Open Source Version Of The Play Station 3 Jailbreak

Don’t steal. It’s a lesson that children are taught from the youngest age and a core principle in every society. The PSGroove sets out to follow this mantra in several ways. It is an open source implementation of the PSJailbreak hardware we covered a couple of weeks back. It’s difficult to find a definitive source of information on that hardware but many have speculated that the original device contains stolen code. Whether that’s true or not is moot as the PSGroove doesn’t include the backup manager program alleged to violate copyright.

The device is also aimed at running homebrew, and doesn’t natively allow one to play backups. It runs on a variety of AVR hardware, including the Teensy boards. If you have one of them, it’s just a matter of compiling the code and unlocking the potential of your PlayStation 3.

[Thanks Mark via PS3news]

51 thoughts on “Open Source Version Of The Play Station 3 Jailbreak

  1. There was no copyright infringement with the PSJB dongle, so please stop spreading that. The developers had explained that a while ago. Furthermore, the device has been reverse engineered and there are several descriptions explaining how the exploit works.

  2. I’ve been monitoring this for awhile now. I was going to buy a dev board last night before code was released. Now, their sold out all over the place till November, I’m kicking myself in the head now…!

  3. I can’t find any descriptions of how or why this works. Does it put the ps3 into debug mode? There’s some cryptic message about a lv1_panic hypercall, is that the key? What’s going on?

  4. Awesome they finally figured something out with the ps3. The morons that only want this for piracy need to shut up already before sony puts the hammer down. Also, the name of the device sucks. Jailbreaking is for apple crap, not playstations.

    1. It isn’t Apple ruining everything, it is the stupid people who don’t know enough to understand that “jailbreak” refers to a very specific process.

      Keep in mind, the world is made up of 80% stupid people, 20% smart people.

  5. anyone who wanted to pirate on the ps3 could just buy a mod chip right along
    sure its a pain to install but how many people have already done it?
    if it wasnt for homebrew, i wouldnt be able to play mario kart on my psp!
    ironically, not that i really care…
    it is legal for me to do so as i own the original cartridge

  6. The fact that the hardware necessary to pull off this hack is sold out all over the place might make it harder for sony to be able to fix the exploit. They’d need to develop their own exploit using different hardware (and thus their own software) until their can get their hands on the PSGroove-compatible hardware.

  7. Now all we need is a port of the firmware to an arduino and we are all set ;-D.

    Joking aside, there is a software usb stack for arduinos, however it looks as a not so easy task to port the code over…

  8. Having had a hand in some of the Console hacking that has been done this story exemplifies why I stopped making things like this. The devs are bickering and counter releasing each other. This was posted as a cloned psJB which is kind of like saying a pile of frosting is a clone of a wedding cake (ya know minus the whole cake part). This probably spurred the purchase of thousands of teensy++ , all on misinformation.

    It is my opinion that until Game distributors come up with a media that cannot be ruined the desire to play backups of games you own is a legitimate one. All that would need to be offered is a disc exchange program. Mail in your scratched disc , with 5$ to cover the media and get one back that works. Until this happens the industry has no right to expect to prevent it.

  9. Its also worth noting , some one has already patched the “clone” to be an actual clone. But beware Sony will probably utilize their ability to see who is using it, and take appropriate action against them.

  10. Next sony firmware update is gonna ban usb hubs or some similar trick you can bet…

    Easy solution, simply don’t buy closed platforms, if I can’t run my own code on it I aint buying it.

    If enough people do this – manufacturers will soon enough get the idea…

  11. I hope all this will lead to the ps3 being an “open system” and that we will soon be able to use all of the ps3’s power… although I hate the idea of the ps3 dyeing prematurely, as the psp, because of the dev’s not wanting to work on the system “due to piracy”. All in all, I hope this leads to tons of hacks and homebrew

  12. @andrew

    The hardware used to pull this off is simply a USB equipped Micro controller. The teensy++ was just chosen out of a multitude of possible platforms due to its ease of use. A PIC18f14k50 or similar could be used, Assuming the code was ported.

    For another possible piece of hardware that could have been used check out the USBTHUMB.

    The hardware being sold out will not impact sony’s ability to react to this. They could just buy the chip the teensy is modeled on and build the 8$ worth of support circuitry.

  13. @andrew,
    It’s a heap overflow. *whips out the sock puppets* heap is where programs get extra space from. Like most overflow exploits we place some of our code into the heap and trick the computer into running it.

  14. hehe.. PS3 supercomputer anyone?

    Even better, for most applications it doesen’t matter if the PS3 has no internet connection and helpfully Sony never included a “kill_ps3_if_no_internet_for_n_days” auto shutdown mechanism..

    Sony is looking more and more like the BORG every day, with the mentality “if we can’t control it no-one can have it”…

  15. @chris Except that until April of this year we COULD run our own code on it (GPU excluded). It was the REMOVAL of this ability that pissed everyone off and spawned this whole race to fully crack the system.

    I always like the playstation (have a 3 myself), but I’m seriously considering never upgrading to 4 when it comes out after the crap they pulled this year.

  16. I tested psgroove (on homebuilt hardware), the exploit does work. It appears possible the exploit itself cannot be patched, but the current payload is firmware version specific (3.41, which I do not have installed). The function I care about (running Linux, which it was sold for) may not need to be, as the payload would then be a boot loader instead of an OS patch, but until that becomes available I’m not updating the firmware.

    I do partly regret giving in and buying a PS3 before they were properly chipped (my initial resolution), but at the pace they were removing features I decided to get an original model while I could. That was before they suddenly decided to destroy features of already sold consoles.

    @brenannthl “ROMs always illegal” is one of those convenient lies told by organizations that profit from it. The article you linked to yourself makes this clearer.

  17. > Don’t steal. It’s a lesson that children are
    > taught from the youngest age and a core
    > principle in every society.

    Except for all the ones where it isn’t.

    “15 Then upon all other thefts, which were called “not manifest,” they imposed a two-fold penalty.57 16 I recall also that I read in the work of the jurist Aristo,58 a man of no slight learning, that among the ancient Egyptians, a race of men known to have been ingenious in inventions and keen in getting at the bottom of things, thefts of all kinds were lawful and went unpunished.

    17 Among the Lacedaemonians too, those serious and vigorous men (a matter for which the evidence is not so remote as in the case of the Egyptians) many famous writers, who have composed records of their laws and customs, affirm that thieving was lawful and customary, and that it was practised by their young men, not for base gain or to furnish the means for indulgence of amassing wealth, but as an exercise and training in the art of war; for dexterity and practice in thieving made the minds of the youth keen and strong for clever ambuscades, and for endurance in watching, and for the swiftness of surprise.”

    Noctes Atticae by
    A. Cornelius Gellius

  18. I always thought that made it illegal is the distribution part, not the ROM copying part. Therefore, I’m pretty sure the illegal aspect is downloading it, so you’re in the clear if you rip it yourself, like ripping from a CD. However, if there’s proper copy protection (as seen in DVDs, Nintendo DS games, etc.) then you’re violating the DMCA.

  19. @Yann Vernier:
    Since this exploit is version specific (3.41), how have you tested it if you have not upgraded your PS3 to this version?
    And have you used Atmega or ported it to another chip?

  20. Josh and brennanthl:

    A jailbreak is the act or tool used to perform the act of breaking out of a chroot or jail in UNIX-like operating systems or bypassing digital rights management (DRM).

    The FreeBSD jail mechanism is an implementation of operating system-level virtualization that allows administrators to partition a FreeBSD-based computer system into several independent mini-systems called jails.
    (source wikipedia)

    on the iPhone it makes sense to call them jail breaks.

  21. Just watch out cause Sony Australia have just sued all the top chip sellers in Australia and now have an injunction to stop them from selling any PS3 chips at all. Having said that this is probably a top idea and alternative for home brewers. As much as I agree stealing is bad I also think big corporations like Sony being douches and wrecking it for all is also just as bad.

  22. @TJSomething

    It is illegal make your own ROM dumps, even if you never distribute them. Of course, no one ever has to know that you did that, so it’s kind of a grey area but *technically* it is still illegal.


    I know what a jailbreak is, I’m saying it’s becoming a buzzword that people are using in cases where it doesn’t make sense, just because people know what it means from the iPhone.

  23. I used my own homemade at90usb1287 experimentation board. It’s the first of the whole AVR with USB group. The exploit consists of a multitude of parts; first a convoluted sequence of USB plug events of virtual devices with invalid descriptors triggers a buffer overflow and delivers the PPC code, then it jumps to a small part termed “shell code” by some. This part of PPC code acknowledges the USB stick by sending it a message, indicating that it successfully started running injected PPC code. After that, it jumps into the “payload” code which is what patches game OS to enable “install package” and the virtual disc mounting – and that payload code is specific to the PS3 firmware version.

    So, I observed that it did run the first part of the exploit because the PS3 signals the USB device. After that it hung. I am thinking that replacing the payload code with a Linux bootloader would be the proper route for complete independence from both gameOS firmware and the piracy stuff.

  24. Arg some one should port the firmware to Microchip product. I can list 2 that would be a good place to start. I do have 4 or 5 dev kits to test ported code for,, but I cannot verify it works (no ps3).

    So I think ive done the homework to verify 2 extremely similar products, Based on the PIC18f14k25 and 18f14k50. A port for one should be nearly drop in compatible in the other.

    first is a USBThumb using 18f14k25

    The next is the Kit that this was based on which uses the 18f14k50.
    There are two versions of this board, one with a programmer one with out , The above unit is a better first choice till stock runs out then on to these. with programmer with out programmer.

    Perhaps some one is eager to port it ? Other wise when im done with my project im working on ill give it a try. Hopefully some one is looking for a project .

  25. @brennanthl – You’re WRONG! Ever hear of FAIR USE? Sorry if you’re not in the USA, but, Fair Use is valid for all media – analog, digital, etc…

    Youarewrong has it right! YOU ARE WRONG!

  26. @Dave: No real peripheral parts are needed. Get a supported AT90USB series MCU (I think any of them will work) and wire it up with the required power components and a crystal, and optional LEDs and burn the firmware. That’s pretty much it.

    @anon: Shouldn’t be hard to port, but I don’t see any reason to bother other than to tide a few people over until production on the thousands of inevitable clones ramps up. Maybe one of the clones will, since the PIC parts are probably a few 10s of cents cheaper than the Atmel. Assuming, of course, that these chips become more available than they are now, because they seem a bit tricky to source at the moment…

  27. @error

    Well if you build your own platform its literally a PIC (free sample?) a few caps , resistors , your really looking at 7-10 $ worth of parts. (assuming you have a breadboard, and a modest junk box).

    This can be used as a great learning tool. And more importantly stop the gougers from getting rich. The inevitable raping of many people by the guys on ebay is the motivation.

  28. @Captain Zilog, while I agree that brennanthl is wrong, you are also wrong as Fair Use laws in the US mean that you can use it for educational, news related, and other things similar to those, but only if you use no more than 30 seconds at a time for digital media and I forgot what it is for print.

    But, ROMs are legal none the less, just not under Fair Use. They are legal in the same way as DVD backups are so long as you don’t do it commercially and only have one back up.

Leave a Reply

Please be kind and respectful to help make the comments section excellent. (Comment Policy)

This site uses Akismet to reduce spam. Learn how your comment data is processed.