PS2 Independence Exploit

The PS2 Independence Exploit allows the execution of homebrew programs on an unmodified PlayStation 2.

Exploit details

When a PlayStation (PS1) game is loaded in the PlayStation 2, the console looks for a file called TITLE.DB which, if present, is located in the Memory Card's directory BxDATA-SYSTEM (where "x" is a letter corresponding to the console's region –e.g.: "E" for the EU, "A" for the USA or "I" for Japan, this directory corresponds to the "System Settings" save). This file is a database of special options to be applied to specific PS1 games for their correct operation.

The exploit relies on creating a deliberately incorrect entry inside this file, which triggers a buffer overflow and, combined with a small stub loader located in the file, allows the execution of unencrypted code from the Memory Card upon the insertion of a specific PS1 game. Normally, only programs encrypted by Sony, such as the DVD player, will run from the Memory Card.

The discovery of this vulnerability in the PS2's software opens up the possibility of running programs created by the PS2 homebrew developer community without the need for a modchip or disc swapping techniques (e.g. "CogSwap or Swap Magic").

Installation

Triggering the exploit requires a way of installing the modified files to the Memory Card, which is not possible by normal means.Installation is accomplished either from a console (modified or with the exploit already installed), a Memory Card reader/writer, a disc swapping technique or through the use of some commercial programs allowing USB flash drive to Memory Card transferences, such as Code Breaker (versions 8 and higher) or Action Replay MAX, by transferring a modified "System Settings" save file.Alternatively a more involved method can be used, through the combination of a hard disk loader program (HD Loader/HD Advance), an ISO image installer program for PS2 (such as WinHiip), and an image of some program allowing installation (such as Ubergeek's Exploit Installer http://sksapps.com/index.php?page=exploitinstaller.html)

Benefits

With the exploit installed, the user is able to run programs from Memory Cards, optical discs, network or USB flash drives.Programs are found in the ELF executable format.

Popular programs include media players, Memory Card/hard disk management tools, emulators, and loaders (able to launch other programs, or "backup" games).

The exploit on newer consoles

The original Independence Exploit method does not work on newer "slim" PS2 models. However, there are other ways of installing similar programs to the memory card using Swap Magic discs or commercial cheat discs, such as Action Replay MAX.

Free MC Boot is a newer PS2 exploit that is more user friendly (once set up) and works on all models of the ps2.

ee also

*Homebrew (video games)
*SNES-Station
*PGen

External links

* [http://sksapps.com SKS Apps] - Huge ELF Repository
* [http://ps2-scene.org PS2-Scene] - The original and largest community PS2 orientated website. Largely a discussion forum.
* [http://www.ps2savetools.com PS2 Save Tools] - Save game editor and related tools.
*There are many lists of known PS2 ELFs online e.g.: [http://www.exploitstation.com/files/elfs.html at ExploitStation] .
* [http://www.exploitstation.com/index.php?page=faq Exploitstation FAQ] - In depth How-to and explanation
* [http://www.afterdawn.com Afterdawn] - Tutorials and forums.