The current state of Vita hacking (September, 2012)

September 19, 2012

The last few weeks have been extremely exciting for Vita hackers and gamers. Not only is Sony showing more and more support for the console, we’ve seen, if not always releases, proofs of many exciting hacks going on on the Vita. VHBL, PSP iso loading, native exploits, hardware investigations… Lots of things have changed since I last made a summary of the Vita hacking back in July, so it’s time for a new status report.

1. VHBL and the PSP emulator

As of now, VHBL is still the only way to run unsigned content (homebrews) on the PS Vita. Granted, VHBL is fairly limited (it won’t let you run any native vita code, or any isos), but that might also be the only reason Sony doesn’t definitely kill it: VHBL is mostly harmless to Sony for now, yet it will allow you to enjoy a large collection of emulators and homebrews. Although as I type this, the game we use as a vector for the latest exploit (the Monster hunter series) has been patched on the latest Vita firmware 1.81, we still have access to dozens of exploitable PSP games, in order to port VHBL, and I know that many devs are still looking for PSP exploits and port VHBL to their own exploit.

In parallel, we’ve seen more and more proof that a PSP CFW is definitely possible on the Vita. That would mean that most of the things we do on our hacked PSPs could become available within the PSP emulator on the vita: Iso loaders, potentially full PS1 support, better homebrew compatibility, potentially plugins support, etc… I have been made aware of more and more teams with access to some PSP Kernel exploits, and to me it is only a matter of time before one of these teams release a PSP CFW that would be compatible with the Vita.

On the other hand, investigations about Kermit, the module used for communication between the PSP emulator and the vita hardware, have been kept under wraps. Was any progress made on this, in order to access the Vita itself? At least nothing was made public, or communicated to me. Last time I checked, the vita has some pretty good securities in place to avoid “simple” buffer overflow exploits or stack corruption.

2. PS Vita NAtive exploit

While the investigations in the psp emu world seem to be “stuck” in the psp realm (a bit like the 3DS exploits allowing only NDS support), other breakthroughs have been made in other parts of the Vita. The most memorable one so far is Yifanlu’s announce of a Native vita exploit, which is believed to be somewhere in the Playstation Mobile suite. After the initial hype generated by his announce however, Yifanlu has tried to stay a bit more quiet about his progress. A “Hello World” video he published to showcase his exploit (showing a 3D cube floating in a room with lots of texture details) was quickly removed to avoid more unnecessary hype.

It is still a bit unclear if anything useful for the end user will come from this work. First because most of it has been kept secret so far, and second because it could be one of those exploits that gets patched immediately by Sony. But this work was made public only a few weeks ago, and Yifanlu already announced his loader is ready for a closed beta, so I’m very hopeful to see good things come out of this.

3. Hardware investigations, and people from the outside world

It is interesting to note that most of the Vita hacking community is for now made of people who came from the PSP community with a legacy interest in Sony’s portable consoles. That being said, Yifanlu came from a quite different world, bringing his experience from Kindle and Xperia play hacking.

Other hackers are getting interested in the Vita too. Such is the case of Japanese developer goroh_kun, who is locally known for his work on Android. goroh_kun claims he managed to make a memory dump of the Vita through PSM, and his reputation is backed by fellow scene blogger mamosuke at gamegaz.

In addition, goroh_kun started recently to look closely at the Vita hardware, something that in my opinion is very valuable, seeing how most recent console hacks have always stemmed from an initial hardware hack (psp, xbox, ps3…). Goroh_kun mentioned however legal issues with sharing his work, for example a memory dump of the Vita cannot easily be shared since it contains some copyrighted content from Sony.

Could hardware vulnerabilities give hackers access to the Vita CPU? This picture shows what could be a JTAG port.

VHBL still going strong, more and more proof of psp kernel exploits, a usermode native exploit, leads in other areas, and a hacking community that seems to start growing… Things seem to be on the bright side for Vita hackers, what do you guys think?

Tweet this!Tweet this!

Previous post:

Next post: