Resources

People often ask me "How did you learn how to hack?" The answer: by reading. This page is a collection of the blog posts and other articles that I have accumulated over the years of my journey. Enjoy!

The old-school PS1 and PS2 consoles have had hardware exploits with modchips but never software mods to allow the playing of arbitrary games. This is a software exploit for the original Playstation console.

The software mod uses a buffer overflow that is quite common save state functionality. By modifying parts of the save game state on a memory card to be an extremely large string, it causes an insecure snprintf to occur in a stack buffer.

With this buffer overflow, the EIP can be overwritten on the stack to jump to customized code for the customized loader. This first stage loader is used in order to get the console back to a working state to load games.

Besides fixing the game console to load games, the loader changes the configuration of the console itself! The console has DRM protection to make using copied games impossible. The exploit code disables the verification on the cd loader with undocumented CD commands found at here to allow copied games to be used.

The save game exploit works in several games in the Tony Hawk franchise but has been discovered in a few other games as well.

The older consoles are being taken down, hard! With modern consoles, the Xbox 1s security has yet to be broken but the PS4 and Switch have been taken down. When security is done properly with no way to see inside the box, it is hard to get in.