Editing Vulnerabilities
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 20: | Line 20: | ||
== PSP Game Savedata == | == PSP Game Savedata == | ||
=== Blacklisted games === | === Blacklisted games === | ||
Line 84: | Line 32: | ||
According to Jeerum (2010), every EA game on PSP gets a buffer overflow if you try hard enough: insert 1 kB or 2 kB into your profile name in the save data. | According to Jeerum (2010), every EA game on PSP gets a buffer overflow if you try hard enough: insert 1 kB or 2 kB into your profile name in the save data. | ||
=== Before PS Vita era === | === Before PS Vita era === | ||
Line 294: | Line 240: | ||
==== "Jikkyou Powerful Pro Yakyu 2012 Ketteiban" (Japanese: 実況パワフルプロ野球 2012決定版) (ULJM06206) by 173210: <= 2.61 ==== | ==== "Jikkyou Powerful Pro Yakyu 2012 Ketteiban" (Japanese: 実況パワフルプロ野球 2012決定版) (ULJM06206) by 173210: <= 2.61 ==== | ||
==== Pipe Madness by Frostegater: <= 2.61. Patched 3.00 ==== | ==== Pipe Madness by Frostegater: <= 2.61. Patched 3.00 ==== | ||
Line 345: | Line 287: | ||
==== MyStylist: <= 3.15 ==== | ==== MyStylist: <= 3.15 ==== | ||
==== Skate Park City | ==== Skate Park City: <= 3.15. Patched 3.18 ==== | ||
==== Space Invaders Extreme: <= 3.18 ==== | ==== Space Invaders Extreme: <= 3.18 ==== | ||
Line 363: | Line 303: | ||
It is fairly easy to get this exploit to work as it is a buffer overflow in the player's name. | It is fairly easy to get this exploit to work as it is a buffer overflow in the player's name. | ||
The savedata in | The savedata in this demo only work on the PSP that created them. Lots of people were complaining about the impossibility to re-use their save games on recent games such as Tekken 6. | ||
https://wololo.net/talk/viewtopic.php?t=39771 | https://wololo.net/talk/viewtopic.php?t=39771 | ||
Line 419: | Line 359: | ||
https://code.google.com/archive/p/valentine-hbl/source/default/source | https://code.google.com/archive/p/valentine-hbl/source/default/source | ||
==== Puzzle Scape: <= 3.52 ==== | |||
==== Puzzle Scape | |||
==== World of Pool, Pool Hall Pro: <= 3.52 ==== | ==== World of Pool, Pool Hall Pro: <= 3.52 ==== | ||
Line 444: | Line 366: | ||
https://github.com/173210/psp_exploits/ | https://github.com/173210/psp_exploits/ | ||
==== Mega Man Powered Up or Rockman Rockman: <= ? ==== | ==== Mega Man Powered Up or Rockman Rockman: <= ? ==== | ||
Line 458: | Line 376: | ||
=== After PS Vita era === | === After PS Vita era === | ||
==== | ==== ScrabbleTM by ChampionLeake: probably not patched, 2018-05-17 ==== | ||
https://github.com/ChampionLeake/scrabblehax | https://github.com/ChampionLeake/scrabblehax | ||
Line 752: | Line 668: | ||
https://pastebin.com/Sdz0XPRg | https://pastebin.com/Sdz0XPRg | ||
== _sceUsbGpsGetData kernel write kexploit by | == _sceUsbGpsGetData kernel write kexploit by qwikrazor87 and Acid_snake: PS Vita <= ?3.20? == | ||
Discovered around 2014-01-29 by | Discovered around 2014-01-29 by qwikrazor87 and Acid_snake. | ||
Simply call <code>_sceUsbGpsGetData(0x10000, sw_address);</code> where <code>sw_address</code> is the address of the function to hijack, usually _sceKernelLibcTime. | Simply call <code>_sceUsbGpsGetData(0x10000, sw_address);</code> where <code>sw_address</code> is the address of the function to hijack, usually _sceKernelLibcTime. | ||
Line 1,175: | Line 1,091: | ||
https://github.com/BASLQC/BASLQC/wiki/PSP-Custom-Firmware-History#History_of_homebrew_on_PSP | https://github.com/BASLQC/BASLQC/wiki/PSP-Custom-Firmware-History#History_of_homebrew_on_PSP | ||