PS3 hack source code published - Update
Nearly four years after its launch, hackers have finally succeeded in jailbreaking the Playstation 3 (PS3) game console and circumventing its copy protection system. Just days after Sony obtained an injunction preventing the sale of a USB dongle for jailbreaking the PS3, hackers have now published source code under the name "PSGroove". This apparently allows a programmable USB development board with an AT90USB microcontroller to be used to circumvent the PS3's security systems and execute unsigned code. In contrast to the PS3 jailbreak, currently PSGroove can't be used to illegally copy PS3 games.
The PS3 jailbreak and PSGroove reportedly attack consoles running firmware version 3.41 by simulating a USB hub with six devices on an Atmel microcontroller-based developer board, and sending crafted configuration descriptors to the PS3 when first connected. The descriptor is used by USB devices to indicate how many connections it possesses and whether it has an external power supply. Very long descriptors cause buffer overflows on the PS3, allowing code to be injected onto the stack and executed.
In order to circumvent the copy protection mechanism, the simulated USB hub proceeds through a number of steps and emulates connecting various devices in a specific sequence. In doing so, it triggers a series of buffer overflows allowing it to write various pieces of data and code to the stack. The final step is to execute the code.
Source code for PSGroove is widely available and is currently hosted on GitHub. Developer boards suitable for the hack are available for as little as $18. Publication of the source code appears to have stimulated significant demand for suitable boards – some online shops are already sold out.
Because the attack is specifically tailored to version 3.41, Sony can issue a firmware update to fix the security vulnerability. While the software/firmware updates from Sony are optional, only users with the latest release of the firmware can sign into the Playstation Network (PSN) to buy or play games online. Additionally, some Blu-ray movies and new disc-based games may also refuse to run if the system does not have the latest firmware. This is likely to trigger a new race between hacker attacks and security updates from Sony.
(Daniel Bachfeld / Hartmut Gieselmann)
(Daniel Bachfeld / Hartmut Gieselmann / crve)