Monday, November 30, 2009

Is your PSP Hackable?

While waiting for MaGiXieN and the rest of fine people from pspgen, wololo and his company delighted us with some information regarding on our beloved PSPs...

If you own a PSP that you bought recently and haven’t been following the news lately yet are interested in unlocking your PSP, the whole PSP scene certainly looks like a huge mess to you, and you probably have no clue if your PSP’s hackable or not. Things have been moving quite fast recently, so expect things to change soon, but here is the current state of PSP’s “hackingability” :
The following are the details for each model.

PSP Phat and PSP2000 (except ta88v3)

If you own a PSP Phat (PSP-1000), or a PSP Slim (PSP 2000) that is NOT a Ta88v3, then your PSP, independently of its firmware, is 100% hackable with a pandora battery. It’s been the case for many months now, and it will not change as the exploit used for the pandora batteries is a hardware exploit and cannot be fixed with a new firmware.

PSP-3000 and TA88v3, Firmware 5.03 and below

If you are the unlucky owner of a “doomed” motherboard, but happen to have a firmware 5.03 or below, your PSP is “half-hackable” through the laughing man tiff exploit and the associated Homebrew Enabler, better known as “ChickHEN”. “half-hackable” means that your PSP can have all the features of fully hackable PSPs (homebrew, plugins, customizable themes, ISOs,…), but unlike fully hacked PSPs, if your hard-reboot your PSP, you’ll have to run the hack again. (For those who still don’t know, putting your PSP in sleep mode works fine and is the best thing to do to keep the HEN in Ram)

PSP-3000 and TA88v3, Firmware 5.50 and above

There is no “public” way to hack these PSPs currently. However lots of exploits have been made public in the past weeks, giving developers enough material to actually work on solutions for these models. A user exploit in the Game Archer Maclean’s Mercury exists up to firmware 6.10. A user exploit in the Game Medal of Honor Heroes (including Medal Of honor heroes 2) exists up to firmware 5.55. The Kernel exploit used in ChickHEN exists up to firmware 5.50, but (is not usable from a user exploit in a game). A Kernel exploit revealed by MathieuLH exists up to firmware 5.55. Team Typhoon revealed the existence of a kernel exploit up to at least firmware 6.10, but didn’t make it public. Technically, with the current public available info, these PSPs could be hacked up to firmware 6.10 for Homebrew through the Mercury Game, and up to firmware 5.55 for HEN (isos, plugins,…) through the kernel exploit revealed by MathieuLH


There is no “public” way to hack these PSPs currently. The PSPGo cannot technically use exploits in games. Well…it can, but as soon as a game is hacked, it gets patched. So either you own a hackable version of the game and can use it, either you’re screwed. The general idea is that we cannot use games as a “good” user exploit source for the PSPGo. Exploits still exist though, and most of the time kernel exploits valid for a given firmware will work on the PSPGo, so it’s only a matter of finding a user exploit in the XMB rather than in a game.

Homebrew: User made (non official) applications. These include games such as Wagic, utilities, emulators…

ISO: In the PSP world, digital copy of a game, most of the time unencrypted, preventing it from running on an Official firmware. ISOs are often associated to game piracy.

plugin: Homebrews that are loaded in the Ram of the PSP to extend its functionalities. For example, the music plugin allows to play MP3s while playing a game or a homebrew on the PSP.

HEN: Homebrew ENabler. A program that patches the PSP Ram to allow running unsigned code (Homebrews). unlike eLoader, a HEN is in the Ram and therefore doesn’t require to be launched everytime you want to run unsigned code. To do this a HEN usually requires a Kernel exploit.

TA88v3 :A Model of Motherboard that was introduced on the PSP2000 in summer 2008. It fixes the vulnerability used by the pandora batteries. Several techniques exist to identify your PSP Motherboard. If you have a PSP 2000, the easiest way to identify if it has a “doomed” motherboard is to try a pandora kit (battery + memory stick) on it.

Note: Firmware 5.05 has been intentionally not mentioned as it was released to a very limited number of people.

Bookmark and Share


Post a Comment