New Immissions/Updates:
boundless - educate - edutalab - empatico - es-ebooks - es16 - fr16 - fsfiles - hesperian - solidaria - wikipediaforschools
- wikipediaforschoolses - wikipediaforschoolsfr - wikipediaforschoolspt - worldmap -

See also: Liber Liber - Libro Parlato - Liber Musica  - Manuzio -  Liber Liber ISO Files - Alphabetical Order - Multivolume ZIP Complete Archive - PDF Files - OGG Music Files -

PROJECT GUTENBERG HTML: Volume I - Volume II - Volume III - Volume IV - Volume V - Volume VI - Volume VII - Volume VIII - Volume IX

Ascolta ""Volevo solo fare un audiolibro"" su Spreaker.
CLASSICISTRANIERI HOME PAGE - YOUTUBE CHANNEL
Privacy Policy Cookie Policy Terms and Conditions
PlayStation Portable homebrew - Wikipedia, the free encyclopedia

PlayStation Portable homebrew

From Wikipedia, the free encyclopedia

You have new messages (last change).
This article or section may contain proseline.
Please help convert this timeline into prose or, if necessary, a list. (help)

PlayStation Portable homebrew refers to the process of executing unsigned code on the PlayStation Portable.

Contents

[edit] Origins

In May 2005, it was discovered that PSPs using the 1.00 version of the firmware could execute unsigned code. This meant that PSPs could be used to run homebrew software, as there was no mechanism to check if the code had been digitally signed by Sony. A proof-of-concept "Hello World" was released to demonstrate this. This resulted in the release of a number of homebrew software, which were all built with the GNU GCC and GNU Binutils, modified to produce code for the PS2 and PSP (MIPS processor devices).

In addition, it became possible to dump Universal Media Discs (UMDs) using a homebrew technique. These dumped UMD images can be written to a Memory Stick and executed, performing in exactly the same way as if they were being read from a UMD.

[edit] 1.50 homebrew

It was discovered in June 2005 that unsigned code could be run on a firmware with version 1.50. The discovery allowed early US PSP adopters to run homebrew which quickly led to articles appearing in the mainstream.[1]

Two ways were developed to run unsigned code. First, through the use of an exploit known as "Swaploit", and later, via the safer 'KXPloit'.


[edit] Swaploit

Swaploit was released on June 15, 2005. It was created by a Spanish team and involved swapping between two memory sticks at the launch of the game, before it crashed with an error, to run the selected homebrew. There were reports of failing memory sticks using this method, but none have been verified.

[edit] KXploit

Developed by the Spanish Killer-X, KXploit exploited a misuse of the sprintf function of the PSP by having another folder named exactly the same with a percentage sign after the file name (eg game and game%). The percentage folder contained no data aside from images and a PARAM.SFO. The folder without the % had only a DATA.PSP, the file containing the code. The problem with this exploit was that corrupted data would show on the memory stick (as well as the normal data). This was because the PSP would only see the program that had a PARAM.SFO file in it, the file inside the % folder. The file with just the program data would be seen as corrupted. However, this was shortly overcome by using two tricks. One would exploit the FAT16 system of the memory stick, and the other involved putting __SCE__ before the name of corrupted folder and %__SCE__ before the name of the normal folder (with the percentage sign at the end removed). Both tricks would remove the corrupted data, because the non-% folder would be invisible to the PSP, and still allow the EBOOT to be run. Many tools exist, like PSP Brew, Sei PSP Tool, and more, that automatically hide the corrupted data and organize your previously installed programs.

[edit] No-KXploit Patch

Some users and developers of homebrew complained about having the secondary folders for homebrew, and the corrupted icons that were shown. While there are ways to hide the icons, it is considered a nuisance. One piece of homebrew, called the No-KXploit patch, modified the PSP's firmware in memory, allowing non-KXploited homebrew to be executed directly. The No-KXploit patch itself is KXploited, to allow it to be run.

The patch does not modify the firmware of the PSP or write to the flash (specifically flash0). It is now (mostly) rendered obsolete by custom firmware, which is designed to allow the execution of homebrew.

[edit] 1.51 and 1.52 homebrew

It is not possible to run homebrew on 1.51 or 1.52 without upgrading the firmware. Many possibilities have been claimed as fact, usually involving the DATA.PSAR file from an official update with 1.51. However, all remain unproven. It is possible to update to 2.0, and then downgrade to 1.5. Officially, the safest way to downgrade is updating to 2.00 first, then use the 2.00 downgrader to get to 1.50.

[edit] 2.00 homebrew

Sony, seeing that not many people were updating their PSPs to 1.51 or 1.52, decided to release an update with features that would give people an incentive to update. The main feature was an official web browser, revealed at the 2005 PlayStation Meeting on June 20, 2005. The Japanese version of the update was released a week later, on June 27, 2005. In addition to a web browser, it also had support for high-quality MPEG-4 AVC video and the ability to change the wallpaper. As 2.00 contained a web browser, it became possible to write programs that would take advantage of the PSP's HTML rendering ability, and its newfound ability to connect to a server on a wireless network.

On September 23, 2005, an exploit, a buffer overrun in the image rendering, was discovered, allowing execution of an unsigned binary file. The method involved the user setting a PNG image as their background and a TIFF file in their photo directory. When the Photo menu was accessed, the binary file was loaded.

Two days later, the first "Hello World" program was released. The size of the binary was limited to 64kb, and the PSP could not yet read unencrypted ELF files, so further experimentation was required before any kind of homebrew software could be run. A day later, the first playable game using the exploit was released, titled "TIFF Pong 2.00".

On September 28, 2005, a successful downgrader, the MPH Downgrader, was released. This would change the system's version number to 1.00, tricking the PSP into allowing the 1.50 update.

Moving quickly to fix this exploit, Sony released the version 2.01 firmware on October 3, 2005. This was only a security update and offered no new features.

A PSP developer by the name of Fanjita created a program called eLoader using the same exploit as the MPH downgrader and GTA Cheat Device that allowed the user to run unsigned user mode code launched from a menu. This was an alternative to downgrading the PSP to 1.5 using the MPH downgrader.

Soon after, a new TIFF exploit was found that works with all firmwares up to 2.80.

[edit] 2.01 - 2.60 homebrew

On the September 28, 2005, Cheat Device was released for GTA: Liberty City Stories which exploited a memory bug during saving. It ran behind Liberty City Stories allowing for various modifications to the game, such as infinite health and the ability to "spawn" any of the vehicles in the game.

Based on the proof-on-concept provided by the Cheat Device, a "Hello World" was created in December, 2005. A day later, the first playable homebrew for version 2.01 was released, titled "Tetris for Firmware 2.01". (Despite the name, this game was not authorized by The Tetris Company.)

Two days later, the exploit was released for 2.60 firmware, leading to the creation of Tetris for version 2.50 and 2.60. A developers kit was later released.

In January, 2006, an EBOOT Loader for 2.01+, and then, a version of the eLoader which supported version 2.60 were released

WiFi connectivity was added on April 2, 2006, due to the discovery of a function that allowed the eLoader to initialize WiFi without kernel mode.

On June 27, 2006, another exploit was discovered in the 2.50 and 2.60 firmware that allowed for kernel mode to be utilized. GTA: Liberty City Stories is still required. The exploit takes advantage of another buffer overflow bug that was added when Sony included an additional security check in the 2.50 firmware. Three days later, a fully functioning 2.50/2.60 to 1.50 downgrader was released. If the PSP had the TA-082 PCB, the downgrader would not work, and would "brick" the PSP[2]. This was due to a protection implemented in newer motherboards. It is now possible to downgrade TA-82s on other firmwares including 2.71, 2.80 and 3.03

In August, it was reported that a successful downgrade on a TA-082 to the 1.50 firmware was achieved. It takes 45 minutes and an image must be dumped that is specific to one's own PSP device. No other details have been announced.[2].

Furthermore, during June 2006, Rockstar started shipping a version of GTA:LCS that patches the memory bug. The patched UMD also contains a compulsory upgrade to firmware 2.60. It was met with a change of serial number and graphical layout, in the PAL regions.

On 21 August 2006 it was announced that homebrew is possible on 2.0-2.80 by loading a tiff image. This resulting in launching homebrew on 2.00-2.60 without GTA:LCS using full kernel access. Contrary to popular belief, the exploit itself will not allow code to be executed under the kernel space, but does in fact use the sceKernelLoadExec exploit present in 2.50-2.71, hence why 2.80+ cannot use this exploit.

On 5 September 2006, an EBOOT loader that does not require GTA:LCS, and uses the new TIFF exploit, was released for the 2.00-2.60 firmwares. It still has the same compatibility rate as previous loaders, due to the user mode limitations. A kernel mode version is being worked on.[3]

On 9 September 2006, an easier way of downgrading firmware 2.01 was released. It functioned in the exact same way as the 2.00 downgrade (swapping index.dat from flash0 to the index.dat from the 1.00 firmware, tricking the PSP into launching the 1.50 update EBOOT) however, it uses the new TIFF exploit (as the one used to downgrade firmware 2.00 was patched in 2.01)

[edit] 2.70 - 2.71 homebrew

On 25 April 2006, Sony released firmware version 2.70, which directly was believed to have patched the exploit in the GTA savegame. Currently, the libTIFF exploit talked about below is now supported by 2.00-2.80 allowing homebrew to be executed. With 2.70 came Macromedia Flash support, and hence a number of PSP Flash games have been created. There have also been various flash portals released to allow flash games and applications to easily be run without adding them to bookmarks.

On 16 August 2006, a vulnerability in libtiff was found by NOPx86 and a Proof of Concept program was released. This new exploit opened the doors for Firmware 2.00 through 2.80 to play homebrew, and was met with the Noobz team whom made a homebrew loader (eLoader) for these firmwares using this exploit.

On 21 August 2006, it was announced that a new overflow had been discovered in the libTIFF image libraries of the PSP, in all versions upwards of 2.00.

In late August 2006, the first Hello World program working through the libTIFF exploit was released. It runs in kernel mode on firmwares up to 2.71, and user mode in 2.80.

On 1 September 2006, a downgrader for firmware 2.71 was released. Executing itself via the Photo menu (through an arbitrary TIFF), it expands itself into working memory, uses the PRX from the 1.50 Update EBOOT to write a new IPL and then formats the flash0 partition, then copies a dump of the 1.50 firmware, stored on the memory stick, to the flash0 partition. The flash1 settings partition is detected as "corrupted" when user first boots 1.50, and is then rewritten by pressing Circle.

On 2 September 2006, an update of the 2.71 downgrader was made public. This fixed an error in the previous downgrader which sometimes caused premature bricking.

On 21 September 2006, eLoader 0.99 was released. It had support for Firmware 2.70 and 2.71, with limited kernel access.

On 22 September 2006, A homebrew Launcher for Firmware 2.71 was released by Dark_AleX. This allowed to launch homebrew games from the XMB Game Menu. It worked by making a patch in memory that remained until the PSP was restarted.

On 24 September 2006 A DevHook port for firmware 2.71 , it allowed users to emulate 1.50 firmware. It was reported that it is fully compatible with TA-082 motherboard.

On 29 September 2006 ISO files can be successfully launched under firmware 2.71 and TA-082 motherboard through Dark_AleX's Homebrew enabler revision C and DevHook 0.4x for 2.71 enabler. Although the libtiff exploit is operational in 2.80, an eLoader is still under development and is expected to arrive soon. A certain file is missing from the 2.71 version in 2.80.

[edit] 2.80 homebrew

On 12 September 2006, Tetris for firmware 2.80 was released, along with an SDK, Tetris being the first homebrew available on 2.80. This was followed just hours later by TIFF pong (edited one day later), followed two days later by more TIFF homebrew. Later the NOOBZ team released eLoader v0.995 "Kriek" with 2.80 support, alongside with xLoader, allowing homebrew EBOOTs to run on 2.80 firmware PSPs.

On 24 November 2006, There was a rumor on two well known sources, qj.net and dcemu, that there will be a downgrader for 2.80 in a matter of a days or a few weeks. This downgrader is supposed to not be run off of the xLoader, a version of eLoader.

On 20 December 2006, a new exploit that unlocks kernel access in 2.80 was found by Team C+D and a Proof of Concept program was released.

On 24 December 2006, a 2.80 easy downgrader was released by csfreakno1 which had far better instructions, in both German & English, its interface also had improvements with its ease of use. As of this date, the latest version is 0.3 and it has to be run from xLoader. It has been confirmed as working. There are still some improvements needed as it will brick a PSP if it is run from eLoader! (An un-official leak was found on 23rd December, but this only featured German instructions, but it was still the same downgrader, but with different languages)

On 2 January 2007, a 2.80 -> 2.71 downgrader for TA-082/TA-086 was released by 0okm, allowing PSPs in 2.80 to downgrade to 2.71 then use the Dark_AleX TA-082 downgrader to downgrade to 1.50 firmware.

So far, homebrew can only be run using a port HEN for 2.80 firmware, eLoader v0.995 "Kriek" or later, or xLoader, which patches the PSP to launch homebrew directly from the XMB Game Menu. A downgrader has also been created for this firmware.

[edit] 2.81 - 3.03 homebrew

Screenshot of the Goofy Exploit
Screenshot of the Goofy Exploit

On 25 January 2007, a user-mode exploit was discovered, affecting all PSP firmwares from 2.00 to 3.03. A "Hello World" application, called the Goofy Exploit, was subsequently released by the Noobz team, proving that unsigned code could be run on a 2.81+ PSP. The exploit requires an un-patched copy of Grand Theft Auto: Liberty City Stories (it is a variation of the old LCS exploit, exploiting the fact that sony's patch only affected the save slots 0 - 7 however auto load also loads save games in slot 8 and 9, allowing the same exploit to be used if it's stored in either of these 2 slots).

On 28 January 2007,The Noobz team released the 3.03 HEN and downgrader. However, this wasn't until after a beta version had been leaked earlier on the web. It is highly encouraged to stay away from this "sure-brick" and only use the files listed on team Noobz's official website.

Also released alongside the downgrader was a release of HEN (Homebrew Enabler) for 3.03 users who did not wish to downgrade but wanted the benefits of homebrew on a 3.03 system. This also requires the use of an unpatched Grand Theft Auto: Liberty City Stories UMD.

[edit] 3.10+ homebrew

There is currently no way to run homebrew on firmwares 3.10, 3.11, or 3.30, all previous TIFF and GTA exploits have been blocked. 3.10, 3.11 and 3.30 have, however, been decrypted by PSP hacking/homebrew team C+D.

The decryption of these firmwares was done in record time, as they were both decrypted by Team C+D on the day of release despite new encryption keys being used by Sony (on firmware 3.10)[4]. Later, firmware 3.30 was decrypted by Team C+D just a few days after it was released. Decryption allows for custom editions to be made, such as the SE/OE firmwares made by Dark_AleX, and for firmware emulation using Booster's DevHook. They have not been decrypted enough to make a downgrader yet.

[edit] Custom firmwares

[edit] 1.50 Proof of Concept

In July 2006, a limited 1.50 custom firmware (named a proof of concept) was released by Dark_AleX, allowing the execution of version 1.00 EBOOTs, access to a limited recovery mode, and ability to automatically load an application upon start. Other custom firmwares have since been released. Today, there are more developed versions such as "Casual V3" and the SE/OE firmwares.

[edit] 2.71 SE

On 8 October 2006 Dark_Alex's custom firmware 2.71 SE-A was released, which utilizes the features of the 2.71 web browser, video features, RSS feeds, WMA capabilities and flash capabilities for the web browser as well as full 1.50 user and kernel homebrew usage and full 2.71 user and kernel homebrew, as well as adding a recovery mode for unbricking "semi-bricked" PSP from bad flashing etc.

An update to this new custom firmware came out on the 24th of the same month. In this update the 2.71 SE-B the major feature is the loading of ISOs and CSOs from the game menu in the XMB. And just two days later was updated to 2.71 SE-B' which includes NO-UMD ISO loading. A few days later, 2.71 SE-B" was released. It allowed the ability to run 2.80+ games, including GTA VCS and it fixed some bugs found in 2.71 SE-B'. The latest version is 2.71 SE-C, which allows to load PRX files directly from the memory stick, enabling the option to safely add new functions to your PSP (like listening to MP3 files while showing photos).

[edit] 3.XX OE

On 21 December 2006 A new custom firmware called "3.02 OE-A" was released by Dark_AleX. It contains the same features of 2.71 SE-C, but also includes all 3.02 features excluding the Location Free player and the Korean fonts. New features added to this custom firmware include WMA and Flash Player enabling through the Recovery Menu and cracking the DRM of the PSX emulator, allowing users to share PSX games to other PSP systems.

On 25 December 2006 [5]. An update to the 3.02 OE-A Firmware was released called "3.02 OE-B." It's main feature was the ability to run PSX games from a memory stick using a ripping utility called "popstation" released alongside the new firmware.

On 4 January 2007 The custom firmware "3.03 OE-A" was released by Dark_AleX. It has the same features of 3.02 OE-B along with the ability to run compressed PSX games and support for custom manuals in PSX games. Later on 6 January 2007 3.03 OE-A' also known as 3.03 OE-A2 was released. A new feature in this release is the ability to change the CPU/Bus speed in UMD/ISO games.

On 10 January 2007 A "3.03 OE-B" custom firmware was released by Dark_AleX. This custom firmware required 3.03 OE-A/A' firmware to be installed first. A new feature in this release is the ability to play full screen (480 X 272) MP4-AVC videos.

On 25 January 2007 Dark_AleX released "3.03 OE-C" custom firmware. This was a major update and thus required a full install. Among the features are using WiFi at 333 MHz, maximum bit-rate limit of MP4-AVC videos is raised from 768 Kbps to 16384 Kbps (16 Mbps), ability to change the CPU/Bus speed of the XMB, faster cold-boot, as well as several other new features.

On 4 February 2007 A "3.10 OE-A" custom firmware was released by Dark_AleX, allowing screen brightness to the 4th level without having to connect the AC adapter along with the ability to run static ELF homebrew with the 3.10 kernel.

On 6 February 2007 A "3.10 OE-A' / A2" custom firmware was released by Dark_AleX, fixing a simple bug in the execution of PSOne games including Metal Slug 6 and others. The bug was caused by the incorrect patching of a static ELF in some cases. This was only a minor update, however, and therefore was not needed by everyone running the custom firmware.

[edit] 1.53 Custom Firmware

On 19 February 2007 A custom firmware was released by Eiffel56. This firmware was called 1.53 to avoid confusion between the official 1.51 and 1.52 firmwares compared to this custom version. This version is built for firmware 1.50 loyalists as not every user wished to upgrade to the SE or OE firmwares. This firmware offered many features offered in the 1.50 Proof of Concept firmware by Dark_AleX such as a limited recovery mode, autoboot option, custom PRX loading, launching 1.00 Homebrew eBoots, hiding corrupt data icons and starting ISO files from the XMB.

[edit] Downgraders

The very first downgrader created for the PSP was one that would allow users of the 2.00 firmware version to go back to 1.50 using a tiff exploit in the PSP's photo section. This works by changing the version number in the firmware to 1.00 tricking the 1.50 update to think the PSP has a lower firmware than it actually has.

In July 2006 a downgrader was released, allowing 1.50 users to downgrade their PSPs to 1.00. This was a major breakthrough as people believed it would lead to custom firmwares on 1.50, which could allow 2.71+ features with 1.00 EBOOT execution. Many people did not attempt the downgrade, due to decreased compatibility of running homebrew with the older firmware, compared to 1.50.

On September 01, 2006 a downgrader was released for firmware version 2.71. This exploit took advantage of a "libtiff" file bug in the PSP.

On 27 December 2006 A downgrader allowing the installation of 1.50 on TA-082 motherboards with 2.71 already installed was released. Previously, this was impossible due to and incompatibility with some IDstorage keys, attempting to write it would brick the PSP.

On 28 January 2007, The Noobz team released a 3.03 downgrader available to all who own an unpatched version of Grand Theft Auto: Liberty City Stories. This allows anybody who owns a PSP to downgrade to 1.5 and access homebrew.

All firmwares up to 3.03 have the ability to downgrade, either through upgrading and downgrading, or straight downgrading. The PSP 1007 has not yet been proven to downgrade. Currently using the 3.03 downgrader on PSP 1007 may brick the psp.

[edit] Motherboards

Before Sony saw the 2.50/2.60 downgrader they made a new motherboard for the PSP called TA-082 which, when downgrading below firmware 2.50 is tried will get a corrupt firmware and the PSP will become un-bootable (bricked).

Recently it has been discovered by 0okm that Sony has released a new motherboard called TA-086 but it is still unclear what changes it has from the TA-082 motherboard.

A method of checking whether or not a TA-082 motherboard is installed on a PSP without voiding the warranty is shown here.

On 27 December 2006, a TA-082 downgrader was released by Dark_AleX, Mathieulh and harleyg allowing PSPs with 2.71 firmware and TA-082 or TA-086 motherboard to downgrade to 1.50. It appears that the downgraded units behave like any other non-TA-082s and after this process it is possible to upgrade to 2.71 SE, 3.XX OE or any other version of firmware, custom or official. However, problems do exist as a side effect of the downgrade. In order to allow the motherboard accept the 1.50 IPL some keys in the motherboards IDStorage are corrupted. This has lead to many problems in downgraded PSP's.

These range from:

  • Connection errors in AD-HOC.
  • Brightness issues. (Upon the initial boot up of a downgraded TA-082 PSP, users may be greeted by a blank screen. Pressing the brightness button will resolve this issue)
  • Battery issues. (If a PSP is shut off under 12% battery the PSP will not restart until the AC adapter is plugged in.)

One of the problems faced was the USBHOSTFS function of the PSP was corrupted after a TA-082 downgrade. The USBHOSTFS function is used in some homebrew programs and communication with the PS3. This however has been fixed in a release from a homebrew developer.Here. Also Using the NOOBZ 2.80 and 3.03 downgraders does not create this problem since they do not change the IDStorage keys associated with the USBHOSTFS function. Only the 2.71 downgrader corrupts the USBHOSTFS IDStorage keys.

There is a reported fix for these problems found here. The latest version of this is idreset v7 (for people who downgraded using the Dark_AleX 2.71 TA-082 downgrader) which is found here or idcopy v1 (for people who downgraded with NOOBZ 2.80 TA-082 downgrader) which is found here. This has been reported to fix most or all of the problems associated with these downgraders. These fixes are for TA-082 and TA-086 PSPs only.


TA-079 up to TA-081 motherboards are not affected by these problems.

[edit] Multi Firmware Module / Modchip

Multi Firmware Module was announced on Apr 24, 2006 [1]. Multi Firmware Module contains a different PSP firmware to the one onboard the PSP itself and can be booted from, or copied to, the PSP's original NAND flash chip, unbricking the PSP. It is planned for release upon the acquisition of a suitable manufacturer.

The PSP modchip ("Undiluted Platinum") was announced on May 28, 2006. It allows the user to run two separate firmwares, one on the PSP itself, and one on the modchip. It also allows the restoration of corrupted firmware ("unbricking"), and so may lead to the creation of custom firmwares, allowing the full range of homebrew, while still being able to play the latest games. However, this chip may not run on all PSP hardware, due to the lower voltage of newer, TA-082, PSP boards.

Undiluted Platinum were released on June 26. However its installation required some very careful soldering, and many users did not wish to install this modchip. On July 23 the custom firmware Epsilon Bios were released, it required the Undiluted Platinum to be used.

The day after Undiluted Platinum's release, a kernel exploit for 2.50 and 2.60 was revealed, aggravating many users who purchased the modchip just to downgrade from those versions.

A new modchip called "PSP-Devolution" is in development state. It seems that it has similar features from the Undiluted Platinum chip, and it will compatible with all motherboards (TA-079 to TA-086), also providing TA-082 recovery.|This modchip may be a fake however because there is no officail announcement other than a simple website on the web. People who have a psp TA-082 model which is bricked the only solution for now may be just to buy a new motherboard.

[edit] ISO image loader

UMDs can be run from the Memory Stick by utilizing a ripped ISO image. The legality of the loaders used to run these ISOs, and indeed, ripping the ISOs in the first place, is questionable at best, as the only UMDs available are retail versions.

Three methods of loading ISOs are available: generic loaders, which trick the PSP into thinking the ISO is in fact a UMD in the PSP's drive; and game-specific booters, which only allow a particular game to be run, and more recently the advent of 3.02 OE-B allows the loading of ISOs requiring 3.02 and under with no UMD in the drive.

Through homebrew, developers have also enabled the PSP to load modified versions of ISOs using specially developed programs. Both the DAX and CSO (Compressed ISO) formats are compressions of an ISO image and can be loaded with DaxzISO, 3.02 OE-B to 3.10 OE-A2 and DevHook respectively.

[edit] Trojans / Brickers

[edit] Trojan. PSPBrick

On October 2, 2005, an alternative downgrader was released. The "downgrader" was actually a trojan that, if run on PSP, destroys the firmware and BIOS, resulting in the PSP becoming un-bootable. This was officially reported by Symantec as Trojan.PSPBrick. After the release, many PSP homebrew sites came to a screeching halt to check every bit of homebrew for the trojan, to ensure safety for their users. Normal operation resumed shortly thereafter.

Any files that are based on the toc2rta TIFF exploit (including the EBOOT Loader and the MPH Downgrader) are now seen as trojans by anti-virus programs, even if they are perfectly legitimate.

[edit] Trojan. PSPbrick.B

A PSP bricker (see 'Trojan. PSPBrick' above), known as 'SDL test' has recently come into circulation. Its effects are the same as above, but is not detected by anti-virus programs, due to the fact that it is new. A program that can find these brickers can be found at pspupdates.qj.net

[edit] Game compatibility

In order to force users to update to their latest firmware, Sony has increasingly made games firmware specific. GTA: Liberty City Stories requires firmware functions only present in 2.00+, and so will not run on lower firmwares. In February 2006, a loader was released, allowing GTA:LCS (and other games required 2.00+) to be run on PSPs below 2.00. In June 2006, a firmware emulator was released, allowing games requiring up to version 2.50 to be run on firmware 1.50. Almost all games made for the PSP now require a firmware update. They require certain files known as PRX's that are in the PSP's flash memory to run. Some games do not require these PRX's and can be executed on lower firmwares by using a version changer. The more common method is to use custom firmware, which allows a more accurate gameplay.

[edit] Version changer

A utility was released circumventing the version number check. This utility tricked games by setting the firmware version to a high number (eg 9.99). The UMD would assume its version (usually 2.00+) was older, and so would not attempt to update.

A different standpoint is taken with the "No Update UMD Starter", which instructs the PSP to ignore the update when booting a UMD, and to boot directly into the game.

These methods do not work for games requiring 2.00+, as they depend on modules (.PRX files) included within the firmware in order to function.

[edit] Firmware loaders

It is possible to run games specifically for firmware versions 2.00 and above (such as GTA: Liberty City Stories) on previous firmware versions. This is done by using a firmware loader.

The PSP has seven drives:

  • ms0 - Memory Stick
  • flash0 - Flash Memory (Contains all the firmware files)
  • flash1 - Flash Memory (Used to the store XMB settings)
  • flash2 - In firmwares 3.00 and up, this contains the DRM for Sony's official PS1 emulator[6]
  • flash3 - Unknown
  • disc0 - UMD Drive
  • ipl - Initial Program Load

Files from the BIOS and flash memory (of a different version) are copied to separate folders on the memory stick. The firmware loader proceeds to load these files. Recently, the release of a homebrew program (Devhook) has enabled loading firmware versions 1.50 through 3.11 entirely. It can then load/play UMD games requiring that particular firmware, as well as use the built-in Internet Browser with Macromedia Flash support, LocationFree, RSS feeds, ATRAC3/ATRAC3plus, WMA and AVC playback. More information may be found here.

[edit] Notable homebrew

[edit] DevHook

This application, created by "Booster", can load alternate firmware versions from dumps without affecting the PSP's actual firmware by mounting flash0, flash1 (where the firmware is stored) and the IPL to a directory on the memory stick pro duo, then executing a firmware reboot, which then loads the emulated firmware, without the PSP even knowing. Hence, there is a significantly reduced risk of bricking or damaging the PSP. The user can access all the features of the emulated firmware, including UMDs requiring the firmware version. The latest version of DevHook (v0.52.0100) allows for emulation of 3.11 firmware, and supports limited homebrew launching on said firmware. This emulation of the firmware allows users to have all of the features of the new firmware while keeping the ability to run homebrew on 1.50 or Custom Firmware PSPs. Note: To save space on the memory stick, newer versions of DevHook allow much of the emulated firmware to be stored in the PSP's flash memory.Many people now argue that devhook has been made pointless by the SE/OE firmwares, which has the features of the most recently decrypted firmware, and also supports ISO loading direct from the XMB[2]

[edit] SE/OE Custom Firmware

A Custom Firmware created by "Dark_AleX" uses a subset of the commonly known 1.50 firmware to launch a newer firmware with homebrew capabilities, similar to DevHook, but instead is loaded directly from the PSP's NAND flash chip. Some less used features are removed in newer versions including "LocationFree Player" and Korean fonts in order to save on internal memory. These features can be accessed, however, through the installation and execution of DevHook. The firmware adds support for native 1.50 homebrew loading in addition to loading official Sony EBOOT's, integrating an ISO/CSO loader launched from the XMB system menu, and a recovery Menu accessible upon boot-up. So far, 2 custom firmwares are the most popular, both of which were created by Dark_Alex. 3.03 OE-C is very popular, and more popular then 3.10 OE-A because you can hack the XMB with both, and flash custom volume bars, battery meters, gameboots, coldboots, XMB scrolling sounds, but the only thing you can't flash on 3.10 OE-A is custom XMB icons. In 3.10 OE-A, the only difference is a bug in PSX emulation has been fixed, and now there is a 4th level of brightness. You don't need to plug in the AC adaptor to achieve this.

[edit] uClinux 2.4.19

A very preliminary port of the uClinux 2.4.19 kernel has been released. It uses the serial port located next to the headphone jack for console + ttyS0 IO, and boots into a very minimal statically-linked userland built on uClibC and the uclinux-dist userland sources. [3]

[edit] References

  1. ^ Brian Lam. How to play NES on the PSP. Wired Magazine. Retrieved on 2005-09-13.
  2. ^ a b currently TA -082 is limited to downgrade to 2.50 only.Justin B. "2.50/2.60 Downgrader - beta v5 released", QJ.net, June 30, 2006. Retrieved on 2006-07-01.
  3. ^ "Noobz", Noobz, September 5, 2006.
  4. ^ "Firmware 3.10 decrypted on Day 0!", PSPUpdates, January 30, 2007.
  5. ^ "Dark_Alex's Release of OE-B", PSPBrew, December 25, 2006.
  6. ^ http://forums.qj.net/showpost.php?p=1395914&postcount=41

[edit] See also

[edit] External links

Retrieved from "http://en.wikipedia.org../../../p/l/a/PlayStation_Portable_homebrew_7fb7.html"

Static Wikipedia (no images)

aa - ab - af - ak - als - am - an - ang - ar - arc - as - ast - av - ay - az - ba - bar - bat_smg - bcl - be - be_x_old - bg - bh - bi - bm - bn - bo - bpy - br - bs - bug - bxr - ca - cbk_zam - cdo - ce - ceb - ch - cho - chr - chy - co - cr - crh - cs - csb - cu - cv - cy - da - de - diq - dsb - dv - dz - ee - el - eml - en - eo - es - et - eu - ext - fa - ff - fi - fiu_vro - fj - fo - fr - frp - fur - fy - ga - gan - gd - gl - glk - gn - got - gu - gv - ha - hak - haw - he - hi - hif - ho - hr - hsb - ht - hu - hy - hz - ia - id - ie - ig - ii - ik - ilo - io - is - it - iu - ja - jbo - jv - ka - kaa - kab - kg - ki - kj - kk - kl - km - kn - ko - kr - ks - ksh - ku - kv - kw - ky - la - lad - lb - lbe - lg - li - lij - lmo - ln - lo - lt - lv - map_bms - mdf - mg - mh - mi - mk - ml - mn - mo - mr - mt - mus - my - myv - mzn - na - nah - nap - nds - nds_nl - ne - new - ng - nl - nn - no - nov - nrm - nv - ny - oc - om - or - os - pa - pag - pam - pap - pdc - pi - pih - pl - pms - ps - pt - qu - quality - rm - rmy - rn - ro - roa_rup - roa_tara - ru - rw - sa - sah - sc - scn - sco - sd - se - sg - sh - si - simple - sk - sl - sm - sn - so - sr - srn - ss - st - stq - su - sv - sw - szl - ta - te - tet - tg - th - ti - tk - tl - tlh - tn - to - tpi - tr - ts - tt - tum - tw - ty - udm - ug - uk - ur - uz - ve - vec - vi - vls - vo - wa - war - wo - wuu - xal - xh - yi - yo - za - zea - zh - zh_classical - zh_min_nan - zh_yue - zu -

Static Wikipedia 2007 (no images)

aa - ab - af - ak - als - am - an - ang - ar - arc - as - ast - av - ay - az - ba - bar - bat_smg - bcl - be - be_x_old - bg - bh - bi - bm - bn - bo - bpy - br - bs - bug - bxr - ca - cbk_zam - cdo - ce - ceb - ch - cho - chr - chy - co - cr - crh - cs - csb - cu - cv - cy - da - de - diq - dsb - dv - dz - ee - el - eml - en - eo - es - et - eu - ext - fa - ff - fi - fiu_vro - fj - fo - fr - frp - fur - fy - ga - gan - gd - gl - glk - gn - got - gu - gv - ha - hak - haw - he - hi - hif - ho - hr - hsb - ht - hu - hy - hz - ia - id - ie - ig - ii - ik - ilo - io - is - it - iu - ja - jbo - jv - ka - kaa - kab - kg - ki - kj - kk - kl - km - kn - ko - kr - ks - ksh - ku - kv - kw - ky - la - lad - lb - lbe - lg - li - lij - lmo - ln - lo - lt - lv - map_bms - mdf - mg - mh - mi - mk - ml - mn - mo - mr - mt - mus - my - myv - mzn - na - nah - nap - nds - nds_nl - ne - new - ng - nl - nn - no - nov - nrm - nv - ny - oc - om - or - os - pa - pag - pam - pap - pdc - pi - pih - pl - pms - ps - pt - qu - quality - rm - rmy - rn - ro - roa_rup - roa_tara - ru - rw - sa - sah - sc - scn - sco - sd - se - sg - sh - si - simple - sk - sl - sm - sn - so - sr - srn - ss - st - stq - su - sv - sw - szl - ta - te - tet - tg - th - ti - tk - tl - tlh - tn - to - tpi - tr - ts - tt - tum - tw - ty - udm - ug - uk - ur - uz - ve - vec - vi - vls - vo - wa - war - wo - wuu - xal - xh - yi - yo - za - zea - zh - zh_classical - zh_min_nan - zh_yue - zu -

Static Wikipedia 2006 (no images)

aa - ab - af - ak - als - am - an - ang - ar - arc - as - ast - av - ay - az - ba - bar - bat_smg - bcl - be - be_x_old - bg - bh - bi - bm - bn - bo - bpy - br - bs - bug - bxr - ca - cbk_zam - cdo - ce - ceb - ch - cho - chr - chy - co - cr - crh - cs - csb - cu - cv - cy - da - de - diq - dsb - dv - dz - ee - el - eml - eo - es - et - eu - ext - fa - ff - fi - fiu_vro - fj - fo - fr - frp - fur - fy - ga - gan - gd - gl - glk - gn - got - gu - gv - ha - hak - haw - he - hi - hif - ho - hr - hsb - ht - hu - hy - hz - ia - id - ie - ig - ii - ik - ilo - io - is - it - iu - ja - jbo - jv - ka - kaa - kab - kg - ki - kj - kk - kl - km - kn - ko - kr - ks - ksh - ku - kv - kw - ky - la - lad - lb - lbe - lg - li - lij - lmo - ln - lo - lt - lv - map_bms - mdf - mg - mh - mi - mk - ml - mn - mo - mr - mt - mus - my - myv - mzn - na - nah - nap - nds - nds_nl - ne - new - ng - nl - nn - no - nov - nrm - nv - ny - oc - om - or - os - pa - pag - pam - pap - pdc - pi - pih - pl - pms - ps - pt - qu - quality - rm - rmy - rn - ro - roa_rup - roa_tara - ru - rw - sa - sah - sc - scn - sco - sd - se - sg - sh - si - simple - sk - sl - sm - sn - so - sr - srn - ss - st - stq - su - sv - sw - szl - ta - te - tet - tg - th - ti - tk - tl - tlh - tn - to - tpi - tr - ts - tt - tum - tw - ty - udm - ug - uk - ur - uz - ve - vec - vi - vls - vo - wa - war - wo - wuu - xal - xh - yi - yo - za - zea - zh - zh_classical - zh_min_nan - zh_yue - zu

Static Wikipedia February 2008 (no images)

aa - ab - af - ak - als - am - an - ang - ar - arc - as - ast - av - ay - az - ba - bar - bat_smg - bcl - be - be_x_old - bg - bh - bi - bm - bn - bo - bpy - br - bs - bug - bxr - ca - cbk_zam - cdo - ce - ceb - ch - cho - chr - chy - co - cr - crh - cs - csb - cu - cv - cy - da - de - diq - dsb - dv - dz - ee - el - eml - en - eo - es - et - eu - ext - fa - ff - fi - fiu_vro - fj - fo - fr - frp - fur - fy - ga - gan - gd - gl - glk - gn - got - gu - gv - ha - hak - haw - he - hi - hif - ho - hr - hsb - ht - hu - hy - hz - ia - id - ie - ig - ii - ik - ilo - io - is - it - iu - ja - jbo - jv - ka - kaa - kab - kg - ki - kj - kk - kl - km - kn - ko - kr - ks - ksh - ku - kv - kw - ky - la - lad - lb - lbe - lg - li - lij - lmo - ln - lo - lt - lv - map_bms - mdf - mg - mh - mi - mk - ml - mn - mo - mr - mt - mus - my - myv - mzn - na - nah - nap - nds - nds_nl - ne - new - ng - nl - nn - no - nov - nrm - nv - ny - oc - om - or - os - pa - pag - pam - pap - pdc - pi - pih - pl - pms - ps - pt - qu - quality - rm - rmy - rn - ro - roa_rup - roa_tara - ru - rw - sa - sah - sc - scn - sco - sd - se - sg - sh - si - simple - sk - sl - sm - sn - so - sr - srn - ss - st - stq - su - sv - sw - szl - ta - te - tet - tg - th - ti - tk - tl - tlh - tn - to - tpi - tr - ts - tt - tum - tw - ty - udm - ug - uk - ur - uz - ve - vec - vi - vls - vo - wa - war - wo - wuu - xal - xh - yi - yo - za - zea - zh - zh_classical - zh_min_nan - zh_yue - zu