PSP All Version Firmware Homebrew Hack Surfaces

Use Netsparker


Seen as though we get a lot of searches for PSP firmware updates and information about homebrew, I thought I’d post about this which popped up a few months ago.

In what undoubtedly will be remembered as a historic and life-changing event for PSP enthusiasts everywhere, a group of coders (Noobz and Archaemic, to be exact) have exploited a loophole in the Ubisoft game Lumines which enables homebrew-ing on all PSP firmware versions, from 1.00 to 3.50. This first ever all-firmware hack is a significant development, as homebrewing up until now has required specific versions (and usually the use of downgraders). No word yet on how Ubisoft feels about being party to this party, but something tells us Sony isn’t going to be real stoked.

I wonder how the game companies feel when its their software being used to hack something.

This made me chuckle though…

Update: On a completely unrelated note, Lumines has moved from a rank of 797 on Amazon’s movers & shakers, to the number 1 slot with a sales gain of something like + 13,166%.

Why doesn’t that surprise me :D

Source: Engadget

Posted in: Hacking News, Hardware Hacking

,


Latest Posts:


Acunetix v12 - Pause & Resume Acunetix v12 – More Comprehensive More Accurate & 2x Faster
Acunetix, the pioneer in automated web application security software, has announced the release of Acunetix v12 - more comprehensive, accurate & 2x faster.
CloudFrunt - Identify Misconfigured CloudFront Domains CloudFrunt – Identify Misconfigured CloudFront Domains
CloudFrunt is a Python-based tool for identifying misconfigured CloudFront domains, it uses DNS and looks for CNAMEs which may be allowed to be associated with CloudFront distributions.
Airbash - Fully Automated WPA PSK Handshake Capture Script Airbash – Fully Automated WPA PSK Handshake Capture Script
Airbash is a POSIX-compliant, fully automated WPA PSK handshake capture script aimed at penetration testing, it is compatible with Bash and Android Shell.
XXEinjector - Automatic XXE Injection Tool For Exploitation XXEinjector – Automatic XXE Injection Tool For Exploitation
XXEinjector is an XXE Injection Tool that automates retrieving files using direct and out of band methods. Directory listing only works in Java applications.
Yahoo! Fined 35 Million USD For Late Disclosure Of Hack Yahoo! Fined 35 Million USD For Late Disclosure Of Hack
Ah Yahoo! in trouble again, this time the news is Yahoo! fined for 35 million USD by the SEC for the 2 year delayed disclosure of the massive hack, we actually reported on the incident in 2016 when it became public.
Drupwn - Drupal Enumeration Tool & Security Scanner Drupwn – Drupal Enumeration Tool & Security Scanner
Drupwn is a Python-based Drupal Enumeration Tool that also includes an exploit mode, which can check for and exploit relevant CVEs.


Comments are closed.