Cracking, Modding, and exploiting your PS3: A Guide to everything Sony

doesn't want us to know.

By: Mike(HF7

.::Forward::.
I Have decided to write a guide about everything we wish we knew or know about the PS3, yes

I'm talking about possible exploits, the future of game cheating and everything that Sony would

not necessarily like us to discuss. I will cover all sorts of past mods and exploits, the future of

exploits for the PlayStation 3 and what could possibly be in the future of this big boy console as

time passes and we learn more. Please note, this really wont tell you how to do them, possibly in

the future but I will cover anything that would be defined as "hacking" or "modding" a PS3 and

discussion of possible methods. If you're one of the very few who read the Terms of Agreement

either when signing up for PlayStation Network or when you purchased your PS3 this will cover

everything Sony wants to hide...

We all know the PS3 has had its share of failed attempts at cracking the cells and the hardware,

and some well that have opened a small light and opportunity to those who look back in the

past, snap their brains on and get working. We are going to talk about the ones that worked,

whilst they may have seem like a laughing stock by some "1337" glitcher who knows next to

nothing, and saying hahaha that's stupid, or you did it wrong. Well those laughing stocks are

what we need to continue, such as frost's game exploits that all you to run modded code, custom

mods and OS's that let us do some nifty shit.

ISO Loaders via HDD backup:
Even though this happened over a year ago around two and was never finished or released

publicly I think we should brush up on it. What this was from what we know from some forum

posts and a few short videos is, some hackers were able to allow them to play ISO backups off

their HDD WITHOUT any type of disc. It died off awhile back but it was a huge step as it was

quite sometime before 80GB PlayStation 3's as this was stated as it only worked on 20GB, and

60GB models. It is very unclear if the project will ever go public or for that matter even continue,

but its worth the mention as its the closest and really the only thing that allowed you to play

game backups.

Custom Code Exploit(s):
There were quite a few of these, some being fake, others proven to work. Again not much actual

code was released but hackers were able to exploit code when an game or menu loaded to get it

to say something etc. These usually will come in the form of stack overflows and are most

commonly seen as it is easy(usually) to access those areas of the RAM. Issues again with this to

make a custom self file, which by the way for less knowledgeable people, a self is just like an .elf

file or a prx for the PSP, sorta like an exe if you didn't know what those are. To make those we

would have to develop a PS3DK(Dev kit) so we can compile source code and such but that is a

tremindus task, a group would have to write up the libraries(libs) etc. Now ingame cheating like

the PSP with NitePR would execute in the ram using the systems asm, in this case the PS3's asm is

power pc/cell... again this is new to ALOT of people and is NOT easy if you have never learned

another assembly such as MIPS.

Why cheating in online games isn't exactly new, if it ever happened it would be certainly new to

the PS3. yeah, Im not talking about silly old glitches, Im talking about custom self files to run

code in the RAM that modifies the game and its ability, sorta like CodeMajic for the ps2 did just

that(Im NOT talking about that shitty booster) that could run custom code via the processor(see

previous section -Custom Code Exploits) and would be quite to perform. yes we will always have

glitches, and savegame data modifications but lets face it the rest is hard, but fear not there

could be other possible methods.

ISO(game image) Modding:
Ah yes the infamous good ol' mod discs from the PS2 and earlier PSP days, this takes quite a bit

of knowledge to perform and most people know ISO's as the "game" file on the 360. This is the

COMPLETE game image, meaning if you were able to crack it open and get inside and had some

decent knowledge you could easily change that 100 bullets into inf ammo etc, if you can thinki of

it then you could most likely make the ISO do it. Yes, there are several complications with this,

including the size of the game with most being 8GB or so thats quite a hefty size. Though let me

make this clear this will NEVER work if we never get a proper ISO loader, or even something

that allows the user to run ISO backups or MODS off a Dvd or the HDD. Now yes, yes before you

ask it IS possible to mod an ISO to be online only, do whatever you want, change the soundtrack

etc, since there quite big it would be A LOT of work, but if you succed you would have one

pimped out game!

RAM(memory) Mods:
Dont know what Im talking about? Well then you might be a little confuzed as Im not going to

get into the background and such of assembly but once you learn the hardwares assembly you

can do a SHIT LOAD. Have you ever looked at PSP games, such as socom? Well those run code

in the ram aka the memory using hex. Well the PS3 one day could be capable of this such

amazing thing using its assembly to modify the code. Why assembly? Because it can execute what

you want it to do on the processor realtively FAST, the only problems to this method are finding

a way to run the code, a way to dump the games memory to see what you playing with(its most

likely 1GB+ depending on the game, most likely more) and then having a file or method to run it

such as a self file, prf etc. Here is an example of the assembly Im talking about, if you know

another asm this should make sense, if not read up.

lqd $5, 0($3) ;loads data into a temporary register
cbd $6, 0($3) ;controls byte intersection
shufb $7, $4, $5, $6 ;place data in routine
stqd $7, 0($3) ;store it back into the register

More on this section to come!

The future of this is currently quite dim and hasn't really chnaged since the system was released

some time ago. I know how we would all think it is so cool the day we get a public hello world

properly working, or that first homebrew game, that is quite a bit of work as the PS3 is advanced

compaired to other previously exploited console's such as the Xbox 360, and the PSP and Ps2.

We have cells and cells we have, you should read up on them as that will shed you just a little

more light into the world of the PS3's Security! I dont see it happening soon, but Im sure we can

all imagine what we would have, modders, custom themse, ISO support, well unti we get past the

basic layers of security there really isnt anything happening soon.

Tiffs, yes tiffs could be the future in this case, a tiff image file could be used to cause a system

overflow on the stack causing something such as installing a DLC to freeze, and cuase the

hardwares code to become customly exploited so whenever you try to install that DLC it freezes

and allows you to run custom code. This was doen several times for the PSP, so a hacker would

just need to find a section where heavy loading is performed and where code can be exploited to

run customly to perform another task then what it was made for.

There have been loaders in the past but there is currently not much possible with this, sure we

have a way to access the ISO files and possible the rfds/prfs but we cant run them... why can't we?

Well one we dont have a loader and you cant possibly just burn them to an DvD why? because

when you boot up a game of a disc the cell checks to make sure the blueray is legit, and so is the

game image(ISO) before running it, if you want a clean and easy way to run ISO's you would

need to exploit that section of the system so when it checks on game startup it ignores and makes

it look legit, quite a task at hand. Also ANYTHING for the PSN store is NOT able to be copied to

an external device and it has security encrypted inside etc.

Sure with Sony being smart in some ways and dumbfounded in other areas, that is kinda how you

would describe the PS3 allowing the other use of other Operating System's(OS) on the PS3

besides the Default hardware which is GameOS. Linux has been done along with a few others,

nothing much but if people were smart enough to make one I'm sure we could do a lot. Whlist

there are several limitations on what we can access in the Cells, there is still plenty of stuff we

could attempt to do. Now it looks like this may become a shady and suty future will the new PS3

Slim model ariving this September, there is NO longer an option to install an OS thus any type of

'homebrew' or exploits will NOT be able to work on a Slim model if they ever even found one to

work on the original FATs.

I really hoped you read this and found something interesting and would like to continue your

studies and work in hopefully one day from now successfully exploit the PS3 and make it big,

whether that be game cheating, cfw or some other crap let it be done. It was be done before us, let

it be done now! Best of luck to everyone who wants to continue, if you do please think of adding

to my guide to improve the knowledge of those wanting to learn. If you're interested learn the

ways of exploits, read up on the PS3 hardware, Cell BE assembly and maybe some C++.