Would you like to get all the newest Gaming News from
QJ.NET in your email each day?
Want to learn more about the team who brings you the QJ news?
Read about them now!
This is a discussion on PMF Exploit within the PSP Homebrew and Hacks Discussion forums, part of the PSP Development, Hacks, and Homebrew category; This is an example of the pmf exploit. works on any FW's (only tested on 2.5,2.6) NO GTA NEEDED Reported ...
I know this is gonna be a stupid question, but what is this and what does it do D:?
Looking at the readme, it says that this is a possible exploit similar to TIFF exploit on 2.5/2.6 firmware. Here's hoping this will open the homebrew doors fully to those with 2.5/2.6 firmware .
What It Does:
Crashes The Firmware Similar To The TIFF Exploit and as a result of this it may be possible to add Code To Run Homebrew...
Sorry... but this is not a tiff exploit... its a pmf exploit... im just saying it may be able to add code in it and boot it up. When you test this your psp should freeze similar to the tiff one but its not exactly the same. right now there is no proof it can run any code. all i have done is errored some data to freeze the psp.
Where'd you get it? Also this isn't the place for this thread, go to the Homebrew and Hacks forum next door, not the development forum
Seems cool though...
But of course, a freeze is nothing...
No problem... This is a no-flame board
O_o.... odd. after googling PMF exploit, some guy [fanjita???] said that he would eat his psp if this worked, so im steering clear.....
Umm, please read the latest front page post regarding how the exploit works. Then maybe you'll understand it's not a crash but an overflow.
Considering the implications this claim to an exploit has, could you please also respond to this response made by Fajita (from 2.0 bootloader fame):
Hmm, this is pretty much what I expected was going on with this exploit.
So - you're trying to run with TIFF exploit via code that's designed to load PNGs, you've stuck what seems (didn't look closely) to be a WAV into the Atrac3 slot, and you've done something odd with resizing the overflow TIFF (presumably destroying the exploit code in the process).
Which part of this did you think would give you running code, rather than simply crashing the PSP by giving it the wrong file formats?
I'd be extremely surprised if you manage to build a working exploit from this code. (Currently, it's not an exploit - just a crash. The PSP, having such high quality firmware (/sarcasm) is kinda prone to simple crashes). I'll eat my PSP if you manage to run the TIF exploit via PNG display code.
If you're going to try to find a working exploit, abandon the fixation with the TIF exploit. That's been patched. Instead, do some research on what bits of code might actually have real vulnerabilities, and target your attacks on those.
And please, please, please - unless you have a real exploit, don't fill all the front pages with exaggerated claims.
(Apologies for unconstructive tone - but I feel the hype created around this one deserves it).
source: 2.5 loader Test
Not trying to be a negative **** here, I hope for a genuine exploit, but considering Fajita based his bootloader on the overflow.tiff and basically says this does nothing, Id like to see what you think of this.
That quote was from iball.
Noone have said that it was a tiff exploit. And neither is this a pmf exploit until someone can prove that it can run code. Now it is just a pic with some corrupted code. (please don't get me wrong, I'm not trying to be negative.)Originally Posted by DavidSkelton
btw. This should be moved to the 'Hack' section.
how did u even create that exploit when there are like almost no resources available about the PMF format. Did u contact Dr. Eggman or something, i think he was one of the first to reverse engineer the PMF format.
He probably just opened it up in a hex editor and changed some strings to make the picture courrupt = psp freeze. Or at least something like that.
Nope, it was from Fanjita.Originally Posted by NaYoN
EDIT: Nope, it's a mangled mash of one of my posts and Fanjita's.
[size=-2][center][b][color=purple]Nintendo DS WFC codes[/b][/color][/center][/size][size=-2][center][b][color=green]Mario Kart DS: 180448 583615 (I-Ball)[/color]
[color=blue]Animal Crossing: Town of Sampson 4853-9284-6519 (I-Ball)[/color]
[color=red]Metroid Prime Hunters: 5025 8054 3555[/size][/center][/color][size=-2][center]-----------------[/center][center][color=blue]Homebrew authors! If your software is based upon GPL code then you MUST release the modified source code you created the same time you release the binaries![/b][/size][/color][/center]
[size=-2][center][b]Supercard mini-SD w/2GB 150x Mini-SD card, SuperPass II, FlashMe v7 and an EFA Linker II GBA flashcart[/b][/center][/size][/spoiler]
check ofset 0x9C0 to 0xAD0
anybody else think he was trying to form some sort of an image or was it a coincidence
So has this just ended or is there still some life on this topic?
pretty much ended
yup most likely ended , would'nt even mind if the mods closed it
Last edited by simmcity; 01-25-2006 at 12:32 PM.