WATCH: DVD player used to hack PS2

WATCH: DVD player used to hack PS2
Two decades after the PlayStation 2 console was released, a working exploit targeting the DVD player functionality is demonstrated.

In its life on the market, the PS2 has been hacked in many ways. The most obvious and complete method of hacking a PS2 is through the use of a modchip, most of which have to be soldered to the mainboard of the unit. Outside of modifying the board, there were disc swapping tricks that required a console to be opened to interfere with disc sensors. There were also some softmod methods that either involved using a modified memory card, or tricks that required the HDD expansion bay (not present on slim consoles).



The holy grail for booting unsigned / unauthorized code on a PS2 would be a method that required no modification at the hardware level, just insert the disc and watch it boot.

Twenty years after the console was introduced, software engineer CTurt has developed such a method. In a blog post, CTurt goes into detail on how he has managed to develop FreeDVDBoot - an entry-point software exploit for the console. The exploit targets the PS2's DVD-Video functionality (all PS2's can play DVDs).

CTurt found a way to exploit the PlayStation 2 DVD Player to run homebrew discs by just inserting them into an entirely unmodified PS2 console. Here is a video of the exploit in action.


The DVD player exploit is used to load ESR to boot a backup copy of a PS2 game that is stored on the same disc. Another video shows the same exploit being used to boot a small homebrew Tetris game on the PlayStation 2.



Furthermore, the blog post concludes that such a method may work on other PlayStation consoles.

"There's really no reason this general attack scenario is specific to the PlayStation 2 as all generations support some combination of burned media: from the PlayStation 1's CD support, to the PlayStation 3 and 4's Blu-ray support, with the PlayStation 4 having only removed CD support," CTech writes.

"Hacking the PS4 through Blu-ray BD-J functionality has long been discussed as an idea for an entry point. This may be something I would be interested in looking into for a long-term future project: imagine being able to burn your own PlayStation games for all generations"



Read More: cturt.github.io

Written by: James Delahunty @ 29 Jun 2020 4:00
Tags
Sony Playstation 2
Advertisement - News comments available below the ad
  • 1 comment
  • MikeMoy

    You state "The holy grail for booting unsigned / unauthorized code on a PS2 would be a method that required no modification at the hardware level"

    This has already been achieved many many years ago via Free MC Boot which is a soft mod which requires no hardware modification.

    An indeed Free MC Boot would be considered to be the holy grail as it does not rely on old failing PS2 disc lasers as the above method does. Free MC Boot can run code from memory devices such as a HDD or SSD.

    10.7.2020 07:38 #1

© 2020 AfterDawn Oy

Hosted by
Powered by UpCloud