PS2 Exploit Allows Running of Unsigned Code 331
A reader writes "This man has figured out a way to make the PS2 run unsigned code without a modchip. "To make a long story short, the exploit allows anyone with a memory card and
a valid, legal PS1 disc to hijack the boot process and run any piece of code.""
What kind of hardware is needed... (Score:4, Interesting)
Re:What kind of hardware is needed... (Score:4, Informative)
Third paragraph of the article... but I can't blame you for not reading it in full, as you probably wanted to be one of the first to comment
Re:What kind of hardware is needed... (Score:5, Informative)
Re:What kind of hardware is needed... (Score:5, Funny)
Ah yes, slashdot, where folks discuss spending $200 on equipment to crack a $30 game.
That's not the point (Score:5, Insightful)
Dan Aris
No fair (Score:5, Interesting)
Re:No fair (Score:4, Informative)
> Shoots a hole through my rant. Are US playstations
> able to output PAL?
Japanese television is NTSC just like the US, not PAL. (Of course, you won't be able to understand what the hell the game says, since it will all be in Japanese)
Re:No fair (Score:2, Informative)
Re:No fair (Score:4, Informative)
Yes. I have a chipped PS2 so I can play import games (and my own hacked versions of games I own), and it outputs PAL just fine. Since my TV is NTSC, I have to hook it up to the video-in on my PC and play it on the screen there. I've got video-out too, so I could probably set up my PC as a very overpriced PAL->NTSC converter by using a capture program with a full-screen preview option.
Re:No fair (Score:2, Informative)
Alternative for $29.98 (Score:2, Informative)
Re:What kind of hardware is needed... (Score:4, Informative)
Comment removed (Score:5, Informative)
A direct link... (Score:5, Interesting)
Re:What kind of hardware is needed... (Score:5, Informative)
You can use a SharkPort [newandusedvideogames.com], as it says on the web site. These are tough to find and are no longer made, but follow the link on that web site to the XPort [yahoo.com], which does the same thing (and in fact probably is the same thing).
These things have existed for a long time. I got my SharkPort maybe 6 months after the PS2 was launched.
Re:What kind of hardware is needed... (Score:5, Informative)
Yes, they're the same hardware. The Gameshark line of hardware (up until the V3) was made by a company called Datel in the UK and sold their under the Action Replay name. Interact just licensed it for North American sales. Their deal went sour, and now Datel sells it all here under their own brand.
Just to keep everyone confused, the Gameshark brand is now owned by MadCatz, and their "Gameshark V3" is actually closer to the Code Breaker that Pelican sells. Both were developed by a company called Fire.
Is that like the gaming equivalent of a soap opera or what?
Re:What kind of hardware is needed... (Score:2)
Re:What kind of hardware is needed... (Score:3, Informative)
Really? (Score:2)
I wonder what Sony will do, besides send their SonyTroopers to his house...
Re:Really? (Score:2)
At least that's what happened when people used a similar trick to play import games on the original PS1.
Re:Really? (Score:5, Insightful)
One of the biggest problems with consoles and DVDs these days is that companies put region coding in them. If you live in a certain area of the world you get to play the games and watch the movies that they want you to, and no others.
This is a hideous practice and we must all publicly flaunt our disobedience of it at every opportunity. Otherwise they'll sneak it beneath the radar of the masses and make it part of the international copyright agreements.
Currently, region coding has no legal weight, though dishonest laws like the DMCA might have make bypassing it illegal in some jurisdictions.
If you believe you have the right to use your possessions however and whereever you wish, fight dishonest companies who do this!
Re:Really? (Score:2, Informative)
Sorry but you must have bought the wrong kit...
The only thing PS2 Linux prevents you from accessing is the IOP which is NOT the majority of the PS2's features.
Even the diffences imposed by having a multi-user OS running on the machine are being dealt with by projects like SPS2.
You should check your facts before posting stuff like that.
Re:Really? (Score:2, Insightful)
Please pay attention before replying. We're talking about their Linux distro. Sony is free to limit their software in whatever way they want, they are under absolutely no obligation to allow you access, through their software, to parts of the system they'd rather not have you muck with. If you want to utilize this hack to play around and explore, feel free, more power to ya, I agree that doing suc
Great news! (Score:5, Funny)
Re:Great news! (Score:5, Insightful)
For instance, 1,000,000 MS haters buy xboxes with the hopes of making a serious dent in the $60 billion (yes with nine zeros) cash reserve that Microsoft holds. In the mean time, Microsoft is able to report to the software vendors that they have those 1,000,000 extra xboxes out there. Vendors see the large numbers and make more games to support the xbox. In turn, the xbox software library grows and so does its legit customer base. I know the 1,000,000 xboxes for the MS haters is an exaggeration, but hopefully you will get my point.
Re:Great news! (Score:4, Insightful)
If I were a game producer...
I would compare characteristics from my potential product to that of similar products in the market. Then I would compare sales figures. ie, compare age demos of various genres or which types of titles sell the best. Hell, I would even glance as to which company is selling the most titles and try to understand their secret to success.
You would only need to look at pure console sales as a point of interest for producing on that platform. Its already a bit of a known fact that the large console markets are PS2 and XBOX.
It doesn't do alot of good to know there are X Billion people in North America, if you don't know how many people would be potentially interested in buying your product.
Buy and Burn all the xbox's you want.
That's funny. (Score:3, Insightful)
The PS2 has shipped 50,000,000 units. The Xbox and GameCube have both shipped 10,000,000 units.
I don't understand how one 10,000,000 is smaller than another 10,000,000 enough to be considered equal to 50,000,000.
Here's a well known fact: "well known facts" are often made up on the spot to support another argument, and make it look that much more believable.
Re:Great news! (Score:3, Insightful)
For instance, 1,000,000 MS haters buy xboxes with the hopes of making a serious dent in the $60 billion (yes with nine zeros) cash reserve that Microsoft holds. In the mean time, Microsoft is able to report to the software vendors that they have those 1,000,000 extra xboxes out there. Vendors see the large numbers and make more games to support the xbox. In turn, the xbox software library grows and so does its legit customer base. I know the 1,000,000 xboxes for the MS haters is an exaggeration, but hopef
Re:Great news! (Score:5, Funny)
Unsigned code... (Score:5, Funny)
In related news, Sony pays $499 per each PS2 sold to SCO. The rest of the compensation is the release of a smash-hit game "Superdaryl and the Invasion of the IBM Drones", in which Daryl saves America from IBM-aided terrorists.
Re:Unsigned code... (Score:2, Funny)
(sorry, couldn't think of a way to use the other 3 overused quotes here.)
Re:Unsigned code... (Score:2)
Re:Unsigned code... (Score:2)
So what? (Score:3, Insightful)
Am I the last guy on earth who actually goes out an pays for things?
Re:So what? (Score:2)
Using this bug let you get around both those problems.
Re:Sandbox (Score:2)
Pick one.
Re:Sandbox (Score:2)
USB storage also comes in the form of USB hard drives, and those cute little keychain flash devices. $40 buys 256MB of storage these days.
Re:Sandbox (Score:2)
The part number on the box is I522342EU (The 'I' could be a '1', but the other leters are upper case, so it is unlikely to be a 'l') which I have successfully used under a couple of different Mandrake distributions.
You may find such on e-bay, at someplace that sells overstock, or elsewhere.
As far as network connections, Ethernet twisted pair with decent cable has a range of up to 100 me
Re:Sandbox (Score:2)
I would highly recommend staying away from cdrecord and using the GNU replacement dvdrtools. if I wasn't on panther trying to burn some damn ISOs, I'd be using Toast or Disc Copy. hmph.
-pat
Re:So what? (Score:2)
Whichever moderator marked that as a troll should be slapped around a bit. It is exactly on-topic, and answers the question the parent post asked, why the Sony Linux kit isn't everything you need.
Re:So what? (Score:3, Informative)
Actually:
1. There are projects to get around that. Many hardware registers can be reached from within Linux. All of them can be reached outside linux, using the linux kit.
2. mrbrown already released something months ago for linux kit users to be able to play with native applications without a need for a mod chip.
Since he already released that, homebrew people could spend a few bucks to get a bunch of hardware, a legitimate, mod-free way to boot stuff,
What does this mean for linux? (Score:2, Insightful)
Re:What does this mean for linux? (Score:2)
Re:What does this mean for linux? (Score:2)
PS1 or PS2 memory card? (Score:2, Interesting)
It was made by the same people that made gameshark
Re:What can I run? (Score:3, Informative)
Re:What can I run? (Score:2)
..yeah (Score:5, Funny)
We'll get right on that.
After Sony's attorneys finish with you, "immediate contract work" is exactly what you'll need.
FINALLY! (Score:2, Funny)
Comparable to Xbox hack (Score:4, Informative)
This provides to PS2 what has existed for the X-box for a while now. It was mentioned on slashdot and allows the X-box to run unsigned code [netsys.com] after some preparation.
It replaces some font files (which are not checksummed) with ones that use an exploit in X-box firmware.
Why? (Score:2)
Am I the only one having problems understanding why you'd want to do this? I mean sure .. there's hack value and everything. But is the goal to run Linux on the PS2 [playstation2-linux.com] or something?
Maybe it will enable you to run import games, like Zettai Zetsumei Toshi [penny-arcade.com] without having to install a modchip.
Someone please explain why this is so important? (And yes, I did RTFA.)
-jh
Re:Why? (Score:2)
The game is absolutely fantastic, btw.
Re:Why? (Score:2, Insightful)
Why do we climb the mountain, why do we run webservers on 6502 processors?
Because its there, man, because its there.
Re:Why? For piracy, probably. (Score:2)
I'll admit that I'm not sure what the second and later steps of the exploit are, but it does not seem that the system you describe is the case. At the very least the CD/CD image also needs a memory card that has somehow been modified in a special way to make it work. And it's not at all clear that this exploit would let you play import games either. I too would like to hear more
Re:Why? (Score:2)
Useful? (Score:2, Insightful)
It looks like you need a memory card reader ($$), and then have to edit a file and add the Title ID for each game you want to play. This requires a bit of work to figure out, and a *nix system to run his software, I think.
It doesn't work with all games all the time, only the ones you specify. Also, there may be a limit to how many table entries you ca
Re:Useful? (Score:2, Interesting)
As for Linux on Playstation2, it's already there, supported by Sony.
Memory card reader for Mac? (Score:2, Interesting)
And actually, I honestly do want to play legal imports on my PS2. If there's a game I want to play, I usually think it's worth supporting the people who make it.
Dan Aris
OK (Score:2)
Sony's ps2 linux kit (Score:5, Informative)
Re:Sony's ps2 linux kit (Score:2)
Re:Sony's ps2 linux kit (Score:4, Informative)
The PS2 is a dataflow architecture, which relies heavily on programmed DMA between chips. The DMA controller is more powerful than most, allowing chained DMA commands to be set up. You can "program" it on the fly.
The linux kit emulates the DMA controller, providing little of the flexibility of the real PS2, and hence a lower standard of operation.
Simon.
So what? (Score:3, Insightful)
Has anyone tried downloading it yet? (Score:2, Informative)
Dan Aris
Re:Has anyone tried downloading it yet? (Score:2, Informative)
Cool! (Score:2)
Dan Aris
Unsigned Code? (Score:4, Funny)
In case of slashdotting (Score:3, Interesting)
PS1DRV parses a file called mc0:/BXDATA-SYSTEM/TITLE.DB (the X represents the
PS2's region code) to load graphic parameters for the PS1 game that was loaded
from the disc drive. There is a catastrophic buffer overflow in the parsing
routine that allows one to overflow the stack and execute arbitrary code by
rewriting the $RA register. If we load up our own TITLE.DB, with an entry for
every PS1 disc that we want to trigger the exploit, then we can take over the
PS2 boot process as soon as the disc is recognized and PS1DRV is executed.
What I'd like to see done. (Score:2)
So this hack allows what? (Score:4, Interesting)
I've got a stack of games from SE Asia that I would love to play on my PS2 and this hack seems like the most non-invasive way to do it.
Re:So this hack allows what? (Score:2)
To the other poster: It's the PS2 memory card.
To the OP: This hack would probably allow this, yes. None of the code released so far does though.
Any uses besides software piracy? (Score:5, Insightful)
You can already run Linux on the playstation by paying for the PS2 Linux kit at http://playstation2-linux.com/ [playstation2-linux.com]
That kit allows you to run any code that you want to anyway. Plus getting one allows companies to see that there is a paying group of individuals that would like configurable/extensible electronic products.
It's funny that many people criticize the software and media industry for promoting DRM and DMCA type laws, but then the same people turn around and promote/utilize cracks like this.
What do you expect the companies to do? Sit there and watch this happen?
Repeat after me: LEGAL IMPORTS (Score:5, Insightful)
If this can really work (I haven't gotten the guy's code to compile, see one of my posts, above), it would be really great. I could use a $30 memory card reader/writer to let me play imported games, rather than a $100 modchip kit, which I would have to solder onto the PS2's motherboard. And those things look extremely fiddly.
So, yes, there is at least one legitimate use. And the point of our opposition to the DMCA is not (at least not for anyone who would have any chance against it) "so I can keep pirating stuff." My argument against it is that it probably will allow Sony to sue anyone who uses this hack, whatever purpose they put it to. It stops you from using certain devices or processes because they could be used for piracy or copyright infringement, even if you would truly, honestly, never use them for that purpose.
Dan Aris
Re:Repeat after me: LEGAL IMPORTS (Score:2, Informative)
there is NOTHING stopping you from using a Japanese PS2 in North America. Power, nope (it's all converted to DC at any Hertz and 120 to 100 is no much of a difference.) TV signals, it's all NTSC... accessories, all the same...
so, there is nothing stopping you from having the imported PS2 console... if you can get the games "imported"... then you can get the console too.
Re:Repeat after me: LEGAL IMPORTS (Score:3, Interesting)
Re:Repeat after me: LEGAL IMPORTS (Score:3, Insightful)
Dan Aris
Re:Any uses besides software piracy? (Score:2)
Re:Any uses besides software piracy? (Score:2)
I have 2 small kids and a PlayStation (4 and 5 yeards old). We have (so far) lost 3 Games (Bob the Builder, Blue's Big Musical, and Zoomafoo) for the kids, one of my games that they play (GT3 when GT4 wasn't about to be released) and one DVD (an Elmo) they
getting this working (Score:2, Informative)
It needs some work... (Score:2, Interesting)
Re: Not possible, but there is an elegant way (Score:2)
I got the the impression that the Playstation 2 internal ROM loads a specific config from title.db based on the ID of the PS1 disc in the drive. So the overflow code in title.db doe
DMCA, anyone? (Score:4, Funny)
Algorithms programmed in any way
Now it looks as though there's liabilit-ay
And, it's 'cause of the D-M-C-A
Suddenly,
I'm not allowed to speak in C
There's a shadow hanging over me
Oh how D-M-C-A makes silence be
How some bits do flow, you can't know,
We couldn't say
I said something wrong
now I'm among, law D-M-C-A-ay-ay-ay
Yesterday,
"code" was such an easy game to play
Now I need a place to hide away
And, it's 'cause of the D-M-C-A
Question: how to make our own games ? (Score:2)
Seriously, what software do you need to produce a PS2 game CD/DVD ? Is it available or do you need some special/secret software from Sony ?
Does anyone has experience from the PS2 API ? What's it like working with ?
And no, I am not looking for answers like "run linux and use gcc". I can do that just fine on my PC and it takes the challenge away...
---
If you're not living on the edge, you're taking up space in the middle
Re:Question: how to make our own games ? (Score:2)
PC to PS2 USB link thingy (Score:2, Informative)
Re:PC to PS2 USB link thingy (Score:2, Informative)
It requires a very specific type of USB to USB cable...
http://ps2dev.sourceforge.net/naplink/ [slashdot.org]
writing to a memory card requires another app as well, one that's beta and hasn't been updated in half a year.
http://www.ps2newz.net/forums/printthread.php?thre adid=7852 [slashdot.org]
To top it off, there are mentions of having to use the "knife method", of disc-swap in order to get it working at all.
http://ps2dev.org/kb/kb.asp?T=593 [slashdot.org]
And it requires a direct connect to a PC.
Not th
How do I do this? (Score:3, Interesting)
please stop blaming sony and ps2linux (Score:4, Informative)
To summarize, stop blaming sony! They did a great thing by releasing ps2linux, and all the related info. That's impressive. You know, a few years ago, the hardware manuals where so secret that there was my company name printed across each page..
PS2linux is far from perfect, but it is up to you to enhance it, because of its open source nature.
And if you don't want to use linux, because of its bloat, there are even bootloader projects hosted on sony's own website(playstation2-linux.com) that allows you get raw low-level access.
According to me, sony's biggest mistake was to target linux zealots, instead of focusing on console programming enthusiasts, as they did with yaroze. So they got a lot of disapointed customers... But if you want to do console programming, ps2linux is still a great thing, with lots of things to create (and that's the interesting part!).
You can't use it to run out-of-region/copied games (Score:5, Interesting)
Meaning this is only useful for _small_ homebrew apps.
Second of all, it is unlikely this will ever be expanded to allow loading out-of-region/copied games. Sony uses a special copy-protection trick... as far as I know it involves a tiny sector in the beginning of a disc which has a checksum of zero. Inside this sector there is the data containing region information (should be impossible to contain any data if the checksum is zero, but it does). CD burners 'correct' this sector by writing the actual checksum, and hence PSX/PS2 games cannot be copied correctly. When you insert any disc into a PSX or PS2, the unmodified hardware checks that sector to see if the checksum is zero and if the region code is correct, and refuses to read any further data, _no matter what_, if that sector isn't just right. A mod chip works by injecting the correct data into the CPU at the right time.
This means, even though you could use the exploit to read abritrary data off something other than the disc the console was going to read from, you can't read it from another disc: if you eject that valid disc and put in another, the PS2 is going to check that special sector. Unless I misunderstand something, this exploit _does not_ address that, and so you can only load code off a memory card. Maybe someone will come out with a way to load stuff off a hard drive with it, but it's unlikely you'll ever be able to load stuff off a different (invalid) disc.
I should also point out that the terms 'signed' and 'unsigned' are possibly incorrect for this sort of thing, as the copy protection isn't really in the form of an encrypted key, per se... just a crazy sector containing simple data, with a checksum of zero.
This is how it has been explained to me over the years by a variety of people and is AFAIK the generally accepted understanding of the Sony copy protection method. I have never worked for Sony so I cannot verify it. If you have any corrections here, feel free to speak up
Re:You can't use it to run out-of-region/copied ga (Score:2, Interesting)
Jamon
Re:You can't use it to run out-of-region/copied ga (Score:2, Interesting)
Clarifications (Score:5, Interesting)
I don't typically read or post on /. these days, but since you folks were so kind as to saturate my cable connection :P, I read through the comments and wanted to clarify a few things:
Oh, about all the Linux posts: I've been developing a way to get ps2linux to boot without Sony's kit, and it will all tie into this. No ETA on that yet.
Cheers to all who've stepped up with the positive posts.
Re:Restrictions (Score:5, Insightful)
Understand now?
Re:Restrictions (Score:5, Insightful)
The C64 wasn't restrictive. It allowed hackers (as in coders) to do whatever they could think of with the hardware. There were crazy optimizations where two instructions executed at once, 27 sprites could be displayed at once (the hardware is limited to 8), 240 colors could be displayed (the hardware was limited to 16), and not once did the commodore engineers come and say, "Stop doing that! It wasn't designed for that!"
Fast forward 20 years, and take a look at major console manufacturers bitching if we exploit the hardware or software to install something they didn't intend.
Heck, even being a developer, you can't do to modern consoles that you could do to the C64... To get an XDK, or PDK, you have to adhere to all sorts of restrictions about what you can and cannot do in your code (no fancy ASM hacking to do cool stuff)... what's the point? No wonder all we have is cookie-cutter games... Developers aren't allowed to innovate, unless it meets with Sony or Microsoft's predetermined vision... bah, gimme a modern day C64 dammit!
Re:Restrictions (Score:3, Interesting)
When doing scrolling you set a bit to make the borders come in so you wouldn't see the scrolling characters just pop on. If you used the raster interrupt to set this off again when the raster
Re:PostBlock(tm) eXPloit allows morons to cuss Rob (Score:2, Funny)
Re:Less about Linux (Score:2, Interesting)
as far as running linux on ps2 i just think thats cool as hell. but i guess you have to be a geek to agree with that.
Re:Party's over for Sony (Score:2)
Doubtful. They were already going to release the PS3 as soon as it's ready.
Re:Cool, run... (Score:4, Interesting)
I suspect that there will eventually be a PS2 dashboard with functionality similar to EvoX on Xbox. By running unsigned code, you could probably initialize the PS2 HDD - or maybe even Firewire HDD(s) - and load a PS2 native menu with options for then loading Linux, your PS1/2 game backups, native emulators and media players, and homebrew games, demos, and applications. In some ways the Xbox might be better for this; it has newer and more powerful processors, more Ram, and the x86-based architechture is a familiar hardware and software environment to many developers. But the PS2 Firewire port in particular does seem full of potential.
Re:n0bel pr1ze (Score:2)
i am sick of hear homage paid to captain crunch and the 2600 ton generation. these findings (like this ps2 one) are just as amazing.