For prosperity, the first successful PS Vita glitch during a SD Boot sequence:
A retail first_loader dump for good measure.
mega.nz/file/Ek8CALQR#
Pinned
Follow
Mathieulh
@Mathieulh
Cogito ergo sum • uninhibited Asperger • task seeking engineer • problem solver • polyglot • PGP Fingerprint: DF46 8C79 5D1A 76FF 75B2 C345 4679 EDEF 1B5B B192
Mathieulh’s posts
To whom it may concern, if you ever plan on hacking your Playstation 4, DO NOT UPDATE TO THE 5.50 FIRMWARE; the best firmwares to stay on (from best to worse) are:
1- 4.05
2- 4.55
3- 5.01
4- 5.05
(1/2) Here comes the first PS VITA (devkit) to be unbricked! It turns its previous owner (a SIE engineer) bricked it flashing the wrong sysmem.skprx file in the active OS0 and never bothered to unbrick it. It's been fixed using SDBOOT and glitching.
r96810/release_branches/release_05.550 May 10 2018 11:36:21
#ps4 #kernelstrings #PlayStation #5.55meme #because_I_can #having_fun #first!
Dear your security is meh...
#I_know_your_engineers_can_check_that_timestamp
I can confirm that my Android Shield TV from circa 2015 can do the same thing and doesn't need to be rooted to do so.
Quote
Can confirm: the new Apple TV 4K is powerful enough to emulate GameCube games at full speed 
2:02
Woops! :P
It looks like whatever engineer wrote this altered his message a bit since it first appeared in 0.996.070 Vita's secure kernel xD
New Hacked OG Xbox Emulator for xbox 360 release !
External resources no longer get unloaded while running the XEFU emulator! This means features such as the Aurora/FSD HUD addons work within the emulator!
mega.nz/#!Bs91CAyC!AZt
She's ruined it so much that Germany is the fourth economy in the world.
Think before you tweet (duh!)
The Playstation 4 5.xx kernel exploit works great on testkit!
I got myself those awesome screenshots of the Oni debugger running on my testkit :)
I just patched the 2018 Xbox Compatibility Update to work on Xbox 360 Development kits/RGH/JTAG without region/media/signature/whitelist checks and so on.
Enjoy! (I guess).
mega.nz/#!Ep11RKgC!zcc
The irony of the actual psvita system debuggers used to debug psp/pspemu exploits getting in the hands of one of the most notorious psp hacker there is (me), cannot be overstated xD
Have you heard of something called Management and another thing called resources allocation?
Engineers aren't decision makers and don't multiply themselves either.
PS Vita NSBL (Non-Secure Bootloader) Fun!
Versions 3.60; 3.61; 3.65 and 3.67 were all dumped.
Thanks to for making this possible! :)
Well the Mira project is now live! Congratulations to everyone involved!
github.com/OpenOrbis/mira
Replying to
This policy is illegal as provisioned under EU laws, where your company services customers. I am therefore not obligated to comply, and if you force me, you'll be hearing from my lawyers.
Any refusal to abide to EU law may get twitter a fine up to 20% of its revenue.
Interesting, Analogue didn't protect their GBA BIOS against dumping, so I assume their BIOS can be reused in the openfpga core if you so choose.
SHA-256: 17FE9299866EE954D4BE3692521F0C8C81745853368A2FCC7DDEE10CC8112054
Just so you know, Sony sent all their PS Vita system debuggers for destruction. There will be no newer vita firmware ever, support is fully dead as they won't have any units left to do firmware QA.
If you haven't seen it before, this is the only official PS Vita accessory port "accessory" in existence, this was used in factory to test the factory port and is basically an accessory port to usb 2.0 host adapter.
Replying to
It's actually 300 tramadol TABLETS, in a country where these are a controlled substance that's highly sought after by drug addicts. Do the math, who in his right mind needs that many painkillers? The woman was obviously a mule. She played with fire and she lost.
Happy M33 10th anniversary everyone!
As of today M33 along with Despertar Del Cementerio are now officially open source! (under GPLv3).#M33
Quote
The 5.05 kernel exploit stack is now released! It includes the kexploit and autolaunches homebrew patches and mira. On subsequent page loads it listens for payloads. Source is up here github.com/Cryptogenic/PS
Here are links to the repositories:
Despertar Del Cementario:
github.com/mathieulh/Desp
M33:
github.com/mathieulh/3.90
Enjoy! #M33
It's pretty neat, one of my "Junk" PSX is actually fully functional ! Go figure xD
So it's been officially unveiled, there will be a full 5.05 exploit chain for ps4 published/released within the next few weeks. You can stop asking about ETA every 5 minutes now!
To PSP (and incidentally PS Vita) developers, a surprise awaits on March 33rd (April 2nd) to celebrate the 10th anniversary of M33! #M33
I hate obnoxious people who believe I should live for and dedicate my work to them.
The Playstation Vita has proven to us all how this is such a great idea!
Quote
Xbox Series X Will Require Proprietary Cards to Expand Hard Drive Space dlvr.it/RRzTyV
Sure enough, it's dead. I barely used my #WiiU. I am pissed. I used the isb descriptor hack to set the boot title back but sure enough that didn't fix anything. You can't trust Nintendo to not engineer timebombs into their consoles it seems
r91210/release_branches/release_05.530 Mar 28 2018 05:41:01
#playstation #ps4 #kernelstring #because_I_can
. You are infringing on the GPLv2 license, please provide the source for the MontaVista Mobilinux for EMMA Mobile 1 modules used in the Playstation Vita PDEL-1001 and DEM-3000 communication processor units. This is a LEGAL REQUIREMENT. Thank you for your understanding
Latest 2019.12.09 Build of the 5832 hacked fusion emulator available here:
mega.nz/#!Mg1W1K4S!ZFC
I am tired of people asking me for a 5.55 kernel exploit every 5 minutes.
#blocked
I love it when PS Vita devkits with internal firmware containing bootloaders with leftover debugging features show up in the wild :)
Remember, there is currently no plan for a public release of an exploit stack on higher firmware than 5.05, so do not update past that firmware!
Sony Interactive Entertainment only seem to comply with Open Source licenses and Intellectual property laws using their own, somewhat dubious interpretation.
That's now how Intellectual Property law works however.
After messing with PS3 Arcade HDDs, I finally, after many years (and a lot of issues with couriers), get to own one of the actual units!
Quote
system 357 and 369 ps3 ARCADE HDD crypto, PWNED ! :P
Quote
crack.bargains/hax455.txt
(1/2) PlayStation Vita glitching setup. This is, from left to right, a chip whisperer lite connected to the kermit power rail, a usb logic analysizer connected to a sd2vita and vita uart to monitor SD reads in bootrom service mode, a psvita retail board modified ...
Replying to
France is the biggest contributor between 2014 and 2020. (€1.6bn) It didn't wait for the war to start, but whatever.
Good luck putting any resistance to the Russian military without weapons.
Another Playstation Vita first_loader has been dumped, this time from a CEM (thanks to an anonymous user who let me borrow his board)
Here is a link to all the builds that have been dumped so far :)
Playstation 4 4.55 full exploit implementation (userland + kernel)
courtesy of !
Enjoy!
crack.bargains/455/
The "PS4-5.01-5.05-Kernel-Exploit-BY-Anonymous" that's on github is a fake and will not work.
Please stop asking me about it.
Vous oubliez de préciser que cela s'est fait parce-que Assange est resté cloîtré dans une ambassade à attendre la prescription.
PS Vita owners, if you still have CMA backups of expired Playstation Plus games, or still have them installed, don't delete those! #NoNpDrm
It turns out the PS4 version of Castlevania Dracula X Chronicles runs ps4 executables of the games while using the ULES-00841 version of the PSP ISO (even for the US build) for assets. And here I was hoping it'd be using emulation with a special PSP build :/
Ps4 5.53 update is available, as usual, if you care about homebrews, do not update.
I modified the ps3mca FMCB installer to generate a working FMCB memory card for the PSX, it can be useful if you don't have a regular modded PS2 to generate one, for those who care.
mega.nz/file/AlVVUQpI#
Nintendo is a joke. There are still no black borders on NSO, do they really expect OLED Switch owners to play like this?
Replying to
Project Mira currently targets firmware revision 5.01, it is however being ported to firmware 5.05.
You will need a 5.01+ full exploit stack to run this.
Congratulations to everyone involved in Atmosphere's first official release!
github.com/Atmosphere-NX/
"There is no PSP hardware on vita devkits, blah blah blah...." xD
Thank you for proving this statement wrong and implementing my silly ideas xD
0:44
I just dumped the Playstation 3 Sixaxis controller firmware today, I am not sure if they ship with the same firmware but the one I dumped it from used firmware 3.40_0003
It is currently very easy to find a brand new PlayStation 4 on firmware 5.05 or lower, if you need to get into the ps4 homebrew scene, now is the time!
The Webkit exploit released today has been successfully tested on 5.01 and 5.05, I can confirm it works on these specific firmware, sorry for the delay, we had to test it ourselves and not rely on the Internet.
github.com/ALEXZZZ9/PS4-5
"Under control"... ROFL, you mean after the hundred of thousand deaths that have been swept under the carpet by the CCP? Are you willing to believe the same CCP that they have anyting (let alone the CCP virus) under control? Riiiight....
Here you go, the latest version of the hacked 2018 Xbox Compatibility Update (for Xbox 360 XDK/RGH/JTAG...) is available with Xbox 360 in-game menu (aka HUD) support!
Enjoy using your Xbox 360 in-game menu while playing OG Xbox titles!
mega.nz/#!9t8h3C4A!hph
My vita keys file is finally all filled in! :P
A small hash of some random key block for the road:
SHA-256: 84707622D08E48048EA39BD3538F08A8A3BFFB9847613B194B95FD582844DDFF
#keys_open_doors
Finally! It was hard but I found one :) There were only black ones in Akihabara.
So, to decrypt bootloaders you need .enc files (you get them from (and only from) decrypted ps vita update packages (package_0 to be exact), and decrypt the data segment (at 0x10 in the payload) using AES128CBC with key 0xAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA (iv is random)
Just so you know, unbricking a psp-3000 via service mode is now a thing :P Congrats to everyone involved!
I just dumped the DTP-T1000 (PSP Development Tool) battery emulator's (virtual?) EEPROM. Talk about reusing old tools eh?
In the light of recent events, and in regards to how Sony is bribing developers with pocket change, someone told me something to think about:
"imagine selling a bug to sony for $10k when you could have sold to literally anyone else for $100k to keep it private"
A friend gave me a scph-90004 ps2. I didn't know what to do with it so I just bought a modbo 5.0 for €10 and modded it.
