mardi 31 mai 2005

6 ways to crash the Wipeout Browser

04:57 matine salim No comments
tbminc over at ps2dev was been able to put the wipeout browser into a buffer overflow mode and execute other system functions. This looks promising for doing an exploit.


With help of #pspdev i was able to continously call "sceKernelSleepThread", so sound continued but browser crashed. yay.

The binary is in fact loaded to 08900000. That location seems to be "static", it isn't randomized or so.

Next big task is to place some more interesting code somewhere where we know the memory address of. I haven't succeeded here for now.

Damn, i wish i had a ramdump of the running game...


If anyone has info for him, or wants to start trying this for themselves check out this thread:

http://forums.ps2dev.org/viewtopic.php?t=1948

0 commentaires:

Enregistrer un commentaire

RSS FeedRSS Subscription!
Follow me!Follow me!

 
Design by Free WordPress Themes | Bloggerized by Lasantha - Premium Blogger Themes | Best Web Hosting