Thread: Idea for PS3 Exploit
Idea for PS3 Exploit
Hello everyone. I have an idea to maybe help exploit the PS3 security. I apologize before hand if this sounds nooby or is just a dumb idea. I've been thinking for a while now that software cracking the PS3 might be harder, and would take a longer time than physically modifying the PS3.
I was thinking that, when someone uses their PS3, they don't really interact with it in a physical way. Opening music, videos or playing games, they are all done inside the PS3 through the OS. One of the ways a user has physical interaction with the PS3 is by putting in a memory stick and running music off of it, but that is really limited. So I thought, what is another way the user physically interacts with the PS3.
Of course, it's the controller. The DUALSHOCK3 controller has direct access to the innards of every PS3.
There are a list of commands in the DUALSHOCK3, corresponding to certain buttons. When you press a button, the function of the button is sent to the PS3 so you can interact with it.
So what if we connect the controller via USB to a PC, remove the old functions of the buttons, and replace these functions with 1337 code. Then connect the controller to your PS3, press certain button for certain function, and voila, you're in.
Why do I think this is different from trying to run code from a memory stick?
Because Sony has put security measures to limit interaction of the console with the memory stick itself. For example, if you go to the music menu, you are ONLY allowed to open music files. Same thing with video. The memory stick is only allowed to interact with the menu you're in, not the OS itself.
However, the controller, it does not have anything to do with the music menu or the video menu, it interacts DIRECTLY with the OS, without any limitations in its way. If it has any security, its probably very light so that it doesn't slow the time between user-input and the input showing up on screen.
Of course, I am not a coder nor a hacker. I have no idea if changing the functions of the buttons is even possible. And if it is, I don't know if the code you want to put in would fit inside the memory Sony has allowed for each button. This is just how I pictured it working in my mind.
It's just my idea, for you guys to comment on and critique.
Edit: Oh crap. It just hit me that maybe the functions of each button is stored inside the PS3 itself, and all the controller does is tell the PS3 which button is pressed. Once the PS3 knows which button has been pressed, it checks from a list the function of the button that has just been pressed, and implements it into whatever you're interacting with.
08-02-2010 #2Edit: Oh crap. It just hit me that maybe the functions of each button is stored inside the PS3 itself, and all the controller does is tell the PS3 which button is pressed. Once the PS3 knows which button has been pressed, it checks from a list the function of the button that has just been pressed, and implements it into whatever you're interacting with.
all the real code is stored in the OS...if u might remember all gamepads u plug into your pc needs some driver install.
dual shock 3 support came with an fw update ;>
It sounds like a reasonable idea but no the commands are held in the ps3 instead of the controller.
But another idea would be to add a modded chip in the controller that would programmed to send the commands.
i remember ps3news had something about a modded ps3 controller (rapid fire) but i doubt you can really do something with it... else it would have already been possible with the ps1+2 and other consoles prolly too :x
Resource exhaustion exploit found in PS3 80GB E.U Serial Set CECHKxx.
When visiting the link hxxp://www.newdream.net/crash/js2.html through the PS3 web browser, after a few minutes the bluetooth
controller will switch off and if attempting to reconnect it to the system by pressing the PS button will not initiate again.