PS3 JailBreak for 3.50 and lower

Posted by Ali Reda | Posted in | Posted on 6/26/2011

You must be on 3.41 or below to jailbreak with the PSGroove exploit (DO NOT update beyond this if you want to use this or similar exploits). You can downgrade from firmware version 3.50 or earlier by entering factory/service mode and using .self and .pup files which you can download

PSFreedom was written by KaKaRoTo to implement the original PS Jailbreak exploit, based in part on reverse engineering efforts by the PSGroove project.

How It Works?

The initial analysis by suggested that it was a Stack overflow attack. After further analist it turns out that this exploit is a Heap Overflow attack. The exploit carefully manipulates the heap by plugging and unplugging fake usb devices with large device descriptors until the device on port 4 which misreports its size to overwrite one of malloc's boundary tag.
1) plug device 1 then device 2 then device 3
2) After port three is connected, port two will be disconnected, this will cause the port two descriptors to be freed, which frees up some space between the Port One and Port Three descriptors.The heap is now prepared for our exploit.

Comments (0)

Post a Comment