Exploit Questions and Ideas

**Horscht** · 02-26-2006,08:05 AM

Hi

Sorry in Advance, This whole thing is very confusing. I come from the xbox scene and softmodded my xbox to allow homebrew (XBMC, emus, running backups, etc.) Now I recently stumbled upon this gem, called the Independence Installer. As a whole it does not look a lot different to the xbox exploits, just that it seems to be easier to run. But I have a question which I could not for sure answer myself by reading up on it.

To run this exploit, I have to boot up the PS2 with a PSX game whenever I want to trigger the exploit, correct?

In order to run Homebrew apps (SNES etc.), I would need to include those apps into the exploit itself using the indipendence compiler, am I correct?

What I didn't understand, though, is how to run backups. Would I trigger the exploit by running a PSX game and then simply put in a backup, or does the media check not get circuvented (i.e. would I still have to use the swap trick?)

If it does not get circumvented: why? Shouldn't the Media protection be something that's in the kernel/BIOS of the PS2? shouldn't we be able to run some sort of kernel patcher/Bios loader to replace the BIOS with our own? This is how xbox allows you to easily play backups homebrew software.

Sorry if the question I have asked were already discussed in a explicit manner, but this was stuff I couldn't gather myself.

regards

Horscht

**jenko** · 02-26-2006,04:05 PM

you have to use the psx disk evry time. if you install ulaunchelf of exec eft you can ftp your apps on after. the xbox softmod if im right just patches and replaces some of the ms dash files on the hd so they get booted but the ps2 dosnt work like this.

**Horscht** · 02-26-2006,04:54 PM

when the xbox launches a program, it checks wether it is signed by MS. An xbox softmod causes the xbox kernel to panic on boot and replace the MS key (which we don't know) with a key that we know (in the case of xbox it's the habibi key, a number devisable by 3). Know that we know the key, we can run a program that is signed with said key.

The goal is the same as on the PS2 Exploit: running an hombrew app

On the xbox however, we use this procedure to launch a BIOS-Loader (a loader that replaces the Original BIOS with a hacked one that doesn't do mediacheck/check for signature etc.) or more recently and app (nkpatcher) that patches the original onboard BIOS to fit our needs. This whole procedure is done in memory, so it shouldn't be a HD issue. After that BIOS has loaded/been patched, we have no security checks whatsoever anymore on the xbox and can run unsigned software/software with broken signatures

Now I wonder, if something similar would be possible on the Playstation 2. Not launching a hacked BIOS on bootup, but load this Bios when running the PSX exploit.

User Tag List

Thread: Exploit Questions and Ideas

Tweet

LinkBack

Thread Tools

Display


	Would you like to get all the new info from PSX-Scene in your email each day? Subscribe to our Daily Digest! Want to learn more about the team keeping you up to date with the latest scene news? Read about them now! Check out our Developer bios, too!