PS3: Progress on Slim/Super Slim hardware hacks. Fresh hopes for a full-fledged CFW?
PlayStation scene dev Zecoxao has shared a screenshot of a work-in-progress series of tools by MikeM64, designed to hack the PS3 (Slim and Super Slim in particular) further.
PS3 Super Slim mitm hack. What is it, and what’s the big deal?
Hacking your PS3 nowadays is reasonably easy with the likes of PS3xploit and PS3HEN, but there are limitations for new models, in particular the PS3 Super Slim. Namely, the latter Slim and Super Slim haven’t been “fully” hacked, and cannot run PS3xploit, which is a full Custom Firmware. The latter Slim and Super Slim are “limited” to PS3HEN, which has a few limitations compared to a full Custom Firmware.
In practice, most people running PS3HEN (PS3 Homebrew ENabler) won’t feel any difference to running a Custom Firmware, except for the fact that PS3HEN has to be re-launched at every reboot of the console, while a Custom firmware is a much more permanent solution, which also gives complete control over the console.
Again, although in practice the differences between a HEN and a CFW are minimal, the latter PS3 Slim and Super Slim models are the “last man standing” against hacks that would give tinkerers full control over the PS3.
This is where the recent work from MikeM64, as demonstrated by Zecoxao, comes into play. People equipped with the right hardware and modchips can run these tools to try and “trick” the console through a man-in-the-middle attack, letting the console believe its boot sequence is properly secure, when in fact the hacker has injected a slightly different payload, giving them partial control of the system.
The required hardware is “simple” (but the skills involved are not) , namely an Arty-S7 50 (although MikeM64 states this could easily be ported to any Arty A series) and the accompanying generic cables.
This of course doesn’t look easy, but if no software flaws are found, this design could probably be miniaturized into a fairly simple modchip.
This whole endeavor appears to validate a theory that was mentioned almost ten years ago by PS3 Homebrew dev JuanNadie, back in the ps3hax days.
The ultimate goal is to get a CFW running on the console, but before that, to be able to dump the boot programs of the console, and possibly find software flaws in them, to avoid having to rely on hardware hacks.
With this being said, as we’re reading this, it seems like full control of the console through hardware modchips would still be possible even if no software flaws are found.
Download the mitm tools and lv0ldr payloads
Source: via Zecoxao
![](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="350" height="200"><rect fill-opacity="0"/></svg>)
![](data:image/svg+xml,<svg xmlns="http://www.w3.org/2000/svg" width="80" height="80"><rect fill-opacity="0"/></svg>)
That’s probably the message that most ps3 slim owners wanted to hear
Hmmm, why use some type of modchip when you can easily click on PS3HEN activate it, takes about 10 secs and same as CFW.
There’s something about controlling even the boot sequence…until you do that, Sony could still patch existing exploits.
And HEN can not modify LV1 so we miss out on some good stuff like unencrypted PS2 games, CCAPI & limits what we can mod on the XMB.
Well it’s better than nothing. And it plays games….so.
Good luck with obtaining HDD encryption keys and any other LV1 hacks on HEN… “Ignorance is blessing”, someone said in the past…
relax I dont play online evilnat ps3 slim 4.88 rocks
Who cares when we have PS3HEN