented, the calls are claimed. I guess some people sometimes need visual aid, but that would just cause calamity in the scene. "WHERES ME 6.20CFW!! I WANT IT NOAA"

Posting the ASM instructions and proof of him changing the $ra is good enough for me.

IIRC, the exploit was given to SS, surely by now he has determined its potential.

Noone was saying that it isn't exploitable. And there is no guarantee that it is actually exploitable, even with that information. At least not until the save is reencrypted.

levone · Feb 3, 2010

so heres the deal.
1. Im pspjoke.
2. Its exploitable and is exploited.
3. Its private, only Important people and a select few others are getting it.
4. If/when sony finds and patches it, it will be released to the public.

kinda like the mercury exploit, this time tho, nobody stole anything.

n00b81 · Feb 3, 2010

levone said:
so heres the deal.
1. Im pspjoke.
2. Its exploitable and is exploited.
3. Its private, only Important people and a select few others are getting it.
4. If/when sony finds and patches it, it will be released to the public.

kinda like the mercury exploit, this time tho, nobody stole anything.

^ ^ What he said

This is exploitable, and it will stay private until Sony patches it ( or something useful like a HEN or eloader is made for it...)

If you are one of the people who have been given details.. keep it to yourself, or at least share with trusted devs only please..

n00b81

levone · Feb 3, 2010

n00b81 said:
^ ^ What he said This is exploitable, and it will stay private until Sony patches it ( or something useful like a HEN or eloader is made for it...)

If you are one of the people who have been given details.. keep it to yourself, or at least share with trusted devs only please..

n00b81

you know what i didn't think about? now people on IRC will know im pspjoke....

Hellcat · Feb 3, 2010

That sounds really good

Good luck on the whole thing! Now we need a ksploit to go with it

levone said:
you know what i didn't think about? now people on IRC will know im pspjoke....

/me engages in memory purge

...

Ohai

Who are you? Have we met before?

levone · Feb 3, 2010

Hellcat said:
That sounds really good
Good luck on the whole thing! Now we need a ksploit to go with it

* Hellcat;107330 engages in memory purge

...

Ohai Who are you? Have we met before?

lol dude im glad you posted, almost forgot about you

you can bet you will be one of the people to receive this.

Cloudy · Feb 3, 2010

Nice one. It is now an exploit, now it has been exploited

I wasn't trying to say this was rubbish btw, just pointing out that in its current form, it wasn't an exploit

levone · Feb 3, 2010

Cloudy said:
Nice one. It is now an exploit, now it has been exploited

I wasn't trying to say this was rubbish btw, just pointing out that in its current form, it wasn't an exploit

yea lol over at lan someone said the same thing.

i get it though.
also even if you didn't believe it was real... with recent noob activity, could anyone blame you?

Game Save Exploit!

New Member

is Over 9000

New Member

Member

New Member

Member

Seth's On A Boat.

Contributor

Crank it up!

New Member

PeeruEnn

Member

New Member

New Member

Member

New Member

Contributor

New Member

New Member

New Member