Sponsored Links

PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!
Sponsored Links
Sponsored Links
Home PS4 News - Latest PlayStation 4 and PS3 News

XorHack: The PS3 Exploit Toolkit is Now Available!

Sponsored Links
265w ago - Today xorloser has shared his XorHack: The PS3 Exploit Toolkit which allows you to call lv1 syscalls (level 1 system calls) from a normal (userspace) program and run the software required when triggering the PS3 exploit from a normal userspace program.

To quote: I finally found the time to complete the PS3 exploit toolkit software I mentioned to in my previous posts. I call it XorHack.

It allows you to call lv1 syscalls (level 1 system calls) from a normal (userspace) program. It also lets you run the software required when triggering the PS3 exploit from a normal userspace program. To give an example of how it can be used I have included the following example programs:

ps3exploit - Runs the software required to exploit the ps3, it loops a number of times which can be specified as a parameter. (This still must be used along with the "button pressing", it will not exploit the PS3 via software alone).
dumphv - Dumps the hypervisor to a file in the current directory.
dumpbl - Dumps the bootloader to a file in the current directory.
dumprom - Dumps the system rom to a file in the current directory.

The XorHack package contains full sourcecode for everything including a rewrite of geohot's exploit sourcecode to make it easier to read and understand (the new file is kmod/exploit.c).

The rewrite doesn't just fix the compilation warnings, it attempts to replace all "magic" values with the algorithms and reasoning as well as tidying up the code and commenting it all. I also added another syscall #21 to allow executing of code in hypvervisor context. Due to the associated complexities it is not available from usermode, it is for advanced users to make use of in kernel space.

Some small changes were also made to the timing and the text that gets printed onscreen to make the exploit easier and hopefully more stable to use. I recommend XorHack when both looking into how the exploit works and when actually triggering the exploit.

XorHack is made up of three parts. The kernel module, the userspace library file, and lastly the userspace programs themselves. To build all three parts you need to first extract the contents of the XorHack zip file to a directory on your PS3 harddrive. Next you need to navigate on the command line to the directory you extracted the files to.

You should be either logged in as root or running as root thanks to the "su" command. Now type "make" to build all parts of XorHack. Then once that completes type "make install" to install all parts of XorHack. If you wish to you can type "make uninstall" in this same directory to remove all of XorHack from your system. When you install XorHack on your system it will always be ready for use, even after rebooting it will be automatically reloaded and ready for use.

To use XorHack to perform the exploit on your PS3 first install it as per the directions above. You then need to switch to a console only mode (no GUI). This is required because it is the only way you can see the printed messages from the kernel module to know when to press the button. Once exploited all other programs can be run normally from a terminal window in GUI mode.

To switch to console mode press Ctrl+Alt+F1 on your keyboard. To switch back to the GUI mode press Ctrl+Alt+F7. When you enter console mode you will be greeted with a login screen. Now login with your normal user account and password and type "ps3exploit 100″.

This will start the exploit looping 100 times in which you need to successfully glitch the console by pressing the button on your glitch hardware. The idea is the perform the glitch when nothing else is occuring on your PS3. Therefore some things you may want to try when exploiting to help your chances are:

•Only press the button once per loop.
•Try to press the button around the middle of the pause between two concurrent prints of the "press button" message.
• Don't start pressing the button till after the 10th "press button" message (by this time the system should done loading and preparing the newly running code, so less likely to interfere with processes that occur during these stages)
• Run the ps3exploit software after initially booting up the PS3 and switching to the console login without first logging into the GUI mode.
• After booting the PS3 and switching to the console mode straight away, log in and then wait about a minute before running ps3exploit so that any processes that may occur upon login/startup have completed.
• Don't use any services that will cause more processes to be running until the exploit is completed. This includes things like accessing your PS3 over samba.
• Once you have successfully exploited, stay in console mode as there is less chance of instabilities causing havoc and crashing your PS3.

The PS3 Exploit Game! Once you can run the exploit it's time to turn it into a game. Think of it as a cross between getting the turbo boost at the start of a Mario Kart race and Dance Dance Revolution with a finger pad.

The aim of the game is to exploit your PS3 as quickly as possible without it crashing. Below is my highscore table picture showing my highscore of THREE!

XorHack: The PS3 Exploit Toolkit is Now Available!

Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene and PlayStation 4 scene updates and fresh homebrew PS3 Downloads. Enjoy!

Comments 31

• Please Register at PS4News.com or Login to make comments on Site News articles.
#31 - TUHTA - 261w ago
TUHTA's Avatar
thank you so for help CJPC!

I just typied sudo -s than i got root and installed completly!

Thanks for the help!

#30 - CJPC - 261w ago
CJPC's Avatar
Quote Originally Posted by TUHTA View Post
well how to grab entire text? Ctrl + C?? or how..

Yeah, just copy and paste it - select the text, hit Edit -> Copy!

#29 - TUHTA - 261w ago
TUHTA's Avatar
well how to grab entire text? Ctrl + C?? or how..

#28 - CJPC - 261w ago
CJPC's Avatar
Quote Originally Posted by TUHTA View Post
getting this picture below now..

Can you take the entire output, and paste it here or, save it as a text file and attach it please.

#27 - TUHTA - 261w ago
TUHTA's Avatar
getting this picture below now..

#26 - CJPC - 261w ago
CJPC's Avatar
Try running make / make install with sudo, ie:

[Register or Login to view code]

#25 - TUHTA - 261w ago
TUHTA's Avatar
hello everybody!

Guys please help me! Cant install it I just copied everything to my Ubuntu 8.10 desktop. Moved to folder where i unpacked archive. Typed make. That something happend and it say no files or such directory. And errors. And say make[1] and e.t.c.

And than make install and errors again it isn't working.

Please help, this is screenshot!

#24 - denunes - 263w ago
denunes's Avatar
for those whos able to do the exploit trick and know what are doing, does anyone try to see if the HV is working under the 'recovery' menu options?

just by example while the ps3 is doing a 'restore file system', 'rebuild database' or a 'restore ps3 system'.
that's some operations that sony uses to fix little errors in ps3. the HV do some work in there, or it is disable?

maybe there is a way in that menu.
my 2cents

long live for homebrew apps in ps3!

#23 - PS4 News - 264w ago
PS4 News's Avatar
Another update from the blog:
Skywalker of Hitmen

hey geohot, metldr is running, and from its size and the ELF section layout of the other loaders i would now assume metldr loads those below its own mem in LS instead of replacing it, thus keeping metldr alive while crossloading different loaders during session, what do you think about this ?

#22 - CJPC - 264w ago
CJPC's Avatar
Attached as metldr.zip is an extracted metldr from one the dumps of a Debug PS3 on FW 1.92. Hopefully it provides some insight for you guys!


Sponsored Links

Sponsored Links

Advertising - Affiliates - Contact Us - PS4 Downloads - PS4 Forums - Privacy Statement - Site Rules - Top - © 2015 PlayStation 4 News