02-01-2010 #1titanmkd Guest
How to Build GeoHot PS3 Exploit Easily from Kernel Build to Exploit Run
Tested on Yellow Dog Linux 6.2 (developer install) but should work on any linux distribution. (Yellow Dog Linux 6.2 DVD link: http://ydl.oregonstate.edu/iso/yello...D_20090629.iso)
Required before before to start this tutorial:
1) Have a working internet connection (to download exploit and kernel source).
2) Have at least 60MB of hard disk free for /boot/ (required to install new kernel).
3) Have at least 1GB of hard disk free for /usr/src/ (required for kernel source build).
4) Have done the PS3 hardware with a push button connected to a PIC/FPGA... to send a pulse of 40ns on the Memory Bus Controller. (else the exploit will run infinitely and lockup everything until hard reset).
Step1 building the kernel and booting on it:
1) Launch a shell and logon as root user using "su -" (required later to install kernel ...)
2) Download Linux Kernel 2.6.25(linux-2.6.25.tar.bz2) and the exploit in /usr/src/
3) Extract kernel and exploit in /usr/src/
4) Change directory to kernel directory source and use PS3 default config for kernel.
5) Build the kernel.
6) Install the kernel in /boot/
7) Install the kernel modules (required to build the exploit).
8) 8) Add new kernel config to kboot config using 720p fullscreen mode (/boot/etc/kboot.conf).
9) Reboot on newly built kernel 2.6.25 (type reboot in shell)
When kboot: appear click on keyboard "Tab" until you see kernel 2.6.25 and click on enter.
If X server cannot be launched click on cancel or NO, in any case use shell with Ctrl+Alt+F1 and logon as root.
Step2 building and launching the exploit:
1) Change directory to Exploit directory and Build it (write make).
2) Run the exploit.
3) When "PRESS THE BUTTON IN THE MIDDLE OF THIS" appear push button connected to a PIC/FPGA... to send a pulse of 40ns on the Memory Bus Controller.
Step1 shell script building the kernel and booting on it:
[Register or Login to view code]
Step2 shell script building and launching the exploit:
[Register or Login to view code]
All scripts can also be downloaded.
- Join Date
- Apr 2005
Thanks for making this handy and detailed guide titanmkd and +Rep to you!
02-01-2010 #3TUHTA Guest
Nice handly tutorial!! Rep+ to you! But what about harware part? And what to do when we ran step 2? where it will dump or how?
02-01-2010 #4titanmkd Guest
02-01-2010 #5adrianc1982 Guest
titanmkd so this means you now have a dump and are sharing with the devs? I was following the inter-dev relationships thread but saw this one and by the looks you already runned successfully the exploit. If you have run the exploit congrats and thanks for investing your time/money/console.
02-02-2010 #6TUHTA Guest
and... that's ok... but what about hardware that we need to do exploit? i mean SPI flasher or something! And how to do it?
02-02-2010 #7playforfun Guest
cool tutorial but i don't really want to open my original 60gb JP
maybe, if one of my friend would like sell me his 40gb blue ray killer, i want try this.
yep, his ps3 have 3 time blue ray drive changed but each time, the drive is dead
02-02-2010 #8Assignator98 Guest
Wow this is a great guide and +rep.
02-02-2010 #9titanmkd Guest
1) My PS3 is an old FAT PS3 still under extended warranty (and i'm sure in 6 month the BlueRay lens will be dead and I could change freely my PS3 for a new one).
2) I have not done the hardware to generate the glitch.
I'm very interested in any dumps (to disassemble it) for those who have done the little hardware and dumped the memory ...
02-02-2010 #10TUHTA Guest
i can't start your step1.sh and step.2 just open up it in console and its so quickly going closed