1. IT-Security >
  2. Cyber Security Nachrichten >
  3. New Hack Runs Homebrew Code From DVD-R On Unmodified PlayStation 2

ArabicEnglishFrenchGermanGreekItalianJapaneseKoreanPersianPolishPortugueseRussianSpanishTurkishVietnamese

New Hack Runs Homebrew Code From DVD-R On Unmodified PlayStation 2


IT Security Nachrichten vom | Direktlink: games.slashdot.org Nachrichten Bewertung

An anonymous reader quotes a report from Ars Technica: Nearly 20 years after its initial release, a hacker has found a way to run homebrew software on an unmodified PlayStation 2 using nothing but a carefully burned DVD-ROM. Previous efforts to hack the PS2 relied on internal modifications, external hardware (like pre-hacked memory cards and hard drives), or errors found only on very specific models of the system. The newly discovered FreeDVDBoot differs from this previous work by exploiting an error in the console's DVD video player to create a fully software-based method for running arbitrary code on the system. Security researcher CTurt laid out the FreeDVDBoot discovery and method in detail in a blog post this weekend. By decrypting and analyzing the code used for the PS2's DVD player, CTurt found a function that expects a 16-bit string from a properly formatted DVD but will actually easily accept over 1.5 megabytes from a malicious source. Sending carefully formatted data to that function causes a buffer overflow that in turn triggers another badly written function to tell the system to jump to an area of memory with arbitrary, attacker-written code. That code can then tell the system to load an ELF file written to a burned DVD-R in the system. Building on previous PS2 homebrew efforts like uLaunchELF, it's relatively simple to use that DVD-R to load homebrew software or even full copies of otherwise copy-protected PS2 games. The exploit is currently limited to very specific versions of the PS2's DVD player firmware (as of press time, firmwares 3.10 and 3.11, when set to "English") found in later editions of the console and won't work in earlier systems. But CTurt writes that he's "confident that all other versions also contain these same trivial IFO parsing buffer overflows" and can be exploited with broadly similar methods. The possibility of similar hacks through the Blu-ray player on the PS3 and PS4 (or the CD player on the PS1) are also being examined by the community.

Read more of this story at Slashdot.

...

Externe Webseite mit kompletten Inhalt öffnen



https://games.slashdot.org/story/20/06/29/1938221/new-hack-runs-homebrew-code-from-dvd-r-on-unmodified-playstation-2?utm_source=rss1.0mainlinkanon&utm_medium=feed

Team Security Social Media

➤ Weitere Beiträge von Team Security | IT Sicherheit

  • Regex Performance Improvements in .NET 5

    vom 755.26 Punkte ic_school_black_18dp
    The System.Text.RegularExpressions namespace has been in .NET for years, all the way back to .NET Framework 1.1. It’s used in hundreds of places within the .NET implementation itself, and directly by thousands upon thousands of applications. Across all of t
  • ConfigureAwait FAQ

    vom 712.61 Punkte ic_school_black_18dp
    .NET added async/await to the languages and libraries over seven years ago. In that time, it’s caught on like wildfire, not only across the .NET ecosystem, but also being replicated in a myriad of other languages and frameworks. It’s also seen a ton of im
  • Malcolm - A Powerful, Easily Deployable Network Traffic Analysis Tool Suite For Full Packet Capture Artifacts (PCAP Files) And Zeek Logs

    vom 680.46 Punkte ic_school_black_18dp
    Malcolm is a powerful network traffic analysis tool suite designed with the following goals in mind: Easy to use – Malcolm accepts network traffic data in the form of full packet capture (PCAP) files and Zeek (formerly Bro) logs. These artifacts can be
  • Local Privilege Escalation in Win32k.sys Through Indexed Color Palettes

    vom 662.49 Punkte ic_school_black_18dp
    This is the second in our series of Top 5 interesting cases from 2019. Each of these bugs has some element that sets them apart from the more than 1,000 advisories released by the program this year. Today’s blog looks a local privilege escalation in t
  • CVE-2020-8835: Linux Kernel Privilege Escalation via Improper eBPF Program Verification

    vom 546.94 Punkte ic_school_black_18dp
    During the recent Pwn2Own 2020 competition, Manfred Paul (@_manfp) of RedRocket CTF used an improper input validation bug in the Linux kernel to go from a standard user to root. Manfred used this bug during the contest to win $30,000 in the Privilege Escalation categ
  • Announcing TypeScript 3.7

    vom 526.92 Punkte ic_school_black_18dp
    We’re thrilled to announce the release of TypeScript 3.7, a release packed with awesome new language, compiler, and tooling features. If you haven’t yet heard of TypeScript, it’s a language based on JavaScript that adds static type-checking along wit
  • Diving Deep Into a Pwn2Own Winning WebKit Bug

    vom 526.45 Punkte ic_school_black_18dp
    Pwn2Own Tokyo just completed, and it got me thinking about a WebKit bug used by the team of Fluoroacetate (Amat Cama and Richard Zhu) at this year’s Pwn2Own in Vancouver. It was a part of the chain that earned them $55,000 and was a nifty piece of
  • Announcing TypeScript 3.8

    vom 488.43 Punkte ic_school_black_18dp
    Today we’re proud to release TypeScript 3.8! For those unfamiliar with TypeScript, it’s a language that adds syntax for types on top of JavaScript which can be analyzed through a process called static type-checking. This type-checking can tell us about
  • RetDec - A Retargetable Machine-Code Decompiler Based On LLVM

    vom 480.6 Punkte ic_school_black_18dp
    RetDec is a retargetable machine-code decompiler based on LLVM.The decompiler is not limited to any particular target architecture, operating system, or executable file format:Supported file formats: ELF, PE, Mach-O, COFF, AR (archive), Intel HEX, and ra
  • Try out Nullable Reference Types

    vom 435.1 Punkte ic_school_black_18dp
    Try out Nullable Reference Types With the release of .NET Core 3.0 Preview 7, C# 8.0 is considered "feature complete". That means that the biggest feature of them all, Nullable Reference Types, is also locked down behavior-wise for the .NET Core release. It w
  • Announcing TypeScript 3.7 RC

    vom 415.49 Punkte ic_school_black_18dp
    We’re pleased to announce TypeScript 3.7 RC, the release candidate of TypeScript 3.7. Between now and the final release, we expect no further changes except for critical bug fixes. To get started using the RC, you can get it through NuGet, or use npm with the following command: npm install [email protected]
  • An Introduction to System.Threading.Channels

    vom 409.68 Punkte ic_school_black_18dp
    “Producer/consumer” problems are everywhere, in all facets of our lives. A line cook at a fast food restaurant, slicing tomatoes that are handed off to another cook to assemble a burger, which is handed off to a register worker to fulfill your or

Team Security Diskussion über New Hack Runs Homebrew Code From DVD-R On Unmodified PlayStation 2