Cracking, Modding, and exploiting your PS3: A Guide to everything Sony
doesn't want us to know.
By: Mike(HF78)
I will keep this updated as often as I can by adding new information etc. Please
feel free to comment or add something I missed.
.::Forward::.
I Have decided to write a guide about everything we wish we knew or know about the PS3, yes
I'm talking about possible exploits, the future of game cheating and everything that Sony would
not necessarily like us to discuss. I will cover all sorts of past mods and exploits, the future of
exploits for the PlayStation 3 and what could possibly be in the future of this big boy console as
time passes and we learn more. Please note, this really wont tell you how to do them, possibly in
the future but I will cover anything that would be defined as "hacking" or "modding" a PS3 and
discussion of possible methods. If you're one of the very few who read the Terms of Agreement
either when signing up for PlayStation Network or when you purchased your PS3 this will cover
everything Sony wants to hide...
.::Previous Exploits::.
We all know the PS3 has had its share of failed attempts at cracking the cells and the hardware,
and some well that have opened a small light and opportunity to those who look back in the
past, snap their brains on and get working. We are going to talk about the ones that worked,
whilst they may have seem like a laughing stock by some "1337" glitcher who knows next to
nothing, and saying hahaha that's stupid, or you did it wrong. Well those laughing stocks are
what we need to continue, such as frost's game exploits that all you to run modded code, custom
mods and OS's that let us do some nifty shit.
ISO Loaders via HDD backup:
Even though this happened over a year ago around two and was never finished or released
publicly I think we should brush up on it. What this was from what we know from some forum
posts and a few short videos is, some hackers were able to allow them to play ISO backups off
their HDD WITHOUT any type of disc. It died off awhile back but it was a huge step as it was
quite sometime before 80GB PlayStation 3's as this was stated as it only worked on 20GB, and
60GB models. It is very unclear if the project will ever go public or for that matter even continue,
but its worth the mention as its the closest and really the only thing that allowed you to play
game backups.
Custom Code Exploit(s):
There were quite a few of these, some being fake, others proven to work. Again not much actual
code was released but hackers were able to exploit code when an game or menu loaded to get it
to say something etc. These usually will come in the form of stack overflows and are most
commonly seen as it is easy(usually) to access those areas of the RAM. Issues again with this to
make a custom self file, which by the way for less knowledgeable people, a self is just like an .elf
file or a prx for the PSP, sorta like an exe if you didn't know what those are. To make those we
would have to develop a PS3DK(Dev kit) so we can compile source code and such but that is a
tremindus task, a group would have to write up the libraries(libs) etc. Now ingame cheating like
the PSP with NitePR would execute in the ram using the systems asm, in this case the PS3's asm is
power pc/cell... again this is new to ALOT of people and is NOT easy if you have never learned
another assembly such as MIPS.
.::Game Cheating and the Future of Game Exploits and mods::.
Why cheating in online games isn't exactly new, if it ever happened it would be certainly new to
the PS3. yeah, Im not talking about silly old glitches, Im talking about custom self files to run
code in the RAM that modifies the game and its ability, sorta like CodeMajic for the ps2 did just
that(Im NOT talking about that shitty booster) that could run custom code via the processor(see
previous section -Custom Code Exploits) and would be quite to perform. yes we will always have
glitches, and savegame data modifications but lets face it the rest is hard, but fear not there
could be other possible methods.
ISO(game image) Modding:
Ah yes the infamous good ol' mod discs from the PS2 and earlier PSP days, this takes quite a bit
of knowledge to perform and most people know ISO's as the "game" file on the 360. This is the
COMPLETE game image, meaning if you were able to crack it open and get inside and had some
decent knowledge you could easily change that 100 bullets into inf ammo etc, if you can thinki of
it then you could most likely make the ISO do it. Yes, there are several complications with this,
including the size of the game with most being 8GB or so thats quite a hefty size. Though let me
make this clear this will NEVER work if we never get a proper ISO loader, or even something
that allows the user to run ISO backups or MODS off a Dvd or the HDD. Now yes, yes before you
ask it IS possible to mod an ISO to be online only, do whatever you want, change the soundtrack
etc, since there quite big it would be A LOT of work, but if you succed you would have one
pimped out game!
RAM(memory) Mods:
Dont know what Im talking about? Well then you might be a little confuzed as Im not going to
get into the background and such of assembly but once you learn the hardwares assembly you
can do a SHIT LOAD. Have you ever looked at PSP games, such as socom? Well those run code
in the ram aka the memory using hex. Well the PS3 one day could be capable of this such
amazing thing using its assembly to modify the code. Why assembly? Because it can execute what
you want it to do on the processor realtively FAST, the only problems to this method are finding
a way to run the code, a way to dump the games memory to see what you playing with(its most
likely 1GB+ depending on the game, most likely more) and then having a file or method to run it
such as a self file, prf etc. Here is an example of the assembly Im talking about, if you know
another asm this should make sense, if not read up.
lqd $5, 0($3) ;loads data into a temporary register
cbd $6, 0($3) ;controls byte intersection
shufb $7, $4, $5, $6 ;place data in routine
stqd $7, 0($3) ;store it back into the register
More on this section to come!
.::The future of Custom Firmware and Homebrew::.
The future of this is currently quite dim and hasn't really chnaged since the system was released
some time ago. I know how we would all think it is so cool the day we get a public hello world
properly working, or that first homebrew game, that is quite a bit of work as the PS3 is advanced
compaired to other previously exploited console's such as the Xbox 360, and the PSP and Ps2.
We have cells and cells we have, you should read up on them as that will shed you just a little
more light into the world of the PS3's Security! I dont see it happening soon, but Im sure we can
all imagine what we would have, modders, custom themse, ISO support, well unti we get past the
basic layers of security there really isnt anything happening soon.
.::hardware and possible firmware exploits::.
Tiffs, yes tiffs could be the future in this case, a tiff image file could be used to cause a system
overflow on the stack causing something such as installing a DLC to freeze, and cuase the
hardwares code to become customly exploited so whenever you try to install that DLC it freezes
and allows you to run custom code. This was doen several times for the PSP, so a hacker would
just need to find a section where heavy loading is performed and where code can be exploited to
run customly to perform another task then what it was made for.
.::The possibility of the coveted land of PlayStation 3 Warez, ISO's and everything
free and totally Illegal::.
There have been loaders in the past but there is currently not much possible with this, sure we
have a way to access the ISO files and possible the rfds/prfs but we cant run them... why can't we?
Well one we dont have a loader and you cant possibly just burn them to an DvD why? because
when you boot up a game of a disc the cell checks to make sure the blueray is legit, and so is the
game image(ISO) before running it, if you want a clean and easy way to run ISO's you would
need to exploit that section of the system so when it checks on game startup it ignores and makes
it look legit, quite a task at hand. Also ANYTHING for the PSN store is NOT able to be copied to
an external device and it has security encrypted inside etc.
.::The Light on Custom OS's that do nifty shit::.
Sure with Sony being smart in some ways and dumbfounded in other areas, that is kinda how you
would describe the PS3 allowing the other use of other Operating System's(OS) on the PS3
besides the Default hardware which is GameOS. Linux has been done along with a few others,
nothing much but if people were smart enough to make one I'm sure we could do a lot. Whlist
there are several limitations on what we can access in the Cells, there is still plenty of stuff we
could attempt to do. Now it looks like this may become a shady and suty future will the new PS3
Slim model ariving this September, there is NO longer an option to install an OS thus any type of
'homebrew' or exploits will NOT be able to work on a Slim model if they ever even found one to
work on the original FATs.
.::Afterword::.
I really hoped you read this and found something interesting and would like to continue your
studies and work in hopefully one day from now successfully exploit the PS3 and make it big,
whether that be game cheating, cfw or some other crap let it be done. It was be done before us, let
it be done now! Best of luck to everyone who wants to continue, if you do please think of adding
to my guide to improve the knowledge of those wanting to learn. If you're interested learn the
ways of exploits, read up on the PS3 hardware, Cell BE assembly and maybe some C++.
So far this has ONLY been posted with my permission by myself at the following communities, if you see this else where PLEASE let me know. Thank you for you're support and help!
Unigaming
NextGenUpdate
Console Discussions
PKcodes
~Mike(HF78)
!
Reply With Quote
Originally Posted by B1G_BR0TH3R
Bookmarks