I found an anomaly at the Firmware V2.6

[lusid]

Quote:

Originally Posted by CyRu5

I don't see how making the system crash has any relation to firmware hacking and homebrew...

Most crashes can't be exploited, but some can so finding a crash is the first step. It is important that people get the message that crash!=exploit, but it's also important that repeatable crashes get reported. One of them may be the start of the next eboot loader, and only the hard core devs can make that determination.

[PSP250]

Nice finding.

After reducing the problem I assume it is a Javascript parser bug of the browser.

This simple version illustrates why the inital code provided caused a crash on all known browser versions (Next is just ONE single line already causing the crash):

Code:

<script>0for</script>

Some information:
1. The correctly closed script tag is required
2. The main HTML parser reads the contents of the script tag and saves it as a literal (containing all code within the script tags)
3. Afterwards it passes this to the Javascript parser
4. The problem appears to happen when the keyword "for" is encountered after a number anywhere within the javascript code. (u can even try to put something before or after it, change the 0 to any other number or put the 0 in brackets or similar)

Despite it is unknown yet if this is a buffer overflow, this could be called a remote DoS attack and therefore even be considered as one of the first found PSP Netfront based exploits. (Note: Definition of exploit contains DoS aswell, although I am aware we primary focus on those that allow us to execute arbitrary code).

Looks like 2.61 could show up. ;)

[nxtlidenno]

Oh yeah! That would be sweeeeeeeeeeeeeeeeeeeet!! !!!!! Especialy if it leads to full kernal without using savegame to acheive it. Sorry I dont enjoy GTA to much.

[SodR]

This can actualy be something.

[FreePlay]

If this works as an overflow, it's safe to assume it might lead to an easier way to enable Wifi in homebrew on 2.00+.

[Jay C]

With these new exploit methods allowing eboots to be launched from places other than GAME, I've learned not to get my hopes up for kernel acess, but God do I miss it. I DO hope this leads to something. It's good to see people still searching for alternate exploits to GTA. Maybe we can compare the two and find the best for homebrew as a whole.

[PSPHax0r9]

Kernel access would make everything SO much easier...
But, realistically, probably any new exploit found will not have kernel access.

[Jay C]

Quote:

Originally Posted by PSPHax0r9

Kernel access would make everything SO much easier...
But, realistically, probably any new exploit found will not have kernel access.

yeah. i wonder if there really is no hope for exploits under Game, like on 1.5, or if we've all just stopped trying.

[_TOM]

This must be something good because fanjita is getting involved i am so exited!!!!!!!!!!!!!!! :Jump: :Jump:

[PSPHax0r9]

Quote:

Originally Posted by Jay C

yeah. i wonder if there really is no hope for exploits under Game, like on 1.5, or if we've all just stopped trying.

Maybe if we just split each one into 27 different parts It'll just give up checking it! lol. I don't think there's any more exploits to be found under GAME, though. There's some techinical reason but I'm not sure what it is. Stupid Sony.