The first signed homebrew for psp and some thoughts on the topic
Some people call this day the date of the death of the PSP, however, on this day the first homebrew application appeared on the network, which does not require the presence of a custom firmware or a homebrew enabler. Just an application that will run under any firmware.
Briefly about how this was achieved and my subjective opinion about what will happen next .
For quite a long time, disputes appeared, boiled and calmed down on forums: the only applications that were transferred from one psp from the firmware to another without any changes were demo games. For some time, the search for holes in demo games became the main (and unsuccessful) fun of psp hackers.
Many people came up with the idea: what if you take a demo, take everything out of it except the signature and run it? At first, no one succeeded, but now comrade kgsws did it. Further free translation of his words.
')
It's simple, the application contains ~ PSP header from the demo game (UCES00206), one to one. Just need to pick up the last 16 bytes of the encrypted data block to match the header CMAC - yes, that’s the whole trick.
There are a few strange things, it is impossible to start a homebrew with a large executable block (there is no such dependency on the data block), and because of the ~ PSP header, it is necessary that the homebrew be the same size as the demo.
You can watch a video of running homebrew here .
(Update of January 17, 2011) {
In the news, the wololo comrades who became famous last year on the psp-hacker scene appeared the following news (free translation):
After yesterday’s confirmation of the concept of a signature from kgsws, the bbtgp developer interpreted that he presented a utility that could sign any Homebrew for the PSP.
<...> Still, it’s worth understanding that signed applications can only work in user mode [user mode]. I don’t think it will be possible to run applications at the kernel level, so for now forget about the ISO-downloaders or “Signed CFW” ... anyway, what we have is good.
According to bbtgp, the application was tested on the usual “hello world” prx, and worked perfectly on both psp1000 and psp3000.
The app itself is here .
} (end of update)
On the one hand, they waited so long for this: finally, it would be possible to use completely legal homebrew applications that made you keep pirated firmware and, from time to time, lose the charms of official firmware (access to the store, new firmware itself).
On the other hand, crowds oflemming schoolchildren of people will now only be waiting for the magical application to appear, allowing one button to overtake any image of any game into a digestible off-firmware look. Over time, such an application will appear.
It is absolutely clear that they will hardly ever be able to replace the encryption method of the demo versions, if they do, they will definitely leave the old one intact (otherwise you will have to shovel half the amount), it’s not quite clear how Sony will protect itself and whether it will be at all, but in the next firmware (which will require new titles) new encryption methods will be used.
In general, the future is seen as follows: homebrew will be on new firmware, there will be old titles (note that for 6.35 the alpha version of hen has recently been released, so now it is not a problem to launch already existing titles, except moral: I, for example, do not launch), new ones will require new firmware, in which there will be a new encryption method.
More likely not, than yes: if psp2 is not backward compatible with psp, then it is unlikely to become popular.
+ Over time: most homebrew launch on off. firmware. You no longer have to choose between a good video player and new games.
- The appearance of the launch of pirated games on almost all current and future firmware. Yes, it is a minus.
PS : I remind you, this is my subjective opinion, maybe Sony tomorrow will give all the girls and let homebrew on their platforms officially, I would be glad, but this course of events seems to me fabulous.
Briefly about how this was achieved and my subjective opinion about what will happen next .
Everything has ruined the demo
For quite a long time, disputes appeared, boiled and calmed down on forums: the only applications that were transferred from one psp from the firmware to another without any changes were demo games. For some time, the search for holes in demo games became the main (and unsuccessful) fun of psp hackers.
Many people came up with the idea: what if you take a demo, take everything out of it except the signature and run it? At first, no one succeeded, but now comrade kgsws did it. Further free translation of his words.
')
It's simple, the application contains ~ PSP header from the demo game (UCES00206), one to one. Just need to pick up the last 16 bytes of the encrypted data block to match the header CMAC - yes, that’s the whole trick.
There are a few strange things, it is impossible to start a homebrew with a large executable block (there is no such dependency on the data block), and because of the ~ PSP header, it is necessary that the homebrew be the same size as the demo.
You can watch a video of running homebrew here .
(Update of January 17, 2011) {
In the news, the wololo comrades who became famous last year on the psp-hacker scene appeared the following news (free translation):
After yesterday’s confirmation of the concept of a signature from kgsws, the bbtgp developer interpreted that he presented a utility that could sign any Homebrew for the PSP.
<...> Still, it’s worth understanding that signed applications can only work in user mode [user mode]. I don’t think it will be possible to run applications at the kernel level, so for now forget about the ISO-downloaders or “Signed CFW” ... anyway, what we have is good.
According to bbtgp, the application was tested on the usual “hello world” prx, and worked perfectly on both psp1000 and psp3000.
The app itself is here .
} (end of update)
And now to thinking
On the one hand, they waited so long for this: finally, it would be possible to use completely legal homebrew applications that made you keep pirated firmware and, from time to time, lose the charms of official firmware (access to the store, new firmware itself).
On the other hand, crowds of
It is absolutely clear that they will hardly ever be able to replace the encryption method of the demo versions, if they do, they will definitely leave the old one intact (otherwise you will have to shovel half the amount), it’s not quite clear how Sony will protect itself and whether it will be at all, but in the next firmware (which will require new titles) new encryption methods will be used.
In general, the future is seen as follows: homebrew will be on new firmware, there will be old titles (note that for 6.35 the alpha version of hen has recently been released, so now it is not a problem to launch already existing titles, except moral: I, for example, do not launch), new ones will require new firmware, in which there will be a new encryption method.
Death PSP and the only salvation for Sony - PSP2?
More likely not, than yes: if psp2 is not backward compatible with psp, then it is unlikely to become popular.
Plus and minus
+ Over time: most homebrew launch on off. firmware. You no longer have to choose between a good video player and new games.
- The appearance of the launch of pirated games on almost all current and future firmware. Yes, it is a minus.
PS : I remind you, this is my subjective opinion, maybe Sony tomorrow will give all the girls and let homebrew on their platforms officially, I would be glad, but this course of events seems to me fabulous.
Source: https://habr.com/ru/post/111945/
All Articles