PS3 Exploit: Software

As I’m sure everybody heard, the memory access exploit for the PS3 hypervisor was released recently by geohotz. I was finally able to replicate his hack so I thought I’d take the time to help out others who may also have trouble due to being linux n00bs like me :) If I were to post everything at once it would be too much work and I’d never get around to it, so I’ll post bits at a time to ensure I actually do post it heh. Today’s post will talk about the software side of the exploit.

Please note that the geohotz exploit software was hardcoded for the v2.42 firmware, I have made a small fix that attempts to dynamically support all firmware versions. I have only tested and used it on v3.15 however.

Fixed PS3 Exploit Files

The first step is to install Linux on your PS3 which means of course that this will not work on a slim PS3. I tried a few different Linux distros and after various different issues I settled on using Ubuntu v8.10 since this is the same version that geohotz used. I suggest using the “alternate” version since it includes a gui which the “server” version does not. You can download the 636MB image below, I suggest using the legal torrent below to save the bandwith of the Ubuntu servers.

Ubuntu for PS3 v8.10 alternate – Torrent

Ubuntu for PS3 v8.10 alternate – Direct Download

After downloading, burn the image to a CD-R and install as you would any OtherOS install. There are many generic and also Ubuntu specific guides for doing this, so I won’t cover that here.

Once you have Linux up and running you should log in using the username you created during install. Now open a terminal (Applications->Accessories->Terminal). You can enable the root account by creating a password for it by typing “sudo passwd”. You then enter your current users password once and then the new root password twice. The root account will now be usable.

Now type “su” and then enter the new root password to get root access. Create a dir to put everything in. You could probably create this in your home directory, but I created it in the root of the filesystem so that I can share it between root and my user account as well as setting up access to it via samba from my PC. To create the dir do “mkdir /ps3share”, you can call it anything you want, I call it ps3share because I share it with my PC over samba. Now allow all users to read and write to it by doing “chmod a+rw /ps3share”. Finally give ownership of it to your normal user account by doing “chown username:username /ps3share” where username is your username.

Next you need to get the “fixed” exploit software onto your PS3. Using a USB flashdrive is easiest. Copy the extracted files onto it from your PC, then insert it into your PS3. It should automount and bring up an icon on your desktop. Double click the icon to open the file browser. Right click on the USB drive in the filebrowser and choose to “Open in New Window”. Then on the left side of the file browser select “File System” and then “ps3share”.  Now drag the files from the USB drive into your “ps3share” directory.

I have included a binary of the exploit file for those of you who don’t want to build it yourself, but for those who do here is how. First you need to fix the location of the kernel headers so they can be found by the build scripts, so do “mv /usr/src/linux-ports-headers-2.6.25-2/ /usr/src/linux-headers-2.6.25-2/”. Now change to the directory with the exploit source in it “cd /ps3share/ps3_exploit_fixed/src” and then build it by typing “make”. There will be a lot of warnings but it should create the file “exploit.ko”.

You are now set to run the software side of the exploit. DO NOT run it from this terminal while in the GUI, it should only be run from console mode. If you do run it you will not see anything happening, but your PS3 will suddenly become really slow and you will have to turn it off. More about the running of it in a future post.

A summary of the commands to enter at the terminal is below:

sudo password
(then enter users password once, then the new password for root twice)
su
(then enter root password)
mkdir /ps3share
chmod a+rw /ps3share
chown username:username /ps3share
(where username is replaced by your username)
Now copy the exploit files into /ps3share.
mv /usr/src/linux-ports-headers-2.6.25-2/ /usr/src/linux-headers-2.6.25-2/
cd /ps3share/ps3_exploit_fixed/src
make

done!

79 thoughts on “PS3 Exploit: Software

  1. I’ve dumped the Hypervisor and I’m starting to analyze the code.
    Is there any place where progress in HV disassebly are collected ?

  2. Pingback: Communauté des Elfes Noirs | La PS3 piratée a son exploit…

  3. thanks for this xorloser,browsing with ps3 right now,i look forward to having no restrictions to linux on ps3 so please feel free to contact me regarding any kernel testing @msn.com .or at Kuki Linux

  4. Pingback: [PS3] GeoHot Opens All HV’s SPUs / XorLoser Preps Manual

  5. Pingback: PS3 Exploit Released - PS3-Media.nl

  6. OdaMatheus:

    That is the worst excuse I have ever heard. If you want to play burnt games like the rest of us just say so. If a game is so damaged it cant play there is a good chance for data loss when you back it up.

  7. Pingback: PS3 Owned! |

  8. You are the best, you are my hero this is the best new in spain in this moment.

  9. so once u hacked the ps3 what can u do i mean does it play games with out the cd well im just not getting it im a hacker but i need more informaion about what it will do my hot mail is here to message me king-gil-@hotmail.com

  10. No anda, nose para que mierda se ponen hacer boludeses con cosas tan caras. Por favor no rompan mas las bolas.

    Gracias

  11. Pingback: Here’s your silver platter « Games Info

  12. ey me interesa hackearlo pero necesito saber algo

    - si lo hago podre jugar online
    - podre jugar cualquier pelicula original despues de esto
    - hay riesgos de dañar el play
    - sirve en el modelo cechl de 80 gb
    - podre jugar pelis de ps1 y ps2
    - como saco copias pirtatas, en dvd o blu ray

    amigo ademas habra posibilidad de almenos guardar las pelis en la memoria del ps3 como los psp

    gracias

    abajo los anti exploit

  13. Hey, I’ve done all that’s said here, but how do you actually execute the hack? What command line(s) do you have to enter?

  14. For everyone looking to use burnt games this won’t do anything for you. If you’re just after a bit of casual hacking this probably isn’t for you either, you need to crack up your PS3 and pulse a line on the motherboard low for about 40ns (which is going to be hard to do without extra electronics). I haven’t bothered myself so I’m not even sure if you need to do this every time you boot, although I imagine you do. Might be a cool thing to do just to say you’ve done it, but for me it not worth doing as I’d have no idea what to do afterwards.

  15. this linux does not boot ? whats wrong there is no exe file in it…anyone has downloaded this? man make sure of this linux it doesnt boot in anyway

  16. Pingback: Here’s your silver platter | How to Hack Ps3

  17. so.. it will not work on v3.30, does it?
    your links is not working, though “404″

  18. Ok I have been reading, and I have one question, will this allow me to play online again, with updating, I have MAME installed on Yellow Dog 6.2 and I do not want to lose it, although I would like to play Call of duty online,

  19. will this hack work if you have updated your ps3 to ver 3.21 and other OS has been removed because there is no current way to install any lenix with out other OS also in english how do u install geo hots exploit he says lines of script and memory i got download but what is he talking about do you put it on usb stick or what. some one make a youtube vid explaining how to install the exploit

  20. No the exploit does not work with 3.21 or higher you must be on 3.15 which is the last update that has linux. Although when someone finds a hole in the xmb which geohot said had no holes…since he quit we’ll have to wait for someone else to take over.

  21. Pingback: Последние 17 постов c блога geohotps3 | Девелоперские будни

  22. I never tried doing this but I think I’m gonna try. The Ubunto Linux System is quite a good system that I have used in my PC but not on my psp. Will this really be compatible? Thanks!

  23. Pingback: WIP: PSGrade code released, but no working keys yet! - Page 27 - PSX PS2 PS3 Scene Modchip & Jailbreak Community

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>