服务热线:0754 - 88943210
2024年汕头春季网络招聘会
  • 0

[转帖]转自多玩,据说PSP3000破解在望

初冬的温柔 发表于 2009-4-13 01:41:00 | 显示全部楼层 |阅读模式
3731 0

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区

您需要 登录 才可以下载或查看,没有账号?注册河畔 |

x
基于TIFF漏洞!PSP3000 Hello World发布(追加3K测试报告)

Posted by x3sphere at April 11, 2009, 9:06 pm



23点半追记:网友如意火,1K亲身实验TIFF漏洞,实况转播帖【转】欢迎围观

-------------------------------

11点追记:多玩坛友 zenanswer 在3K主机上的测试情况:

我爱死这能让小p死机的东西了
呵呵

新的附件我试过了,能看图片,不过刚进去就死机了,电源等常亮,读棒灯不亮
按键无反应
过几十秒就自动关机了
系统:5.01  3000

详情见:http://bbs.duowan.com/viewthread.php?tid=13816600&page=1&fromuid=158825#pid70670325

-------------------------------

翻译(多玩 - 海星云)

在PSP3000上运行自制程序的日子已经越来越近了,自制程序研发人 MaTiAz 已经于最近放出了一个基于TIFF的漏洞以运行著名的“hello world”——PSP破解的一个重要标志。

这个系统漏洞运行于PSP的照片菜单,利用了TIFF图像博物馆中的一个脆弱处(大概是这意思)。你可能会觉得这些很熟悉,因为这跟那个PSP破解盛行,破解软件大行其道的“光辉时代”时候很相似。而且,安装方法也可以在readme 文档里面找到。

经过长久等待,5.03系统的自治系统的大门终于要向我们打开了!

使用方法

距离基于TIFF的系统漏洞的放出已经为时不久了,这已经是是PSP的第三个系统漏洞,大家尽情享受。

只要把文件复制到记忆棒的跟目录,断开USB链接然后进入到照片菜单。如果漏洞第一次不工作不要灰心,他非常的不稳定。即使你一次就让他工作了,你还是需要至少尝试实验20次才能真正成功!

这个h.bin会加载到0X8800000,并且PAD.PRX的文本地址会通过二进制码加入到$a0(这句话不确定,很专业),然后你就可以欺骗系统,进行导入,比如
sceDisplayWaitVblankStart:sceDisplayWaitVblankStart = (void*)(paf_addr+0x15F068);

现在放出的版本只能适用于肥PSP(PSP-1000),瘦P的版本会稍后放出。我不会在这里列出制作人名单,我想我很可能会忘掉一些重要的名字然后我就死定了:P,那些参与其中并且需要让我列名单的人反正自己都明白。
祝大家愉快!
PS:只要再过几天,将会有一份大礼降临
-MaTiAz

作者特别强调只要再过几天,将会有一份大礼降临,让大家瞪大眼睛关注!尤其是2K和3K的玩家(A separate release is being prepared for Slim models, specifically the PSP-2000 and PSP-3000.)

多玩本地附件分流:


说明:之前因为大神的一个错误所以附件出现了一点问题,现在我们已经更新附件,具体请参看此贴:关于最新的MaTiAz放出的系统漏洞的小说明

-------------------------------


原文和出处:

The prospect of running homebrew on PSP-3000 units is rapidly inching closer, as homebrew developer MaTiAz has released a TIFF-based exploit in the form of a “Hello World,” proof of concept application.
The exploit is run from the PSP’s photo menu, taking advantage of a vulnerability found in the TIFF image library. Should be quite a familiar process if you were around back in the heyday of the PSP scene, when software-based downgraders were all the rage. Nonetheless, installation instructions can be found in the included readme file.
According to MaTiAz, “a bit of awesomeness” is due out within the coming days, so keep your eyes peeled. After a long wait, the gates to homebrew access on firmware 5.03 have been opened up.


The days of TIFF based exploits aren't long gone, at least not yet
Here's the third TIFF exploit for the PSP, enjoy.
Just copy the files to the memory stick root, disconnect USB and go to photo menu.
Don't dismiss the exploit even if it doesn't work on the first time, it's *very* unstable.
You might get it working on the first time, but you might as well have to try it 20 times!
The h.bin is loaded to 0x08800000, and the text address of paf.prx is passed in $a0 to the
binary code. You can then trick out function imports, like for example sceDisplayWaitVblankStart:
sceDisplayWaitVblankStart = (void*)(paf_addr+0x15F068);
This release works _only_ on fat PSPs. The slim version will come out later.
I'm not gonna include a list of credits here, I'll just forget some important names and then
I'll be screwed :P The people who need to be credited will know it anyway.
Have fun!
P.S. Just wait a few days, there's a bit of awesomeness coming up.
- MaTiAz
汕头全民爆料请 下载安装蓝色河畔App即可!
回复

使用道具 举报

全部回复(0)
您需要登录后才可以回帖 登录 | 注册河畔 |

关于我们|帮助中心|法律声明|诚聘英才|联系我们|手机版|小黑屋|Archiver|APP下载|

Copyright © 2002-2023, Hepan.com Cloud.    Powered by hepan.com Discuz!X3.4    粤B2-20080418 粤ICP备11103827号

违法和不良信息举报电话:0754-88943210 举报邮箱:help@hepan.com 粤公网安备 44050702000900号

GMT+8, 2024-3-29 14:07