Slashdot Mirror
Open Source PS3 Jailbreak Released
tlhIngan writes "Despite all the lawsuits and injunctions by Sony to keep the PS3 Jailbreak out of modder's hands, it appears that a third party has made a clone. The best part is, it only requires a cheap (approximately $40) development board by Atmel, and the requisite software is open-source. Get the Atmel code from GitHub and apply a small patch which will enable backup play (the code by itself only lets you run unsigned code, the patch allows for BD backups). The code is GPLv3. It would be highly ironic if someone ported this to Linux USB Gadgets, then you could use a Linux device to jailbreak your PS3, to which Sony removed Linux functionality. An Android phone would be suitable."
Because it runs Linux?...oh wait.
Rhymes that keep their secrets will unfold behind the clouds.There upon the rainbow is the answer to a neverending story
Now, let's get working!
http://kakaroto.homelinux.net/2010/08/psjailbreak-usb-gadget-kernel-driver/
There you go. Still not released, but well underway (check the blog for updates).
http://www.ps3news.com/PS3-Dev/ps-jailbreak-ps3-exploit-reverse-engineering-is-detailed/
It emulates a six-port hub and connects/disconnects devices with corrupted descriptors (that have their size changed on-the-fly!) in a particular order to smash the Heap so you can use a corrupted malloc boundary tag to overwrite the call to free() so that after the failed Jig authentication tries to release the memory allocated for the cryptographic response it will launch the shell code that was dropped into memory using a USB descriptor.
It brings a tear to my eye. Truly, one of the most beautiful things I ever had the privilege of understanding.
:(){