Video: PS Vita Crash CMA Debug Time via Xcode Execution Demo
Following up on my previous post, below is a video demonstration for those interested dubbed PS Vita Crash CMA Debug Time via Xcode Execution.
I just released a fast small video to show the crash and freeze of the PlayStation Vita system using Xcode Execution. I also explain how to check every information coming from the CMA to PS Vita (debugger).
Below is a pastebin with tutorial and the video that show you something interesting.. As I promise and I do what I said
CMA Debugging PS Vita Under Xcode Execution Tutorial
You need a Dev account Apple to have Xcode that you can use your MacOSX under a Development Environment
1- Launch Xcode (Spotlight -> Xcode)
2- Create a Empty Project (MacOSX)
3- Enter whatever name on the Product Name (For Example PSV)
4- A new window appear, change command-line builds use Debug than release
5- Click on BreakPoints
6- On the top menu of the Xcode, choose Product and make a new scheme and name your new scheme psv for example, press ok
7- A new windows appear that you can edit your scheme on the left menu you can see RUN click on it and edit the run configutation build configuration -> Debug Executable (you need to choose the CMA.APP) for that, just click on None to Other and here you choose the CMA.APP Debugger, you can choose ever LLDB or GDB (choose by default GDB) Launch = Auto
8- Choose Diagnostics and here active every option Memory Management (malloc, Guard Malloc, Objective-C) Logging (Memory/execptions/Dyld) Debugger (Legacy->Stop on debugger and debugstr) Click OK (don't forget to active breakpoints before click Ok) click OK
9- Plug-in your PS Vita and Click on RUN (if you are connected in Wifi you just connect fast and disconnect)
Xcode/IO Framework, etc it's the best way to exploit the PS Vita under MacOSX and as you would see, the Sony have a strong access to your kernel system that i really don't appreciate and can control everything
The PS Vita use also NFS -> Network File System and Open Remote System File that ping pong between the PS Vita and Sony Server.
Hope that would help some smart dev And here the video that show you a example of what you can do
Some PS Vita user ask me the PS Vita Windows Driver that i made it's available on the older thread PS Vita 1.50 Firmware but I reuploaded the driver that you don't need to search
Griever2Kx It's hope to you, if you want to use your PS Vita use it and update don't worry about the update right now, anyway FW 1.06 is a firmware with too much bug that give you some problem it's unstable and some app/game will not run correctly with this Firmware. It's more easy with 1.06 but also more unstable.
I updated to 1.61 (1.06 was pretty unstable and full of bugs...) to get the Netflix-App and the Ape Quest Demo from the EU-Store. It's not available in the US... hmmm and can you confirm that's an Exploit in the Demo. I think Yosh was already working on it... because he writes, that he has found an Exploit in a Demo...
i also watched at the Facebook App and it's still Version 1.00 but they worked on it...not sure if they found the exploit.
Hope your work doin' well and hope to see new tips and hints soon.
Hey Nabnab, i'm following your Thread quite a while now, and have some questions regarding the usb debug mode under 1.61. Do you have an exploit to get the vita to output the debug to usb on 1.61 or is the dump above from 1.06?
I've read throug Wololos wiki to find some more infos on savegame fuzzing, but it seems like the only method to know whats going on is to get output of something crashing, and so this is the only chance to work out an exploit.
So in my opinion it would be best to release the full method so everybody can debug and fuzz. Thanks, i'm looking forward to your answer.
PS: There must be a way out of the PSP Sandbox right?
Well no offence but i doubt that you will work with him. He faked me and the whole scene by telling you can run a 4.0 signed vsh.self on 3.55 and that all the key stuff from sony is just to hide the fact that it is not needed.
At least he showed me a encrypted file and tryied to teach me that it is a decrypted file along with asking me if i don't know how a encrypted file looks like.