The father of iPhone Jailbreak who first unlocked the original iPhone back in 2007, followed by unlocking iPhone 3GS last year and the person who was responsible for blackra1n and blacksn0w tools has finally released the exploit for hacking PS3. In a blog post today, he explained that the PS3 exploit which he has released “gives full memory access and therefore ring 0 access from OtherOS”.
The hack is confirmed to work on the latest firmware version 2.4.2, but George Hotz also pointed out that there shouldn’t be any reason why it wont work on earlier versions too.
Usage instructions, as stated by Hotz is as follows. A more detailed guide may follow soon.
Compile and run the kernel module.
When the "PRESS THE BUTTON IN THE MIDDLE OF THIS" comes on, pulse the line circled in the picture low for ~40ns.
Try this multiple times, I rigged an FPGA button to send the pulse.
Sometimes it kernel panics, sometimes it lv1 panics, but sometimes you get the exploit!!
If the module exits, you are now exploited.
This adds two new HV calls,
u64 lv1_peek(16)(u64 address)
void lv1_poke(20)(u64 address, u64 data)
which allow any access to real memory.
The PS3 is hacked, its your job to figure out something useful to do with it.
The information which Hotz has released on hacking the Sony PS3 is for research purposes only.
You can follow me on twitter or join our facebook fanpage to keep yourself updated on all the latest from Microsoft, Google and Apple.