PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Home PS4 News - Latest PlayStation 4 and PS3 News

283w ago - This weekend GeoHot, the hacker responsible for several Apple iPhone hacks, has returned to Sony PS3 hacking after his initial announcement a few months back and has opened a PS3 hacks blog (linked above).

He recently made this Tweet:

"I just pulled everything from the USB bus... http://pastie.org/757313 the Cell processor SPI bus, PS3 is going down :-)"

These are the latest posts on his new PS3 hacks blog:

Cell SPI

The Cell processor has an SPI port which is used to configure the chip on startup. Well documented here. It also allows hypervisor level MMIO registers to be accessed. In the PS3, the south bridge sets up the cell, and the traces connecting them are on the bottom layer of the board. Cut them and stick an FPGA between.

Quick theoretical attack. Set an SPU's user memory region to overlap with the current HTAB. Change the HTAB to allow read/write to the hypervisor! If that works it's full compromise of the PPU.


A Real Challenge

The PS3 has been on the market for over three years now, and it is yet to be hacked. It's time for that to change.

I spent three weeks in Boston working software only, but now I'm home and have hardware. My end goal is to enable unsigned code execution, making every unit into a test and opening up a third party development community, either through software or hardware (with a mod chip). The PS3 is a prime example of how security should be done, very open docs wise, and the thing even runs Linux. But it isn't unbreakable :-)

GeoHot Resumes Sony PS3 Hacking, Opens PS3 Hacks Blog

Follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 CFW forums for the latest PlayStation 3 scene and PS4 Hacks & JailBreak updates with PlayStation 4 homebrew PS4 Downloads.




#112 - semitope - 280w ago
semitope's Avatar
New Approach
The MMIO over SPI stuff doesn't appear to work, probably an efuse to disable it since the System Controller(or the bridge as I was calling it) doesn't need to use any of them.

A quick memory map:
IOIF0 = GPU = 0x28000000000(3 bytes in, 4 bytes out)
IOIF1 = SC = 0x24000000000(1 byte in, 1 byte out)
MMIO in cell = 0x20000500000
CELL ROM = 0x100(from datasheet, not seen in PS3)
XDR RAM = 0x0ish-0x10000000

On power up, the system controller downloads the configuration ring over SPI and calibrates the IOIF1 interface using the FlexIO registers. Then, according to the config ring, the reset vector is 0x2401FC00000, an address in the mapped System Controller memory. So the LV0 is sent(I can't imagine encrypted) over the FlexIO between the SC and the CELL.

So, how about this attack? Find some way to keep something resident somewhere in the memory space across powerups(does XDR go away? liquid nitrogen?). Move the reset vector there and write a little program to dump 0x2401FC00000 and somehow leak it to the outside world. Or sniff the FlexIO bus, any ideas?

I already know more about the Cell processor then I ever wanted to.


Any devs want to comment on his activities so far?

#111 - Nivdeb - 280w ago
Nivdeb's Avatar
Thank you...! I really wasn't thinking that

New twitter update


"cool, the PS3 reset vector isn't locked down to ROM, it's 0x2401FC00000 in the system controller, $10,000 logic analyzer anyone? bunnie?"

New update on his blog...

"The MMIO over SPI stuff doesn't appear to work, probably an efuse to disable it since the System Controller(or the bridge as I was calling it) doesn't need to use any of them.

A quick memory map:
IOIF0 = GPU = 0x28000000000(4 bytes wide)
IOIF1 = SC = 0x24000000000(2 bytes wide)
MMIO in cell = 0x20000500000
CELL ROM = 0x100(from datasheet, not seen in PS3)
XDR RAM = 0x0ish-0x10000000

On power up, the system controller downloads the configuration ring over SPI and calibrates the IOIF1 interface using the FlexIO registers. Then, according to the config ring, the reset vector is 0x2401FC00000, an address in the mapped System Controller memory. So the LV0 is sent(I can't imagine encrypted) over the FlexIO between the SC and the CELL.

So, how about this attack? Find some way to keep something resident somewhere in the memory space across powerups(does XDR go away? liquid nitrogen?). Move the reset vector there and write a little program to dump 0x2401FC00000 and somehow leak it to the outside world. Or sniff the FlexIO bus, any ideas?

I already know more about the Cell processor then I ever wanted to. "

#110 - semitope - 280w ago
semitope's Avatar
Quote Originally Posted by Nivdeb View Post
I really don't understand what he's trying to do... Could someone could explain it more basically?


He is trying to hack the ps3.

#109 - Nivdeb - 280w ago
Nivdeb's Avatar
I really don't understand what he's trying to do... Could someone could explain it more basically?

#108 - hellospaceboy - 280w ago
hellospaceboy's Avatar
For anyone who doesnt read Geohotz's PS3 Blog comments:

6p0120a7d5b9db970b said...
I would have put a write only protect bit in there... config only once after reset.

Did you get a trace of the registers written through the SPI and decode it yet? Sure would be interesting if all it takes is to flip a few bits in the stream on the fly... a mod chip would be trivial just using a CPLD if so.

George Hotz said...
Yep, I have a full dump and that would make a mod chip super simple. The only possibly exploitable thing is the configuration ring, and I've looked over that a bunch of times, don't see anything that quickly leads to unsigned. And the config ring is only once after reset.

But theres a whole set of MMIO you can R/W too, which is why I built this injection rig. Just watched two episodes of Jersey Shore, we'll know in like an hour if the MMIO is locked down or not.

**Update**
MMIO over SPI doesn't appear to work
I have control over the BIC(Bus Interface Controller) through the FlexIO interface though. Now I just have to figure out what these things are.

#107 - brent0r - 280w ago
brent0r's Avatar
It's good to see that he's going where no one else has tried. i'm not sure if thats true or not but it sure seems that way. it's good to read his progress every step of the way to. loving his work, the guys a legend and i have complete faith in what he's doing. i know hes going to accomplish something amazing.

#106 - Hosted - 280w ago
Hosted's Avatar
Geo is using this:
Very interesting.

FPGA today is used in a lot of products from Digital Video Technologies, Industrial/Scientific & Medical, Wireless Communications to Satellites project in orbit. Satellites and cars typically uses CAN for communication between Microprocessors.

GeoHot Rocks

#105 - Nivdeb - 280w ago
Nivdeb's Avatar
Well I think he worked on the PS3 many days yet. That's not just poping out of nowhere.

#104 - Sh1m3oN - 280w ago
Sh1m3oN's Avatar
i don't understand how this guy knows in little time, where is the point for study a possible hack for ps3. Is a genius!

Good luck for him (and we)!

#103 - Warrorar - 280w ago
Warrorar's Avatar
i would be glad if people would stop calling him kid... this sounds so unfriendly =/

but nice progress, i'm interested of he will be able to create a mod chip o.o
and if he is able. is it a way to a cfw? or to a modchip hack?

i think the best way would be getting a cfw out of it, that sony cant easily create updates which blocks the modchips.