PS3 Finally Hacked - Hack Released!!

[xtop]

http://www.engadget.com/2010/01/23/ps3-finally-properly-hacked/

In a post titled "Hello hypervisor, I'm geohot," hacker George Hotz (already known in the iPhone community) has made a strong claim: that he has cracked the PS3. The system has remained (mostly) uncompromised for over three years now, with a few exceptions here and there. But, this one pledges full read/write access to the entire system memory and complete control over the processor -- all without a mod chip. Has he really done it, if so how, and what comes next? That all remains to be seen. This exploit supposedly "isn't really patchable, but [Sony] can make implementations much harder," meaning he isn't tipping his hat until he's ready, because once he does the never-ending firmware update war begins, and as we've seen on the PSP, Sony can really knock out those updates.

please be true, please be true. hopefully pirating is hard to do if this is true tho..screw pirates

 

[xtop]

I guess I should have wrote function opposed to chip... I've always thought the lack of PS2 play was for their monetary gain, once they got PS2 games on the PSN.

i think he's suggesting we'll see a ps2 emualtor, among other emulators, not that he can "unlock" ps2 playback because of the hack

 

[DaMexiRican]

Would he still be able to play it online after new fw updates?

 

[iNCREDiPiNOY]

First off, this is not a release blog like "On The iPhone". If you are expecting some tool to be released from this blog like blackra1n, stop reading now. If you have a slim and are complaining this hack won't work for you, stop reading now. WE DO NOT CONDONE PIRACY, NOR WILL WE EVER. If you are looking for piracy, stop reading now. If you want to see the direction in which I will take this blog, read the early entries in the iPhone one. Information on this blog is for research purposes only.

That aside, I'll tell you what I have so far. I have added two hypercalls, lv1_peek and lv1_poke. peek reads memory in real space(including all the MMIO), poke writes it. I can also add other arbitrary hypercalls as I see fit.

The hypervisor is complicated, it is written in C++ and is PPC, which I am not that familiar with yet. At first I was trying to add a hypercall to add arbitrary real memory to the LPAR, but it kept crashing(because I can't code), which is really annoying, because I have to wait while Linux reboots.

Some people pointed out that I have not accessed the isolated SPEs. This is true. Although as far as doing anything with the system, it doesn't matter. The PPE can't read the isolated data, but it can kick the isolated SPEs out. Decrypt the PPE binary you need using the intact SPE and save the decrypted version. Kick out the SPE, and patch the decrypted version all you want. And interesting note, by the time you get to OtherOS, all 7 working SPEs are stopped.

Despite this, I am working on the isolated SPEs now(which I can now load), because what I'd really like to do is post decryption keys here so you guys can join the fun.

 

[DaMexiRican]

Ummm......in Engrish please?

 

[xtop]

he's posting from the dude's blog, with no link for some reason lol. everyone on the blog wants to talk about piracy

 

[iNCREDiPiNOY]

i forgot to add link, lol!

 

[xtop]

http://geohotps3.blogspot.com/2010/01/heres-your-silver-platter.html

zomg..where's my nes emulator. how long do you guys think until we see something?

i give it a week