Aah, yes, new exploit, old game. It's so cool to actually see this beauty working - and on a PSP-3000 no less! The PSP scene was buzzing the other day when MaTiAz found an exploit (read: buffer overflow!) in the three year old game, GripShift.
MaTiAz says that they've yet to find any further use for this, but it's still a new exploit. It could lead to further hacks, and for now, it's merely a proof of concept. Be that as it may, this is a great start, and a rather sweet find! Here's MaTiAz explaining the exploit:
"GripShift has a buffer overflow vulnerability when loading savegames. The savegame contains the profile name which can be easily used to overwrite $ra. The savegame file is pretty big (25kB) so you have lots of space to put your code there. I wrote a simple blob of code to paint the framebuffer completely white (to just indicate that arbitrary code is running ). The return address is located at offset 0xA9 in the file. In this poc it points to 0x08E4CD50 (which is only a few bytes after the return address), and the code starts at 0xCC in the file."
"It was tested on 4.01M33-2 with US version of GripShift (ULUS10040), and psplink.prx, usbhostfs.prx and deemerh.prx loaded (also without psplink and usbhostfs). The decrypted savegame (sorry, couldn't [be bothered to] get Shine's savegame tool working so it's in plaintext form) is in the SDDATA.BIN form which Hellcat's Savegame-Deemer produces (thanks to him, if the program didn't exist I wouldn't have bothered with this. ). Just copy the ULUS10040SAVE00 directory to /PSP/SAVEPLAIN/ and run the game. EDIT: yeah, don't forget to have Savegame-Deemer working, duh."
Like it? Share with your friends!
If you got an error while installing Themes, Software or Games, please, read FAQ.
Similar Software:
Makefile Maker 1.1.1 Makefile Maker 1.1.1
Makefile Maker is a software that enables PC to automatically generate
Makefiles to compile EBOOT (or PRX) for your PSP
Installation:
- Makefile Maker 1.1.1.rar
- You only have to run Makefile maker.exe
Use:
- Launch Makefile maker
Half Byte Loader r109 Hot Shots Golf Greatest Hits Half Byte Loader r109 Hot Shots Golf Greatest Hits
Developer's note:
JJS Has been hard at work to improve our beloved HBL again.
As a side effect, he also fixed the issue which prevented Gpsp from going back to the HBL menu, an issue that had been here for ages
Disk PsP Disk PsP
Logikz recently released Disk PsP, a simple Windows XP program that'll change the drive letter of their PSP when it shows up on their computer.
According to Logikz, the device itself is simple to use, though only replaces the drive letter, rather than the entire line
Choice If you loved Sony PlayStation Portable homebrew developer xart's easyChoice application for the original PSP and you're wishing you could take it along as you upgrade to the PSP Slim, wish no more because xart has just released slimChoice
5.00 .CTF Updaters 5.00 .CTF Updaters from Mr. Shizzy:
I began updating all my 5.00 M33 .ctf files to support sub folder systems.
I soon realized how time consuming it was going to be to update hundreds pf themes manually. So I threw together a .bat script to automate the process.
I may try to do an update if I get the time to allow batch converting
DayViewer DayViewer
from Total_Noob:
This plugin allows you to add the day next to the date. If you want you can add battery percent, month name and year, too.
Changelog v6.1
- Fixed bug that the bootsound wasn't sounds at boot.
Changelog v6
- Added compatibility with unicode(special characters).
- Added possibility to show seconds.
- Added support for all cfws(3
KFWFlasher WIN32 KFWFlasher WIN32
KIWIDOGGIE is back with his KFWFlasher, but this time, on a different platform. His KFWFlasher WIN32 v1.00 is friendly with a windows platform with the .net framework. Interested?
This here is actually a beta Flasher for PSPs with the OE firmware. He says that the GUI is simple and effective with a console, if you want to do stuff manually
ASE2LUA ASE2LUA
Lua devs, check this out. Ahrimanes has released a new homebrew app that lets you port 3D models to Lua through the ASE format. According to ahrimanes, all you have to do is to export your 3D model file to ASE then use ASE2LUA and "you will have the triangle array to use in gu."
The download below includes the following:
1. some ase models
2
Custom Firmware 1.62 IE-B Update1 Custom Firmware 1.62 IE-B Update1
Yay for custom firmware season! After Dark_Alex's released his latest (archived) bundle of joy unto the gaming world, becus25 has also updated his own custom firmware. So yes, it's PSP love all around right now.
Anyway, becus25 released Custom Firmware 1.62 IE A Update2 a mere week ago, and here he is once again with Custom Firmware 1
SaiZn's Orange/White XMB Theme SaiZn's Orange/White XMB Theme
Thanks to Stan, we heard about the creative works of SaiZn for making XMB themes. This time, these themes are multicolored, which means you can choose the color you want to use for your own XMB.
Now, since there are multiple themes here, let's explain the basic idea
Comments on GripShift savegame exploit POC:
Comments not found
If you noted an error or download link is broken, please, report it via this page or use comments.
Please, select device to check if GripShift savegame exploit POC supports it
