Stories
Slash Boxes
Comments

SoylentNews is people

Submission Preview

Link to Story

Disc Player Exploit Targets PlayStation 2 Console, Possibly Others

Accepted submission by takyon at 2020-06-29 13:48:30
Security

Security Expert Discovered Flaw in PS2 That Gives a Way to Play Any Game [technadu.com]

A security engineer who uses the nickname "Cturt" has hacked a PlayStation 2 console and managed to make it run any game title that he burns on a DVD. We're not talking about pirated games here, but titles that were never meant to run on a PS2, like the classic Mario platformer, for example. The man is calling the hack "FreeDVDBoot" and claims that no hardware intervention or any other type of mods are required to make it work. All that is needed is the exploitation of an existing flaw that triggers a read overflow vulnerability.

The researcher gives all the technical details on his write-up [github.io], saying that he had to experiment with emulators a lot in order to figure out the crucial aspects that hide behind Sony's proprietary container format (VOB) used on the PS2 DVD disk reading system. The hacker looked specifically for buffer overflow vulnerabilities in the "getDiscData" call system and found four of them. The existence of these flaws means that if a disc specifies lengths larger than allowed, one can trigger a buffer overflow exploit. Based on this and some luck on the existence of valid memory jumps that occur in regions that can be modified, a series of corruption states can be achieved.

A similar exploit may work with the PS1, which only supports CDs, and the PS3 and PS4, which both support Blu-ray discs. The security engineer may be eligible to earn up to $50,000 [technadu.com] for a working PS4 exploit.

PlayStation 2 [wikipedia.org] was released in Japan in March 2000, and discontinued worldwide in January 2013.


Original Submission