Video of PSP libtiff exploit in Action |
Ó
Adrian (thanks for the tip!) has sent us word of a video that shows the PSP's libtiff vulnerability in action. For those of you who haven't heard of the libtiff vulnerability before, its a vulnerability which leads to the PSP crashing which could possibly lead to an exploit allowing homebrew to be run. Although Sony were supposed to have 'patched' firmwares 2.01+ for any image browser vulnerabilities, it appears that this one slipped the net. This means that although it hasn't been confirmed, this exploit could be present in firmwares up to 2.80.
The video put together by block10 shows the libtiff vulnerability crashing a 1.50 PSP DevHook-ed up to 2.71. As QJ's Jake said a few days ago: Even if this only works on lower firmwares, it will usher in the age of GTA-less homebrew for 2.01+ PSP's, which will be a welcome change for homebrew enthusiasts. Work on this exploit is continuing, and the guys you need to thank for finding this are NOPx86 (for originally finding this vunerability) psp250, Fanjita and Skylark for working on this. Developers can discuss this in the Developers Dungeon whereas normal forum users can find the appropriate thread in our PSP Hacks Forum.
Read: [libtiff Exploit Discussion - Developer's Dungeon]
Read: [libtiff Exploit Discussion - PSP Hacks Forum]
Via block10
51 Jumps PlayStation celebrates 15th birthday
39 Jumps PSP homebrew - MHUSPEED v3
22 Jumps PSP homebrew - MacroFire v3.0.12
Contact Us:
The QJ.net Network |
 |
| Site | Feed |
| QJ.NET | RSS |
| Nintendo DS | RSS |
| PlayStation 3 | RSS |
| PSP Updates | RSS |
| Wii | RSS |
| Xbox 360 | RSS |
| MMORPG | RSS |
| Personal Computer Games | RSS |
| iPhone - iPod Touch | RSS |
| QJ.NET Forums | RSS |
Add QJ.NET
User Favorites - December
User Favorites - December
Categories
Archives
Accessories
Add-ons
Applications
Artwork
Batteries
Cheats
Deals
Emulators
Events
Featured Articles
Firmware
Flash Applications
Flash games
Game Demos
Games
Hacks & Exploits
Homebrew Applications
Homebrew Demos
Homebrew Development
Homebrew Emulators
Homebrew Games
Homebrew Themes
How-To
Humor
Imports
Interviews
Magazines
Mods
MY QJ
News
Off Topic
On Shelves This Week
Opinions & Analysis
Podcasts
Previews
PSP Go
PSP Minis
PSP Slim & Lite
QJ How-To Series
QuickJump QuickGuide
QuickJump QuickPeek
Reviews
Rumors
Scans
Screenshots
Site News
Titles
UMD Movies
Videos
Weekend Warrior
Wi-Fi
December 2009
November 2009
October 2009
September 2009
August 2009
July 2009
June 2009
May 2009
April 2009
March 2009
February 2009
January 2009
December 2008
November 2008
October 2008
September 2008
August 2008
July 2008
June 2008
May 2008
April 2008
March 2008
February 2008
January 2008
December 2007
November 2007
October 2007
September 2007
August 2007
July 2007
June 2007
May 2007
April 2007
March 2007
February 2007
January 2007
December 2006
November 2006
October 2006
September 2006
August 2006
July 2006
June 2006
May 2006
April 2006
March 2006
February 2006
January 2006
December 2005
November 2005
October 2005
September 2005
August 2005
July 2005
June 2005
May 2005
April 2005
March 2005
February 2005
January 2005
Comments [refresh]
So this means what?
first comment
great video
good news for 2.80 users
Sounds cool,
But how does this make the jump from being a stupid "trick" that crashes a PSP to a buffer overflow exploit that can run unsigned code?
this is usless unless it can run code and sofar only theyve got code to run on tiff viewer on windows... not psp ..2 sept things
Where can i get a south park bootscreen like that?
as soon as i heard some yelling (or "singing") i stopped the video... screaming into the microphone = rock.
I have 2.71 ;(
Can't wait for something to come out of this!!!
Sweet mother of Jesus we're going... Back to the future! Make sure to check you psp's flux capacitor before more testing of this exploit is contiued. Also your psp needs to be struck by lightning for the right amount of juice.
j/k I kicked hombrew a ways back and although I dont really miss it, I would be excited for the oppurtunity to run some emulators one last time. Excellent work code jockeys!
And yet PSPU gives me no credit...
http://youtube.com/watch?v=sxHXG1bSuMc
where or how can you make the boot screens i thought you can only use the pmf files from the games
No offence but that was the worst quality vid i have ever seen, you couldnt see the firmware number or anything...... but good luck with the exploit
PSU knows better than to give me credit, I work in the shadows. All I ask is for random compliments from peopl I dont know and will never meet. That gives me wood!
gamers-core.com
What the fack was that?! its non-sense... this wont go far..
Me and Skeletor from PSPandMore.net worked on this exploit.................
Here is the proof of concept exploit that I have packaged in a .rar file as proof.
http://www.sendspace.com/file/9mmqzg
Disclaimer : Remember that you are using this program at your own risk. Thank you.
THAT MUSIC REALLY ROCK AND GETS THE POINT OVER. I FEEL LIKE A GIANT HOMO FOR HAVING IT EVEN TOUCH MY EARS. I AM NOW SO GAY I CAN ONLY TYPE IN CAPS, THANKS FOR YOU HOMOEROTIC ROCK VIDEO.
We don't care about any of you gutless unregistered fools caliming you created this first. Truth is everyone knows that Voltron created this exploit, fully assembled Voltron of course, and the the gay ass power ranger version Im talking Die Cast Metal Voltron made this hack. Now stand off, your smell would knok a vulture off a chit wagon!
We don't care about any of you gutless unregistered fools caliming you created this first. Truth is everyone knows that Voltron created this exploit, fully assembled Voltron of course, and the the gay ass power ranger version Im talking Die Cast Metal Voltron made this hack. Now stand off, your smell would knock a vulture off a chit wagon!
im tired of the opening music of GTA :)
go tiffexploit!
How about saying i didnt create this exploit now???
Download it here:
http://www.sendspace.com/file/9mmqzg
Well this is going to be a pretty nifty little tool if they get it working.
Although 2 tips next time; Turn on the light, and dont drink a fifth of vodka before you make a video.
where do you get the south park gameboot?
Clearly you have no mind for sacasim. I was tryin gto infer to you that it's pathetic you have to come on here to get your praise. Look at everyone line up to thank you for you total load of BS. All hail you, you the man!
When the psp turned on again at the end why was it on hold?
I did too make this crack, you can download it from my link above. Bow before me cause I am 1337 Hacker. Screw you all Im going to post on the official sony boards where my genius will be appreciated!
psphacker dont lie. You know you didn't make it.
how would i get that
It works on my 2.80 PSP.
After it "crashes" if you look up next to the clock you see the hold "key" is on. All you have to do is pause the camera and then turn the psp back on then unpause the camera or edit it in windows movie maker. I'm not doubting the fact that this exploit exists. but the video is far from convincing.
wow, there must be a load of 'gangstas' in this forum, as a few people have moaned about the music in the vdieo. SORRY, DO INTELLIGENT PEOPLE OFFEND YOU!!! people need intelligence to play instruments, and they SING!!! not go 'oh, uh, yeh, dis is fiddy cent, lemme take u 2 da candy shop' tht is the most retarded of the retarded music EVER!!! jeez, stop smoking dope and GAIN AN EDUCATION MORONS!!!
useeless is something alot of the unregistered commenters say.
I say come on guys, dig in deep and grab this exploit and bring it to fruition. I hope that this leads to homebrew on 2.8. i miss djsp on it.
hey i did make the exploit first it came to me in a dream i had there i was jacking off to ricky martin win all of the sudden it hit me i can do this..
thats not real music either, i dont want to listen to some guy go, uh yea , uhuh, ill take you to my candy shop so you can lick my penis, mofo,
but at the same time i dont want to listen to some guy screaching down the micraphone about how much his life sucks.
in my opinion the only great music is euphoric trance and electronica. its a shame no one else seems to agree.
i dont get the point in stories being told in music, if i want to hear a story ill read a book.
Why not just defend the fast you like gerbils where the sun don't shine.
I wouldn't be so quick to jump up and defend your flaming putang "rock" there. Just makes you look like more of a phag. They can't sing, they barely play their instruments, and it makes the whole hack video lose credibillity.
Were the Spin Doctors not available? Maybe you couldnt find your Hootie and the Blowfish. .. L M A O
I have that background he has. also, anyone think this is goin anywhere?
It doesn't crash for the last time.
Please stop saying it crashes.
It only freezes.
A crash is diffrent then a freeze.
You can boot or run code with a freeze.
But if it crashes you can run code and boot stuff.
So until I see a real crash.
Im not sure this can even be called a exploit.
If you mess around with the web browser a lot it freezes.
this crap is FAKE
I mean they are "better than the beatles" but we be way better than no-taste-is.
this exploit has been proven and fanjita is working on it, it is not fake dumb@$$
how can he write "CONFIRMED exploit"? its not confirmed, all they did was freeze it, nothing has come of it yet, no exploit yet, not confirmed.
@31 i play an instrument and i didn't care for the music in the vid. Just because they worked hard on it dosn't mean anyone has to like it.
To the creator of the video, you should block out your MAC adress for security reasons.
And as for psphacker12 and the rest, i would just like to inform you all that it was I in fact who invented this "mess your psp picture thing", and you should donate all your base to us or i won't finish coding it.
BTW thank you to all the real developers that are working on this exploit, not that it in any way affects me.
Fanjita and Skylark wouldn't still be working on this is if it were fake, now would they? No. Now run along, kids.
i think this is really going somewhere like the overflow.tif exploit in 2.00! great progess, this is what keeps the psp scene going!
and as a side note "To the creator of the video, you should block out your MAC adress for security reasons."
why the hell would he, is someone going to hack his psp? i can understand a computer, but goddamn, why should he block his mac address?
Elton John all the way.
he showed his mac address sony could hunt him down LOL
*****,*****,*** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****, *** **,*****,*****,