- #ACTION REPLAY WII BOOT.ELF FILE INSTALL#
- #ACTION REPLAY WII BOOT.ELF FILE SOFTWARE#
- #ACTION REPLAY WII BOOT.ELF FILE PS2#
It can then be repacked into an ELF for easy loading into PCSX2.ĭue to the large number of different PlayStation 2 models released, each with slightly different DVD player firmwares (> 50.), I will focus on a single DVD player for the duration of this article: 3.10E (configured with English language in PS2 settings), as it happens to be the firmware for the console I own. There are public tools which can decrypt and extract the DVD player from EROM storage. It turns out that PCSX2 does support the DVD player it just can't load it automatically since it's located in encrypted storage and PCSX2 does not support the decryption. I'd like to thank krHacken for helping me out with that first roadblock. We need an emulator with some debugger support, which is where we hit our first roadblock: the most popular emulator for PlayStation 2, PCSX2, does not support playing DVD Videos, and no one is interested in adding support. It has 32 groups of instructions, and is interesting because it could potentially be used to dynamically manipulate internal memory state to prime an exploit, or it could be used to create a universal DVD with a menu which allows you to select your firmware version and trigger the appropriate exploit.Ĭlearly it's not practical to do most of our testing on the real hardware since burning hundreds of test discs would be wasteful and time inefficient. The interaction machine is what allows for interactive menus and games in DVD Videos. The IFO file format is probably the simplest format used, and is responsible for storing the metadata that links the video files together. For the proprietary aspects there are some freely accessible unofficial references.
Whilst the complete DVD Video specification is unfortunately behind a paywall, it is comprised largely of open formats like MPEG, just bundled together in a proprietary container format (VOB). If we think about what a DVD Video consists of there are quite a few main components, each with the potential for vulnerabilities: The console supports playing burned DVD video discs, which exposes significant attack surface we could potentially exploit to achieve our goal.
#ACTION REPLAY WII BOOT.ELF FILE SOFTWARE#
Obviously we can't just burn a disc containing an ELF file and expect the PS2 to boot it we'll need to exploit some kind of software vulnerability related to parsing of controlled data. This leaves an interesting question which I've wanted to solve since I was a child: But unlike say the Nintendo 64, where we don't really have any other choice but to resort to exploiting games over interfaces like modems, the PlayStation 2 has one key difference: its primary input is optical media (CD / DVD discs), a format which anyone can easily burn with readily available consumer hardware. The PlayStation 2 has other sources of untrusted input that we could attack games which support online multiplayer or USB storage could almost definitely be exploited. I decided to write-off that exploit as being impractical, and so the hunt continued for a better attack scenario for the PlayStation 2. Although I was successful at producing the first software based entry-point exploit that can be triggered using only hardware that came with the console, the attack was largely criticized due to the requirement of having to enter the payload manually through the controller or keyboard, and limitation of being PAL only. My initial attempt to solve this problem was to exploit the BASIC interpreter that came bundeld with early PAL region PS2s. For the best selling console of all time, it deserves better hacks.
#ACTION REPLAY WII BOOT.ELF FILE INSTALL#
You need to either purchase a memory card with an exploit pre-installed (or a memory card to USB adapter), a HDD expansion bay (not available to slim consoles), open up the console to block the disc tray sensors, or install a modchip. I've previously discussed how the PlayStation 2 doesn't have any good entry-point software exploits for launching homebrew. FreeDVDBoot - Hacking the PlayStation 2 through its DVD player Initial publication: June 27, 2020
0 kommentar(er)
