Results 1 to 1 of 1
-
January 4th, 2019, 20:43 #1Won Hung Lo
- Join Date
- Apr 2003
- Location
- Nottingham, England
- Age
- 52
- Posts
- 139,543
- Blog Entries
- 3209
- Rep Power
- 50
PSVita’s security is effectively blown wide open!
In their talk titled “Viva la Vita Vida” that took place less than 24 hours ago, PSVita hackers/developers Yifan Lu and Davee which are part of Team Molecule talked about the following:
- Their progress up to now on PSVita hacking
- They discussed the Vita’s security architecture and components of the Vita’s SoC.
- In their talk titled “Viva la Vita Vida” that took place less than 24 hours ago, PSVita hackers/developers Yifan Lu and Davee which are part of Team Molecule talked about the following:
- Their progress up to now on PSVita hacking
- They discussed the Vita’s security architecture and components of the Vita’s SoC.The first part of the talk, which was done by Davee, was about software techniques when it came to pwning F00D and he discussed the Octopus Exploit.
- In a very simplified way, the Octopus Exploit works by passing bytes into the F00D processor and having it tell you whether the byte is correct or not. Through this way, Team Molecule were able to dump the secure kernel of the PSVita which helped them in documenting and further hacking the device
- The second part of the talk, which was done by Yifan Lu, discussed hardware hacking techniques and mostly focused about voltage glitching. Voltage glitching is when you momentarily introduce a voltage change into electronics in order to change the result of logic gates thus creating a software bug through hardware
- Voltage glitching was used in order to bypass the bootloader size check (0xDE blocks) and this enabled Team Molecule to gain further insight about the bootloader/BootROM as they got its SHA-256 hash!
- Unfortunately, the BootROM didn’t contain any keys
- Later on, Yifan Lu went on to reveal that the bootloader (F00D) key was found and it was a repeating byte
- Apparently, the key was left there accidentally but it wasn’t noticed when retail builds of the bootloader were shipped
- This key is what protects every content key in the system
- http://wololo.net/2018/12/30/psvita-...own-wide-open/
- Their progress up to now on PSVita hacking
Reply With QuoteThread Information
Users Browsing this Thread
There are currently 1 users browsing this thread. (0 members and 1 guests)
Similar Threads
-
This Boeing 747 Flies With a 15-Foot High Door Wide Open [Airplanes]
By retroremakes in forum Off Topic ForumReplies: 0Last Post: January 10th, 2010, 08:20 -
SuperGP Ball Released and Dreamcast Fenix Site Open
By DCEmu_Newsposter in forum Chuis's Dev & Discussion ForumReplies: 6Last Post: December 19th, 2004, 05:40 -
Fenix Forum Opened
By DCEmu_Newsposter in forum Chuis's Dev & Discussion ForumReplies: 0Last Post: November 21st, 2004, 18:25
Bookmarks