No, there's no typo in the title. It's 2020 and Sony's second home console, the PlayStation 2, got a new exploit; and an interesting one at that! Aptly named FreeDVDBoot, this exploit allows users to run burnt homebrew games on an unmodified PS2. Just slide in a DVD into the console as you would with any other game and boot it without any additional tools.

@CTurt , the software engineer behind FreeDVDBoot and fellow GBAtemp member, explained in length his method that exploits the console's DVD player functionality in a blog post. He also made all of FreeDVDBoot's code available on GitHub, along with a step-by-step guide.

​

In case you're wondering about actual PS2 games rather than homebrew titles, yes, FreeDVDBoot also enables you to run backup copy of those. CTurt shared a video using his exploit to run a backup of Shadow of the Colossus:

​

It doesn't end there either. CTurt further goes on to speculate that this method could potentially work on every single PlayStation home consoles and that he will investigate this possibility in the future:

There's really no reason this general attack scenario is specific to the PlayStation 2 as all generations support some combination of burned media: from the PlayStation 1's CD support, to the PlayStation 3 and 4's Blu-ray support, with the PlayStation 4 having only removed CD support. Hacking the PS4 through Blu-ray BD-J functionality has long been discussed as an idea for an entry point. This may be something I would be interested in looking into for a long-term future project: imagine being able to burn your own PlayStation games for all generations; 1 down, 3 to go...

SOURCE
FreeDVDBoot code and guide on GitHub

 

[BeastMode6]

So I read up on everything.
https://techcommunity.microsoft.com/t5/storage-at-microsoft/stop-using-smb1/ba-p/425858

Someone sets up my new corporate network today with it. Their family will never find the body and someone that useless is unlikely to be missed anyway. Some legacy reason (and that ought to be a business critical super expensive/nigh impossible to replace fancy printer/scanner, CNC machine or the like) better be justified as anything, and most likely will be airgapped and then some if at all possible.

For the average person around here that mostly just has read only, maybe write in one directory, shares for their home and devices on it to watch films on another computer or something. Seeing less of an issue.

Still not taking the risk, sorry.

OPL needs to be updated to support SMBv2 at minimum.

 

[uyjulian]

Still not taking the risk, sorry.

OPL needs to be updated to support SMBv2 at minimum.

Not going to happen because Samba takes too much RAM.

I'd like to get udpbd working, which is a much lighter weight alternative to SMB. Currently, it works standalone, but not when used with the IOP core of Open PS2 loader.

 

[Lumstar]

My only issue now is that OPL only supports SMB 1, and I’m not opening myself up with that security risk.

Why not use a wired Ethernet connection between the PC and the PS2? I doubt anyone's going to break into your house to intercept and steal PS2 ISOs being transferred over the network.

 

[Kwyjor]

Why not use a wired Ethernet connection between the PC and the PS2? I doubt anyone's going to break into your house to intercept and steal PS2 ISOs being transferred over the network.

Presumably the concern is that you still have to have the server running on your Windows PC, so someone malicious elsewhere on the Internet could exploit it somehow.

 

[BeastMode6]

Not going to happen because Samba takes too much RAM.

I'd like to get udpbd working, which is a much lighter weight alternative to SMB. Currently, it works standalone, but not when used with the IOP core of Open PS2 loader.

That would also be acceptable.

Why not use a wired Ethernet connection between the PC and the PS2? I doubt anyone's going to break into your house to intercept and steal PS2 ISOs being transferred over the network.

My PS2 isn’t next to my computer, it’s on my network which is connected to the internet.

 

[codezer0]

Considering I've never had any luck to get FreeMcBoot or FreeHDboot to load anything but itself (every attempt to read any of my backed up library has been steadfastly ignored), I don't see how this would really help me, either. Unless somehow FMCB/FHDB also implement this into their next major release as well. As it is, FHDB flat out won't work as long as my modchip is enabled on my personal PS2. Unfortunately, the hard drive I was trying to set up FHDB on for my wife's (non-modded) PS2 died because of a faulty freakin' adapter dock. Can't really find PATA hard drives anymore that work, much less one big enough to be useful; there's also the aggravating reality that basically every WD hard drive is spaced just far enough apart to actively refuse to work with a stock PS2 network adapter.

 

[TomTalker]

It's been time for this, my friend. New exploit after many, many years!

 

[RedBlueGreen]

Wouldn't most prefer to stick to USB loading? I'd rather do that than having to swap my discs every time I want to play something else.

No because the PS2 is USB 1.1.

 

[xdarkmario]

you can also use this to redundantly load up a exploit game and make your own freeMCboot

 

[HideoKojima]

Does this work on PS4?

 

[AkikoKumagara]

you can also use this to redundantly load up a exploit game and make your own freeMCboot

Why load an exploit game instead of *LaunchELF? Sounds like a way to make the process more difficult artificially.

 

[driverdis]

For anyone who thinks this may work on PS3 or PS4 In the future, it won’t do much if it did as modern devices have mitigation against simple buffer overflow exploits like this and would require much more work to get it to work.

The PS2 does not feature modern mitigation technologies such as ASLR, Hypervisors, and NX Bit so a buffer overflow exploit opens the whole system up without needing to other exploits to bypass the above protections.

Without a privilege escalation exploit you may at best get a HEN (Hoembrew Enabler) out of the deal if anything at all.

The PS1 on the other hand, exploiting the CD Player functionality and possibly the VCD Playback functionality for those rare VCD systems out there could be viable since it’s only protection mechanism is the SCE(A,E,J) wobble data pressed into the disc.

the original Xbox would be a good target as well since it lacks modern mitigation techniques and has a DVD player app that I doubt was throughly vetted for any potential bugs or coding errors since all it did was play DVD movies.

 

[Sheimi]

No because the PS2 is USB 1.1.

Phat models have a HD slot.

 

[AkikoKumagara]

Phat models have a HD slot.

Ok, but the question that person was responding to was about USB loading over the USB 1.1 ports on the system. Hard Disk loading is something else entirely, and is arguably the best method to play backups on PS2.

 

[Sneethan]

Why did i sell my ps2....

 

[smf]

Presumably the concern is that you still have to have the server running on your Windows PC, so someone malicious elsewhere on the Internet could exploit it somehow.

Maybe 20 years ago, these days you're likely connected to the internet behind a nat router and the SMB port isn't forwarded.

ps3netsrv support in OPL would be pretty cool though.

the original Xbox would be a good target as well since it lacks modern mitigation techniques and has a DVD player app that I doubt was throughly vetted for any potential bugs or coding errors since all it did was play DVD movies.

You would need the xbox dvd playback kit, maybe someone could figure out how to spoof that though.

 

[driverdis]

Maybe 20 years ago, these days you're likely connected to the internet behind a nat router and the SMB port isn't forwarded.

ps3netsrv support in OPL would be pretty cool though.



You would need the xbox dvd playback kit, maybe someone could figure out how to spoof that though.

the Xbox DVD playback kit receiver will always be required as it essentially is a hardware DRM key. Good news is that they are cheap to buy used so I don’t see that being much of an issue.

 

[linuxares]

Does this work on PS4?

Dude it just got announced for PS2. It's probably a while before anyone might getting working on the PS4 and that's highly unlikely.

 

[wiiando]

Dude it just got announced for PS2. It's probably a while before anyone might getting working on the PS4 and that's highly unlikely.

Like another 20 years

 

[xxNathanxx]

I will finally be able to play backups on this, what a great time to be alive.

Will test it on my special edition PS2 Bravia tv edition since know that mostly all exploits were patched on it seeing the USB exploit or hard drive loading doesn't work on that unit. If it's like the previous disc exploit that are used on a lot of systems actually then I wouldn't advise doing it because it burns out the DVD player. Something that has to do with the reading speeds being a lot more intense with a Burned disc because of how it is burned compared to a PS2 disc that was burned differently to combat piracy. I'm guessing it's gonna mess up the DVD drive like it did with copied dvd's back in the day

--------------------- MERGED ---------------------------


Haha I have the exact same unit ! Never sell it, gonna be a collecters item later on since they are quite rare.

Ha, nice to see some others with one of these long unhackable PX300's. Technically the Fortuna exploit that was released a couple of months ago was the first to crack the PX300, but it still required you to already have a memory card with the exploit on it, and you can't put it on there without an entry point (or another already hacked PS2). I noticed someone on eBay recently started selling memory cards with Fortuna preinstalled, though.

Unfortunately, apparently the PS2 can't read DVD-RW discs, and I don't have any DVD-R's on hand, so I still can't hack my PS2 TV.

By the way, would you believe me if I told you this is the TV I use for everything? The picture and sound quality are great, the bolted-on PS2 looks hilarious (I added a PocketStation inside one of the memory card slots as a finishing touch), and it has ports for everything! The only thing I sadly can't get to work is DLNA (on the TV itself), it sees my network drives, but it doesn't see any files.