Announcement

Collapse
No announcement yet.

PSP/DS hackers

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • PSP/DS hackers

    I'm kicking around the idea of setting up an informal meeting of the minds for PSP, DS, and portable game console hacking. I'm open to all forms of hacking, but my personal focus for this discussion is to probe alternative uses for the ubiquitous game systems in performing network/computer intrusions.

    I'm planning on submitting a paper on this for ToorCon this year covering this topic. With very little tweaking I have done a bit of wireless exploration with my Sony PSP, and have tested it out as a non-obtrusive storage device and connected to computers of interest (drop a backdoor, etc). But I would like to include any provable hacks others have done .., ie: modifying "homebrew" code to do more than surf the web on an open network, etc.

    Physical hacks to the PSP or DS are also of interest, especially if they help facilitate the above grey areas.

    If you are of like mind and want to form up a network for future discussions then email me at squidly1 | at | cryptomail.org. I'm looking at either grabbing a table at the AP bar, the AP snack area or anywhere within reasonable walking distance (with food / drink) where we might talk for an hour or so. We'll work on a time and place soon - depending on the interest level I get.

    - Squidly1

  • #2
    Originally posted by Squidly1
    I'm kicking around the idea of setting up an informal meeting of the minds for PSP, DS, and portable game console hacking.
    I'm actually rather interested in the idea of hacking the PSP - given the combination of its size, display, and power, it seems like a good candidate for turning into a 1-DIN form factor mobile computer. What'd be particularly interesting (to me, at least) would be the possibility of attaching external devices.

    Comment


    • #3
      Originally posted by Squidly1
      I'm kicking around the idea of setting up an informal meeting of the minds for PSP...
      Check out this thread for at least one other user interested in the PSP.

      Comment


      • #4
        If there is a PSP hacking meeting, I'll be there. I've been wanting to hear ideas on what this puppy can do :)


        Web Hosting --

        Comment


        • #5
          I might be interested as well, I don't own one but some of the other locals here have already been working on stuff with them.

          Comment


          • #6
            Alrighty. That's enough, so far for, a booth at the bar and part of a table in the snack area. Good start. I'm bringing my PSP with some of the tools that have been developed for it - so far. I've got about four separate items that, if merged and given a little more capability, would turn any *non* upgraded (firmware 1.50) PSP the ability to do some excellent wireless recon.

            Here's my current limit: Some coders have not shared their sources (not a huge issue), and I have not found a definitive way (written in English) that details how to disassemble data.psp files (the important file in those nice little eboot.pbp files). Once I have some key bits of code from those sources, I can see about roughly knitting together a "Swiss army" tool for the PSP. My goal is not make a tool that will turn a PSP into a portable hack box, it's to prod the hardware a little.

            I hope not to have to use PSPVNC as a backbone for this tool - as you need a sympathetic computer to communicate with. I would rather see how much the PSP can be coded to do by itself (simple port probes, log simple AP and AdHoc info, surf via open APs (without Wipeout Pure), telnet, ftp, etc). Right now there's a Japanese hacker that has released a web broswer for the PSP (it's in Japanese, but intuitive to use). Only glitch is that he's got an .INI encoded with his DNS servers and portal website (all Japanese, not intuitive ; ). I believe a simple hex edit will solve this - and at least I will be able to show you all that at the meeting ; ). May actually have my portal up by that time...

            It's a darn shame that I didn't pick up (WAY MORE) more Japanese when I was living there, else I might be able to shmooze with more of the code hackers over there for some assistance.

            How does 1300 on Friday *** or *** 1400 on Sunday at the AP Bar sound? VOTE WHICH ONE YOU WANNA TRY FOR HERE. On whatever day we pick, I'll be the frumpy gal sporting short dark hair, wearing a mostly grey PJ bottom with little white skull & crossbones on it, taped up Birkenstocks, and whatever shirt I could buy at the vendor area.

            To get ahold of me after Wednesday afternoon email me at squidly1 | at | cryptomail.org. Haven't found a secure chat that more than 10 people seem to use, else I'd have ya chat me.

            - Squidly1

            Comment


            • #7
              I'm interested in any wireless appliance whether PSP on not, so I'd like to see this. Sunday is out of me, since I'll be speaking then.
              Thorn
              "If you can't be a good example, then you'll just have to be a horrible warning." - Catherine Aird

              Comment


              • #8
                Originally posted by Squidly1
                How does 1300 on Friday *** or *** 1400 on Sunday at the AP Bar sound? VOTE WHICH ONE YOU WANNA TRY FOR HERE. On whatever day we pick, I'll be the frumpy gal sporting short dark hair, wearing a mostly grey PJ bottom with little white skull & crossbones on it, taped up Birkenstocks, and whatever shirt I could buy at the vendor area.
                Either one works for me... Incidentally, I'm rather ignorant of the PSP in general, so any sort of quick overview beyond the basic specs we could do would be rather useful for me at least.

                Comment


                • #9
                  I have a 1.5 PSP :(. Sunday will probably be better for me, but I could probably fit it in on Friday. So either one is okay with me.


                  Web Hosting --

                  Comment


                  • #10
                    Man, wish I could go to.

                    Been waiting for someone to crack the unit so I could dual boot the PSP firmware or Linux loaded on a pro duo.

                    I really haven't had much time to research, but am expecting someone will do this soon. Been checking in a bout once a month or so with this site, but it doesn't seem like much is going on. If you have any interesting links to share, please throw 'em up here as I won't be able to go to the meet (LPCON is 1-4 Friday and Saturday).

                    Thanks,
                    Kai

                    Comment


                    • #11
                      Okay. Hows about this. I'll try it on both days, @ the times listed and @ the Bar. ; )

                      To keep things kinda quick (on my part), I will prolly do a slideshow of what I have so far (pics of working and concept hacks) and whatever else I can find. And if I can get something cobbled together quick enough - some demos on my PSP.

                      The interesting bit to what I will show you is that all this development (for 1.50 consoles) is from only the last couple of months. Japanese hackers have been cracking away for a little longer (on v 1.00 consoles). Kinda makes me wonder what we might see in a year - provided I don't accidentally upgrade the ROM (heh).

                      Here's the latest on what I have been trying to do (with very limited success). I gotta find a dis/assembler for this baby.

                      My link with pics -->
                      http://schleppingsquid.net/PSP/Hacks/2CH-Browser.html

                      The discussion -->
                      http://www.pspupdates.com/forum/show...9423#post79423

                      Cya there!

                      - Squidly1

                      Comment


                      • #12
                        Originally posted by Squidly1
                        Here's the latest on what I have been trying to do (with very limited success). I gotta find a dis/assembler for this baby.
                        Oh, wow. Like, shit.

                        It just hit me that I've never, ever had to deal with pounding on something in a non-Roman character set at that level, and certainly not in a language that I don't speak let alone not even know the pictographs to.

                        Hm. Mkay.

                        Cya there!
                        Definitely... This is getting interesting. My Japanese is pretty much limited to things like 'kancho', 'bukkake', and 'basu wasu desu ka?'. Shit, I'm screwed.

                        Comment


                        • #13
                          What about the DS. :)

                          So far there are lots of folks with the PSP who answered, but no DS owners.

                          Does anybody have a DS that they've been working on, I'd be interested to talk more about the DS if anybody else has one.

                          I picked up a DS about a week ago and now I think I would like to turn the device inside out and see how many nifty things I can do with it.

                          If anybody has a passme, or a wifime compatible card bring it so I can borrow it. :)

                          If you're not familiar with homebrew DS development, here's a little background:

                          From what I understand is that the Nintendo DS side uses RSA keys to verify that code has been signed by Nintendo. It's actually pretty cool to see PKI in action on this sort of device.

                          I'll generalize here:

                          DS has public key
                          Nintendo signs code with Private key.
                          DS will not boot unsigned code.

                          The workaround is to use a cartrige that has been signed, in combination with a passthrough device, known as passme (which you can build, or you can buy premade) (or wifime.......which lets you do it via the built in 802.11 adapter) but in order to do this I need one of the following devices.


                          1. A Passme (To replace the bios)
                          2. A RALINK based wifi card (PCMCIA OR PCI) to run wifime.
                          (Wireless equivelant of passme)
                          WiFime needs a specific driver / and wireless card chipset to work due to the fact that nintendo uses a propietary protocol over 802.11 (not tcpip...... most people call it ni-fi instead of wifi)

                          Anyways, you pass the key check by using a valid cartrige, then the passme or wifime will (pass through) code from an alternate location........

                          In my case I would want to would use the passme to flash the bios with code that disables the RSA signature check.

                          Once that is done I have the GBAMP device, which is basically a GBA cartrige with a CF slot. Typically you can use this to watch movies, and play homebrew GBA code on your GBA or Nintendo DS. Well, the device is cheap, and somebody put together a custom bios out there so you can use any CF card to read and write to the CF card directly. Once the bios on your DS and CF adapter are fixed you can boot .nds code from the gba slot without the need for a passme or wifime boot solution. And yes, there is a "developmental" linux build.

                          The device also has a touch screen, and there is a touchscreen keyboard for the linux port that can be used , which gives it a unique advantage when it comes to ease of input.

                          Ultimate goal: Boot Linux on DS, get touchscreen keyboard input working (much like a PDA) figure out wireless registers, and get a TCP/IP stack onto the device. Get WIFI working........with RF monitor capability. Cross compile kismet for ARM9.

                          Nintendo DS Wifi Sniffer.

                          Comment


                          • #14
                            I am all out for hacking in the ds or psp just let me join a group and we could get some hacking goin

                            Comment


                            • #15
                              Hey, squidly, how'd this go? Sorry I missed out on it, but I'm still really interested and would like to catch up with the meeting.

                              Comment

                              Working...
                              X