Report: new VSH user mode exploit found?

fgghjjkll

fgghjjkll

GBATemp MegaMan
OP
Member
Level 7
Joined
Jul 7, 2008
Messages
2,043
Trophies
0
Age
28
XP
1,038
The forums down at Lan.St have gone abuzz yesterday after a possible buffer exploit has been found. Details are being carefully kept under wraps at the moment to protect the new discovery, but homebrew veteran wololo has confirmed that it's legit and is hopeful that it could lead to a new breakthrough.

wololo, whose name is often heard alongside the Half Byte Loader, noted that the new exploit is a "very nice VSH user mode exploit (or very close to it, since there is full control on ra)." He also expressed willingness to work on the new exploit, though he himself admits lack of experience in dealing with VSH vulnerabilities.

This user exploit also seems to need a kernel exploit, which is similar to how ChickHEN worked. There is plenty of speculation surrounding its possible uses, but everything's still up in the air for now.

We'll be keeping an eye out for updates as they come.

Source
 
SPH73

SPH73

Banned!
Banned
Level 1
Joined
Sep 2, 2008
Messages
889
Trophies
0
XP
9
Country
United States
Very interesting. Half Byte Loader saved my PSP Go from neglect. I'm intrigued by this new project.
 
Arwen20

Arwen20

Well-Known Member
Member
Level 2
Joined
Aug 17, 2009
Messages
324
Trophies
0
XP
160
Country
United States
I would love to see this area developed. I love my little psp go! As soon as the half byte loader works for bookr I will update my psp go. Right now, I am still on 6.20.
 
prowler

prowler

Sony
Member
Level 12
Joined
Jul 14, 2009
Messages
9,475
Trophies
2
Location
Ragol
XP
3,294
Country
Zimbabwe
It's nice to quote your news posts btw.


also, i'd just wish they would keep their mouth shut if they have found another lame possible exploit. its getting ridiculous now.
 
SifJar

SifJar

Not a pirate
Member
Level 7
Joined
Apr 4, 2009
Messages
6,022
Trophies
0
Website
Visit site
XP
1,175
Country
fgghjjkll said:
This user exploit also seems to need a kernel exploit, which is similar to how ChickHEN worked. There is plenty of speculation surrounding its possible uses, but everything's still up in the air for now.

A kernel exploit is needed for a HEN, an eLoader (i.e. HBL) would be possible without one, but considering how hard it is to find VSH crashes, it would be a complete waste to release HBL for this instead of making a HEN.


QUOTE(prowler_ @ Sep 9 2010, 09:24 AM) It's nice to quote your news posts btw.


also, i'd just wish they would keep their mouth shut if they have found another lame possible exploit. its getting ridiculous now.
Click to expand...

The guy who found the vulnerability (note: despite what the first post says, it is NOT an exploit, its a vulnerability; there is a difference) was not sure if it was vulnerable or if it was just a crash, and wanted a second opinion. Perhaps it was an error to post publicly, but these things come with experience. The vulnerability was available to download for a short time, but unless Sony happen to be monitoring Lan.ST 24/7 and reading every new post, it is very unlikely the files will fall into the "wrong" hands. It was removed quickly and I doubt any n00bs got a hold of it either.
 
fgghjjkll

fgghjjkll

GBATemp MegaMan
OP
Member
Level 7
Joined
Jul 7, 2008
Messages
2,043
Trophies
0
Age
28
XP
1,038
SifJar said:
fgghjjkll said:
This user exploit also seems to need a kernel exploit, which is similar to how ChickHEN worked. There is plenty of speculation surrounding its possible uses, but everything's still up in the air for now.

A kernel exploit is needed for a HEN, an eLoader (i.e. HBL) would be possible without one, but considering how hard it is to find VSH crashes, it would be a complete waste to release HBL for this instead of making a HEN.


QUOTE(prowler_ @ Sep 9 2010, 09:24 AM) It's nice to quote your news posts btw.


also, i'd just wish they would keep their mouth shut if they have found another lame possible exploit. its getting ridiculous now.
Click to expand...

The guy who found the vulnerability (note: despite what the first post says, it is NOT an exploit, its a vulnerability; there is a difference) was not sure if it was vulnerable or if it was just a crash, and wanted a second opinion. Perhaps it was an error to post publicly, but these things come with experience. The vulnerability was available to download for a short time, but unless Sony happen to be monitoring Lan.ST 24/7 and reading every new post, it is very unlikely the files will fall into the "wrong" hands. It was removed quickly and I doubt any n00bs got a hold of it either.
Click to expand...
The fact that a possible vulnerability was even found and talked about was stupid. Now it's possible that Sony and their engineers are trying to find said vulnerability. (Which is unlikely they will find the said one but could patch other ones..)
 
superrob

superrob

H4X H4X H4X!
Member
Level 3
Joined
Apr 4, 2007
Messages
2,464
Trophies
0
Age
30
Location
GBATemp factory.
Website
zabbo.dk
XP
359
Country
fgghjjkll said:
SifJar said:
fgghjjkll said:
This user exploit also seems to need a kernel exploit, which is similar to how ChickHEN worked. There is plenty of speculation surrounding its possible uses, but everything's still up in the air for now.

A kernel exploit is needed for a HEN, an eLoader (i.e. HBL) would be possible without one, but considering how hard it is to find VSH crashes, it would be a complete waste to release HBL for this instead of making a HEN.


QUOTE(prowler_ @ Sep 9 2010, 09:24 AM) It's nice to quote your news posts btw.


also, i'd just wish they would keep their mouth shut if they have found another lame possible exploit. its getting ridiculous now.
Click to expand...

The guy who found the vulnerability (note: despite what the first post says, it is NOT an exploit, its a vulnerability; there is a difference) was not sure if it was vulnerable or if it was just a crash, and wanted a second opinion. Perhaps it was an error to post publicly, but these things come with experience. The vulnerability was available to download for a short time, but unless Sony happen to be monitoring Lan.ST 24/7 and reading every new post, it is very unlikely the files will fall into the "wrong" hands. It was removed quickly and I doubt any n00bs got a hold of it either.
Click to expand...
The fact that a possible vulnerability was even found and talked about was stupid. Now it's possible that Sony and their engineers are trying to find said vulnerability. (Which is unlikely they will find the said one but could patch other ones..)
Click to expand...
And you think sony and other companies only patch stuff once somebody says "hey i found an exploit"? No they do that all the time anyway.
 
prowler

prowler

Sony
Member
Level 12
Joined
Jul 14, 2009
Messages
9,475
Trophies
2
Location
Ragol
XP
3,294
Country
Zimbabwe
SifJar said:
prowler_ said:
It's nice to quote your news posts btw.


also, i'd just wish they would keep their mouth shut if they have found another lame possible exploit. its getting ridiculous now.
Click to expand...

The guy who found the vulnerability (note: despite what the first post says, it is NOT an exploit, its a vulnerability; there is a difference) was not sure if it was vulnerable or if it was just a crash, and wanted a second opinion. Perhaps it was an error to post publicly, but these things come with experience. The vulnerability was available to download for a short time, but unless Sony happen to be monitoring Lan.ST 24/7 and reading every new post, it is very unlikely the files will fall into the "wrong" hands. It was removed quickly and I doubt any n00bs got a hold of it either.
Click to expand...
I never said it was a real exploit (note: possible exploit; theres a difference)
 
SifJar

SifJar

Not a pirate
Member
Level 7
Joined
Apr 4, 2009
Messages
6,022
Trophies
0
Website
Visit site
XP
1,175
Country
prowler_ said:
SifJar said:
prowler_ said:
It's nice to quote your news posts btw.


also, i'd just wish they would keep their mouth shut if they have found another lame possible exploit. its getting ridiculous now.
Click to expand...

The guy who found the vulnerability (note: despite what the first post says, it is NOT an exploit, its a vulnerability; there is a difference) was not sure if it was vulnerable or if it was just a crash, and wanted a second opinion. Perhaps it was an error to post publicly, but these things come with experience. The vulnerability was available to download for a short time, but unless Sony happen to be monitoring Lan.ST 24/7 and reading every new post, it is very unlikely the files will fall into the "wrong" hands. It was removed quickly and I doubt any n00bs got a hold of it either.
Click to expand...
I never said it was a real exploit (note: possible exploit; theres a difference)
Click to expand...
My "note:" was not aimed at you, but the OP and also others who make the mistake. I noticed that you worded your post correctly.
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Zippo says Sonic heroes remake might happed

Hacking Gaming Homebrew Homebrew app  SUYU Discord get deleted

Rumor  Switch 2 Official Name Could Have Been Revealed by Youtube

Hero Shooter GUNDAM EVOLUTION revived in private server project following End of Service

"Apple has lifted its restriction on retro game emulators on the iOS App Store"

Mario Maker 1 Deemed 100% after Final Level revealed to be hacked

Pokemon Fan Game Community Site, Relic Castle, has been DMCA'd

Mig switch flashcard clones are coming

General chit-chat
Help Users
  • No one is chatting at the moment.
    Psionic Roshambo @ Psionic Roshambo: @SylverReZ, Indeed lol