The gaming community may be itching to read all the latest news about Sony's upcoming console, but that doesn't mean homebrew enthusiasts have left the previous generations behind just yet. In fact, one developer in particular (@CTurt, a name already familiar to those in the PS4 scene) has decided to go back a whopping 19 years to revisit the PlayStation 2 not for a quick nostalgia dive, but to crack it even further than it's ever been!

As a lot of you readers may know by now, Sony's best-selling console is by no means a stranger to hacks: a plethora of modchips, software exploits and other types of clever tricks to bypass the platform's security have popped up over the years, all of them with their own methods and pros/cons. However, most of them require either purchasing some pieces of hardware or having a pre-modded console at hand to later pass an exploit over to your own, which is by no means ideal for a multitude of reasons. But this is about to change starting today, as @CTurt has managed to find an exploit which only needs a PS2 Yabasic demo disk to work.

The exploit consists of two stages: the first overflows one of the interpreter's built-in functions and gains arbitrary code execution, while the second is a payload that launches an ELF from a medium available to the system (the repo includes one that loads the FIFA demo bundled with a specific revision of the disc, however, someone could technically choose whichever executable they want - even on a different/burned CD). Support for USB/HDD drives and loading ELFs over the network is also reportedly possible, but no compatible payload has been written for those yet. Everything said so far only requires a stock PlayStation 2 and an aforementioned Yabasic demo disk (something many European owners may already have as Sony originally included one with the consoles to avoid EU import taxes) so this should not only open up the doors to hacking & homebrew for many more people, but the exploit also works with late Slim models that don't support FreeMCBoot at all!

There are, however, a few things you should keep in mind. First and foremost, while everything is already in a working state and the code has been made public, it's not really that user-friendly yet: you need to compile the exploit yourself and, as previously stated, some otherwise useful payloads are still missing and will be added sometime in the future (other devs are welcome to make their own contributions!). Secondly, while most demo disks containing Yabasic are supported (serials PBPX-95204, PBPX-95205 and PBPX-95506), one of them is still not compatible as it uses a different executable version and the developer wasn't able to get their hands on it (serial PBPX-95520 - if you have it, please consider contacting the dev!). Lastly, those discs have only been produced for PAL consoles, so NTSC PS2 cannot take advantage of the exploit due to region locking.

Here is the usage guide included in the README:

Install the PS2DEV toolchain (really you just need a MIPS compiler), place your assembly payload in payloads/name.s and run make to build it into a Yabasic exploit.

On PS2, run the %lg patch corresponding to your disc first. EG: for PBPX-95205 that will be in out/patches-95205.yab.

Then you can run your payload (located at out/name.yab).

If your payload writes a value, you'll need to run the feEgG patch, and then you can run the debugger program to print it (both in out/patches-version.yab).

Feeling experimental? You can find PS2-Yabasic-Exploit's GitHub repo by clicking the source link below! You can also find out more about how the exploit works by reading the technical writeup here.

Source

 

[Darth Meteos]

FINALLY, YOU AMERICANS HAVE BEEN DEFEATED!
God bless Australia, the long-forgotten PAL region! May this be the first in a long line of PAL-first releases! WAHAHAHAHAHAHAHA

also i like the exploit good work

 

[DarthDub]

a bit late to the party. the ps2 emulator works perfect

No, it doesn't. There are lots of PS2 games that aren't played perfectly in an emulator. Heck, even Sony struggles emulating their PS2 games perfectly.

 

[galneon]

PCSX2 has come about as far as it can, and the result leaves much to be desired. The code is a nightmare to work on, improving it significantly would involve extensive rewrites, and it's plugin-based with all the issues that presents. PS2 is the oldest system in which I still routinely fall back on original hardware because there's just not a suitable alternative yet for the majority of PS2 games, regardless of one's system specs. PCSX2's compatibility list standards are low, and you're more likely than not to encounter cosmetic, sound or timing issues even when playing "fully compatible" titles. That's been my experience with every game I've attempted to play with PCSX2 over the years, despite my willingness to tweak settings, save for some simple Sega Ages 2500 games.

PS2 emulation will eventually reach a point where it's close enough to perfect. PCSX2 will never be the emulator to make that happen, though. Some year next decade, it will be superseded just as ePSXe largely has been--hopefully by a mednafen core. The PS2 really is a bizarre piece of hardware, though.

 

[raxadian]

And people called me weird for not throwing away my old videogame consoles.

Even Nintendo 64 emulation is far from perfect.

Anyway is a game from 2001 like Paper Mario still can't have perfect emulation what can you expect from a console than less that a decade ago still keep getting games?

 

[Quantumcat]

Nice writeup

 

[MegaGenesis]

My PS2 is a NTSC-J 9000x model. ITs been i while since i started looking fora way to future-proof my PS2, despite my DVD drive still working fine. This exploit being PAL locked is a deal breaker, but my console has a modchip installed (Matrix Infinity 1.93), can i use a burned copy of these Yabasic Demo discs to reach the same effect? Or are they one of those weird PS2 CD-R games?

 

[QuazaRayy]

I've had 3 PS2s and the last one i bought a FreeMCBoot memory card from eBay. It was cheap and easy but i could boot stuff off of a USB.

 

[raxadian]

I've had 3 PS2s and the last one i bought a FreeMCBoot memory card from eBay. It was cheap and easy but i could boot stuff off of a USB.

That sounds nice, I still burn DVDs for my PS2 but I might want to get an adapter like that to future proof my PS2.

 

[Ryccardo]

My PS2 is a NTSC-J 9000x model. ITs been i while since i started looking fora way to future-proof my PS2, despite my DVD drive still working fine. This exploit being PAL locked is a deal breaker, but my console has a modchip installed (Matrix Infinity 1.93), can i use a burned copy of these Yabasic Demo discs to reach the same effect? Or are they one of those weird PS2 CD-R games?

Most demo discs are indeed CDs, and backups will work but if you have a chip why bother given that you can directly run homebrew discs (and your chip can even directly boot homebrew from memory card or USB)?

 

[YOUCANTSTOPME]

Just wanted to point this out:

However, every single one of them requires either purchasing some pieces of hardware or having a pre-modded console at hand to later pass an exploit over to your own

Not true. You can install FMCB on a memory card on an unmodded console using the swap trick and a game, such as (but not limited to) Agent Under Fire.

 

[RattletraPM]

Just wanted to point this out:

Not true. You can install FMCB on a memory card on an unmodded console using the swap trick and a game, such as (but not limited to) Agent Under Fire.

I hadn't taken those into account because the swap trick isn't as viable on a fat unless you open it up (and you still need to do a bit of fiddling to block the sensors on a slim), but fair point nevertheless.

 

[cvskid]

You can buy a flip top for phat ps2 models which makes swapping disc much easier.

 

[smf]

You can buy a flip top for phat ps2 models which makes swapping disc much easier.

You could, but there are easier ways. I first installed independence exploit using some save game disc that came with a usb to usb adapter (same one used by some of the homebrew dev tools). Later when freemcboot came out I switched to that.

 

[RattletraPM]

You can buy a flip top for phat ps2 models which makes swapping disc much easier.

Sure, but that would still be a third-party hardware modification that requires you to open up the console and, let's be honest, if you had to go out and buy stuff for modding purposes anyway then you'd probably be better off getting a memory card preloaded with FMCB nowadays. What makes this exploit stand out, on the other hand, is that it's entirely software-based and PAL PS2 users might already own a Yabasic demo as it was pre-included with a ton of consoles - especially FAT models

 

[elBenyo]

I wish there were more titles like this instead of the disc swapping method.

 

[GensokyoIceFairy]

I actually have one of the Yabasic demo discs somewhere, but forgot where I placed it however... nice find, though! I’d imagine the reason it took so long to find is related to the fact that most of the time these things are specifically preferred and tested generally to work better with NTSC consoles and regions

 

[Necron]

Still no exploit that doesn't require anything special (I guess FHB comes close)

 

[uyjulian]

Still no exploit that doesn't require anything special (I guess FHB comes close)

Good luck with an exploit that "doesn't require anything special".

DVD? You need to copy and burn software to DVD.
MC? You need to copy and sign software to MC.
HDD? You need to copy and write software to HDD, and you also need a network adapter.
USB? Requires an exploit to chainload.

How do you load software on a PS2 without "something special"?

 

[Necron]

Good luck with an exploit that "doesn't require anything special".

DVD? You need to copy and burn software to DVD.
MC? You need to copy and sign software to MC.
HDD? You need to copy and write software to HDD, and you also need a network adapter.
USB? Requires an exploit to chainload.

How do you load software on a PS2 without "something special"?

100% pure softmod. Also, this doesn't tackle PS2s with dead drives, which there are a lot around.

 

[uyjulian]

100% pure softmod. Also, this doesn't tackle PS2s with dead drives, which there are a lot around.

Good luck softmodding when you can't even plug in anything into the PS2