PSP Hacking – A trip down Memory Lane

Well, weÂ’re at a crossroads with regards to PSP Hacking, what with the announcement of a PSP Modchip. And co-incidentally, IÂ’d been working on an article pretty much related to the history of PSP hacking. So what better time to present it? Well here goes.

IÂ’m sure our readers are quite curious about the history of PSP Hacking. I can state that about 60%-70% of our readers have joined us within the last 6-8 months. And trust me, your time hasnÂ’t been as exciting as the first few months after the release of the PSP.

WeÂ’ve had the Firmware Updates, the eLoaders, the ISO Loaders, and loads more, and just about everyone knows about them. But far too few people know or remember the first few weeks/months when the PSP came out.  Lets go on a small journey, shall we?

Full article after the jump. You know you want to read it – history is good for you!

Well, weÂ’re at a crossroads with regards to PSP Hacking, what with the announcement of a PSP modchip. And coincidentally, IÂ’d been working on an article pretty much related to the history of PSP hacking. So what better time to present it? Well here goes.

I’m sure our readers are quite curious about the history of PSP hacking. I can state that about 60%-70% of our readers have joined us within the last 6-8 months. And trust me, your time hasnÂ’t been as exciting as the first few months after the release of the PSP.

WeÂ’ve had the firmware updates, the eLoaders, the ISO loaders, and loads more, and just about everyone knows about them. But far too few people know or remember the first few weeks/months when the PSP came out.  LetÂ’s go on a small journey, shall we?

First, let me introduce the guy whoÂ’s been one of the most instrumental people in PSP hacking:

Nem – the guy who started it all. You could call him the ‘Father of PSP homebrew’. Yep, surprise! ItÂ’s not Fanjita. IÂ’m actually surprised that few people know him. HeÂ’s the guy (along with SEC-Saturn Expedition Committee) who released the first homebrew application for the PSP, a Hello World application.

People who’ve been programming would know that the Hello World app is the first step to any programming. Whether its console hacking, or learning a new programming language, a Hello World application is the first step. And on the PSP, it’s even more important. Since the PSP is so tightly locked by Sony, a Hello World application is definitive proof that you’ve got code running. Sure, you always get the “crash” when you do something which wasn’t meant to be done, but a crash does not always mean that it can be exploited to result into something. A few examples would be glitched videos, images, or other files. Few of these glitched files have actually resulted into something. That’s the reason why a hello world app is the most important.

So letÂ’s do a bit of a flashback, shall we?
First homebrew on a 1.0 – Hello World
First homebrew on a 2.0 – Hello World (Technically, the first homebrew was just a small app which painted the PSP’s screen, but Hello World was definitive proof)
First homebrew on a 2.xx– I’ll safely assume that it was a Hello World app. Maybe someday, I’ll verify it with Edison Carter.

By now, IÂ’ll assume that you know how significant a hello world app is. So letÂ’s take a ride to a magical moment in PSP hacking. The first ever unofficial code on a 1.0. IÂ’ll quote Nem from his post on the PS2DEV Forums.
 

“Greeting fellows. It’s Hello World for PSP.
Hello World, PSP!
Runs only on PSP 1.00.
Place EBOOT.PBP at directory PSPGAMEHELLOPSP of Memory Stick, and
you will find HELLO WORLD at GAME -> MEMORY STICK of XMB.
To shutdown, hold up power switch several seconds, or remove battery.
All scratch code, compiled by ps2dev toolchain.”

Yes, this simple program was going to be one of the greatest moments in PSP homebrew history. Who wouldÂ’ve thought that?

So what did Sony do? Release a new firmware 1.50, blocking all homebrew, before the psp was launched outside of Japan. (There wasnÂ’t much back then anyways). The new US owners of the PSP woke up to a homebrew-less PSP! No emulators, no games, no homebrew. Period. The PSP community was once again in darkness. So what next?

For some time, nobody knew. All the PSP users in the US and the World were praying for homebrew. And their prayers were answered. On June 15, 2005 (Less than a year ago!), a Spanish group called PSP-DEV (Comprising mainly of CybBlade, Pawstick and Killer-X, not related to PS2DEV in any way) released the first exploit for 1.50 PSPs, Swaploit. the method, crude. But who cared? Firmware 1.5 now had all the homebrew that 1.0 had been known for.

It worked by swapping Memory Sticks while starting the application. Like i said, crude. But definitely functional. But programmers are known for their laziness. Not while programming, but usually with everything else. So were they going to stop? Nope. Just a week after swaploit, PSP-DEV released KXploit. That finally meant that 1.5 homebrewers didnÂ’t have sore fingers or broken nails.

And then Sony released another update! Multiple actually, but commonly referred to as 1.5x. And a useless one at that. This was the first of many “security fix” updates. And it showed the lengths to which Sony would go, just to block homebrew. I’m not quite sure of the difference between 1.51 and 1.52. I read somewhere that the 1.51 psps were simply refurbished ones, and you shouldn’t have had one of them. Anyways, the 1.5x firmwares will go down in PSP hacking history as the only two uncrackable ones. There was no vulnerability discovered. I won’t say that they were uncrackable, just that nobody had a good look at them.

By now, the people were becoming restless. There were hardly any good games out. And the psp had hardly delivered any of its “Personal Media Player” promises. Sure, you had movie playback, and mp3 playback, but that’s it. The movies supported were low-res mp4 ones and audio playback was only mp3 and atrac3. And this was attracting a lot of media attention. Sony had to do something to silence everyone. Enter 2.0

One of the first firmwares which tried to fill up the void which Sony had left after announcing great things before the PSP came out. It bundled a web browser, AVC movie playback and wav, mp4-aac audio playback, and support for a few new image formats including TIFF (more on that later), plus a few additions. Supposed to be the firmware which forced every homebrew-lover to update, it did its job quite well. The web browser was the main reason why so many people upgraded. Although it received a lot of good reviews for having tabbed browsing, it was still another half-baked cake.

Since it borrowed netfront’s code it also shared a few irritating things with the original. It ran out of memory too early. And it didn’t support Flash. People were once again discontented. The various “please make a downgrader” threads on every PSP community forum are witness to that fact. The hacking community had another challenge on its hands. Were they going to be successful?

For some time, nobody knew the answer. And then it happened! It was known that the PSP was using libTIFF to display the TIFF images. And there was a known vulnerability in the version which the PSP was using. So, Skylark, Niacin and a 3rd anonymous person tried to exploit it. And they were greeted by success! Using a buffer overflow in the library, they were able to paint the screen with color. And it was quite a big achievement. But it still didnÂ’t run code.

 

It was now time for the second stage. Exploiting the hole so that useful code could be run. And Groepaz of “Hitmen” group was the first successful person to display “Hello World” on 2.0 PSPs. The homebrew community, now quite aware of the significance of “Hello World”, was thrilled to hear of this great news. It was now time for the real homebrew to come by the truckloads.

But it didn’t happen. The process to develop exclusively for 2.0 was still difficult. You needed a bit of Assembly knowledge, which was hard to come by, since most of the developers were still new to development itself! Around this time, MPH released a downgrader out of the blue. Nobody was expecting it. But sure as hell, after the multiple fakes by shady people, this was the real thing! And it created a huge buzz. All the PSP sites which hosted the downgrader faced huge traffic due to the mad rush. And again, the forums were alive with people who were new to the whole 1.5 “KXploit” thing. And this time, the community welcomed them with open arms, making multiple guides, and in general, easing the newbies into the “1.5 scene”

But there were a few who didnÂ’t want to give up the new Web Browser and AVC movie playback. They waited for a solution. And it came in the form of an Eboot Loader which loaded 1.0 eboots on 2.0. And again, unlike what most people think, it wasnÂ’t Fanjita who created the first Eboot Loader for 2.0 PSPs. A guy by the name of Saotome was the first successful person to load 1.0 eboots on 2.0. Although it only ran a few eboots (including NemÂ’s original Hello World app), it was definitely a start.

And this was the time when Fanjita showed up. Yes, this late! And one more thing, his first homebrew wasnÂ’t the Eboot Loader. It was a Tetris clone, made for 2.0 using the TIFF exploit. Then on, he borrowed SaotomeÂ’s Eboot Loader code and got to work on it, creating his own Eboot Loader, now known as eLoader. The rest is history.

Right now, with firmware 2.70, we stand at a similar situation. Although a lot was promised, including a Flash Player, it was once again, a half-baked cake. Few hours after the new firmware’s release, there were complaints that the Flash capability was severely limited and not quite up to the mark. And it was true. So once again, the homebrew community is waiting for a miracle. And they’re justified in thinking so. Sony has thrown the gauntlet by blocking the GTA exploit. But the “hackers” have come up with one of the most popular solutions. A modchip. Whether it’s real or fake, I can’t tell, because I myself don’t know for sure. But regardless of that, it’s got people excited again. And that’s what I love to see. And by the way, I’m rooting for homebrew, as always. What about you?

Note: IÂ’d like to extend my greatest appreciation to everyone whoÂ’s been mentioned in this small article. Plus, IÂ’d like to thank the whole PS2DEV community for making the PSP what it is. It would have been a dark place without you guys. And prayers go out to CybBlade’s family. CybBlade lost his battle to cancer sometime in the last year. I hope you’re busy in heaven hacking God’s PSP 😉

A big “Thank You!” to Sony for the PSP, and a big “No Thank You!” for blocking homebrew.