PSP/DS hackers

well if u hit up the ps2dev.org forms u can see all the progress that has been made... i for one am all down for makeing some reletively simple network apps for it since hombrew has been acheeved on the psp (i.e. psp stubler), unfortunitly so far the only code i have gotten to run so far is done in asm... and it's not that big

Yeh. I downloaded PS2DIS to look at the DATA.PSP from the 2CH_Browser. That little monster is a little more tightly wound than I first thought. Plus, it looks like the browser calls back to a CGI on the 2CH server. Attempts to trace back the exact location of that CGI (for possible snaggage and recoding) are currently not working.

Till I can do more than look at it in a hex editor, I'm kinda stumped. Anyone know how to unpack or decompress the DATA.PSP file?

- Squidly1

lol no.. but if u want, the firmware dumps for 1.5 and 1.0 fimware are out there, just google for um. like i said all the latest info is on the ps2dev - forms

I've downloaded the latest version of the 2CH_browser (3) and it seems to be a lot faster with the page loads. The file and structure of the code (from a hex edited view) looks a little different, but handles much of the links in the same way... I had high hopes when I saw the "bookmarks" .ini file, but I haven't gotten them to work yet.

Still plugging away, but kinda stalled until I get my hands on the PSK Decryptor, or some other tool. What I have discovered is that the DATA.PSP does not seem to be a "tar'd" or compressed ELF file. And I was really hoping on that. I've trolled one Swedish pirate site and a Spanish dev board for more, but it looks like if there is a tool it's really tough to get.

I've submitted a request for the source on Fuuko-Papa's blog - in pidgen Japanese. "He" seems to be the original coder for 2CH_Browser. If he shares, this should be hella lot easier..... Now I'm worried that the CGI link I found while trolling the DATA.PSP in hex is critical to the browser or not. Won't know for sure till I see that source.

Unfortunately, the PS2DEV forum has been having MySQL issues for a few hours, and now the server is down. Else I'd check and see if anyone there had replied to my appeal or not.

- Squidly1

Partly there...

Alrighty. I have translated everything that I could. Some items are encoded and I can't seem to get to them with a hex editor. One seems to be a link to a "command" menu that (right now) seems to do little more than open up a development blog. Was kinda hoping one of those options listed would allow for imported bookmarks (sigh).

The link to the mod'd file is:
http://www.schleppingsquid.net/PSP/...20(English).rar
(remember, this will only work with v1.00 or v1.50 PSP units. Use SeiTool to covert the file to 1.50-friendly mode)

Enclosed with the mod is a pack of screenshots from the new version and a README.txt.

Link to the write-up on the file is:
http://www.schleppingsquid.net/PSP/...CH-Browser.html

Dunno if I will be able to create a similar browser from scratch...

- Squidly1

Interesting...

I hex'd around a little more and got the browser to error but not crash. I forwarded it (semi) successfully to Yahoo, and then to a portion of my website. The CGI I guessed that the browser uses to parse the website links is partly to blame for the messed up deplay of info.

Sooo d@mn close....

- Squily1

Inching closer...

I found out where the CGI came from - on Zone-H. Seems there is an arbitrary code execution vulnerability with a certain version, and it pointed me to the website that created the CGI. It's part of a popular (mostly on Japanese) BBS for websites. What we keep looking at in the original 2CH is a list of message headings - that's what the read.cgi parses. Woot!

Here's the catch - if I host something like this, it would be monsterous to my limited bandwidth. Not like my site gets hit too hard, but still. According to what I have been able to glean, someone just has to set an InfoSeek BBS up running the Global Note Script. The code just has to be tweaked to move users to the correct server for the modified BBS. Viola... The fix.

That's all without having the original code (bow down, bow down) - hehe, nah. I'll post if I can get it running in a day or so.

Now here's the clincher... Without the original code I can't add any typing abilities (or like I'd REALLY wanna do, add an independent IRC client and mini mail tool) to the current program... :(

- Squidly1