GeoHot clears up information about his hack - PS3Hax Network

Pirate · 01-26-2010

With the recent explosive news of Geohot managing to successfully hack the PS3, he has now posted another blog post clarifying more information on what is he doing, and the direction he plans to take.

Quote:

What it is and what it isn't First off, this is not a release blog like "On The iPhone". If you are expecting some tool to be released from this blog like blackra1n, stop reading now. If you have a slim and are complaining this hack won't work for you, stop reading now. WE DO NOT CONDONE PIRACY, NOR WILL WE EVER. If you are looking for piracy, stop reading now. If you want to see the direction in which I will take this blog, read the early entries in the iPhone one. Information on this blog is for research purposes only.

That aside, I'll tell you what I have so far. I have added two hypercalls, lv1_peek and lv1_poke. peek reads memory in real space(including all the MMIO), poke writes it. I can also add other arbitrary hypercalls as I see fit.

The hypervisor is complicated, it is written in C++ and is PPC, which I am not that familiar with yet. At first I was trying to add a hypercall to add arbitrary real memory to the LPAR, but it kept crashing(because I can't code), which is really annoying, because I have to wait while Linux reboots.

Some people pointed out that I have not accessed the isolated SPEs. This is true. Although as far as doing anything with the system, it doesn't matter. The PPE can't read the isolated data, but it can kick the isolated SPEs out. Decrypt the PPE binary you need using the intact SPE and save the decrypted version. Kick out the SPE, and patch the decrypted version all you want. And interesting note, by the time you get to OtherOS, all 7 working SPEs are stopped.

Despite this, I am working on the isolated SPEs now(which I can now load), because what I'd really like to do is post decryption keys here so you guys can join the fun.

As of now the current status of if this hack works on the SLIM PS3's is UNKNOWN.

[VIA]

Tcraw77813 · 01-26-2010

Thanks for the heads up

. Can't wait to see what he is able to do in the future. Although I find it kinda funny that he doesn't know C++, especially after all that he has done with the iPhone/iTouch products.

Kurachigo · 01-26-2010

not knowing c++ is kind of odd since hes gotten this far, but who cares as long as it actually works. but still, i REALLY hope this doesnt lead to a big piracy issue like with the 360

kane_1371 · 01-26-2010

it will lead to an piracy issue and sony will not take it easily.
both sony and microsoft can even sue you if you do this.
even though it could give us some savings with money but i do not consider my self hacking my ps3.
i want it safe and sound

stadicon · 01-26-2010

I wonder what exactly he means by "...because what I'd really like to do is post decryption keys here so you guys can join the fun.". Which keys actually he is talking about? Cause, if he manages to find out the decryption (and encryption keys) to sign our unsigned code (like Datel did to sign their code on PSP), then is should be amazing: it will be the ultimate "hack" for the console, being the less illegal and being more a homebrew work than a piracy hack.

Pockets69 · 01-26-2010

Certainly coding C++ for a power pc architecture is not the same as coding for x86 architecture, that is what he meant. Let him do his work, i know we do not have any proof yet that this is real, and a week ago he was hitting walls all the time (in my opinion trying to hack it randomly) but he says he has done it so being geohot and all, and his past speaks for himself, he is not going to destroy is reputation! lets just wait

chitalov · 01-26-2010

More info from Geohot http://geohotps3.blogspot.com/2010/0...ing-field.html

nickmitch · 01-26-2010

Didnt really understand much of what he wrote lol.

Dont really want this to lead to people downloading games illegally, Sony charge enough for their products already.

Pockets69 · 01-26-2010

seriously if he releases the exploit now this won't end well:S
We need to wait, he needs to perfect his exploit run whatever he needs to, i want to see "hello world" lets give him time we want a good exploit packaging not some sloppy stuff that most of us won't understand and be able to use (and i am no noob).

Take your time geo we know its hacked its just a meter of time

nickmitch · 01-26-2010

Thing is, Sony are clearly going to be watching this blog and many of the threads. Is it possible for them to release a f/w update to stop him gaining access to some/ all files ?

01-26-2010	#1
Pirate Join Date: Feb 2007 Posts: 6,930 Likes: 370 Liked 7,987 Times in 1,233 Posts Mentioned: 568 Post(s) Tagged: 0 Thread(s)	GeoHot clears up information about his hack With the recent explosive news of Geohot managing to successfully hack the PS3, he has now posted another blog post clarifying more information on what is he doing, and the direction he plans to take. Quote: What it is and what it isn't First off, this is not a release blog like "On The iPhone". If you are expecting some tool to be released from this blog like blackra1n, stop reading now. If you have a slim and are complaining this hack won't work for you, stop reading now. WE DO NOT CONDONE PIRACY, NOR WILL WE EVER. If you are looking for piracy, stop reading now. If you want to see the direction in which I will take this blog, read the early entries in the iPhone one. Information on this blog is for research purposes only. That aside, I'll tell you what I have so far. I have added two hypercalls, lv1_peek and lv1_poke. peek reads memory in real space(including all the MMIO), poke writes it. I can also add other arbitrary hypercalls as I see fit. The hypervisor is complicated, it is written in C++ and is PPC, which I am not that familiar with yet. At first I was trying to add a hypercall to add arbitrary real memory to the LPAR, but it kept crashing(because I can't code), which is really annoying, because I have to wait while Linux reboots. Some people pointed out that I have not accessed the isolated SPEs. This is true. Although as far as doing anything with the system, it doesn't matter. The PPE can't read the isolated data, but it can kick the isolated SPEs out. Decrypt the PPE binary you need using the intact SPE and save the decrypted version. Kick out the SPE, and patch the decrypted version all you want. And interesting note, by the time you get to OtherOS, all 7 working SPEs are stopped. Despite this, I am working on the isolated SPEs now(which I can now load), because what I'd really like to do is post decryption keys here so you guys can join the fun. As of now the current status of if this hack works on the SLIM PS3's is UNKNOWN. [VIA]

01-26-2010	#2
Tcraw77813 Join Date: Mar 2008 Location: Flo Rida Posts: 1,056 Likes: 125 Liked 149 Times in 101 Posts Mentioned: 14 Post(s) Tagged: 0 Thread(s)	Thanks for the heads up . Can't wait to see what he is able to do in the future. Although I find it kinda funny that he doesn't know C++, especially after all that he has done with the iPhone/iTouch products. __________________ [Forum Rules][Complete DEX Info page] [Requirements For Sharing PSN Games]

01-26-2010	#3
Kurachigo Member Join Date: Dec 2007 Location: PlayStation®Prison Posts: 410 Likes: 7 Liked 5 Times in 4 Posts Mentioned: 0 Post(s) Tagged: 0 Thread(s)	not knowing c++ is kind of odd since hes gotten this far, but who cares as long as it actually works. but still, i REALLY hope this doesnt lead to a big piracy issue like with the 360 __________________

01-26-2010	#4
kane_1371 Apprentice Join Date: Dec 2009 Location: Sweden Posts: 3 Likes: 0 Liked 0 Times in 0 Posts Mentioned: 0 Post(s) Tagged: 0 Thread(s)	hmmm..... it will lead to an piracy issue and sony will not take it easily. both sony and microsoft can even sue you if you do this. even though it could give us some savings with money but i do not consider my self hacking my ps3. i want it safe and sound __________________

01-26-2010	#6
Pockets69 Senior Member Join Date: Jan 2008 Location: Lisbon, Portugal Posts: 6,681 Likes: 2,087 Liked 2,449 Times in 1,389 Posts Mentioned: 138 Post(s) Tagged: 0 Thread(s)	Certainly coding C++ for a power pc architecture is not the same as coding for x86 architecture, that is what he meant. Let him do his work, i know we do not have any proof yet that this is real, and a week ago he was hitting walls all the time (in my opinion trying to hack it randomly) but he says he has done it so being geohot and all, and his past speaks for himself, he is not going to destroy is reputation! lets just wait __________________ <eussNL> judge: ´so why did you torrent 5 million AVI of women moaning´ <eussNL> <TizzyT> i dont judge if it sounds good i listen

		PS3Hax Network - Playstation 3 Hacks and Mods > News > PS3Hax News
GeoHot clears up information about his hack

01-26-2010	#5
stadicon Member Join Date: Oct 2009 Posts: 86 Likes: 15 Liked 20 Times in 16 Posts Mentioned: 0 Post(s) Tagged: 0 Thread(s)	I wonder what exactly he means by "...because what I'd really like to do is post decryption keys here so you guys can join the fun.". Which keys actually he is talking about? Cause, if he manages to find out the decryption (and encryption keys) to sign our unsigned code (like Datel did to sign their code on PSP), then is should be amazing: it will be the ultimate "hack" for the console, being the less illegal and being more a homebrew work than a piracy hack.

01-26-2010	#7
chitalov Apprentice Join Date: Feb 2009 Location: bulgaria Posts: 10 Likes: 13 Liked 3 Times in 2 Posts Mentioned: 1 Post(s) Tagged: 0 Thread(s)	More info from Geohot http://geohotps3.blogspot.com/2010/0...ing-field.html

01-26-2010	#8
nickmitch Senior Member Join Date: Feb 2007 Posts: 1,747 Likes: 6 Liked 55 Times in 34 Posts Mentioned: 0 Post(s) Tagged: 0 Thread(s)	Didnt really understand much of what he wrote lol. Dont really want this to lead to people downloading games illegally, Sony charge enough for their products already. __________________

User Name		Remember Me?
Password