Editing SPU LS Overflow Exploit
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 9: | Line 9: | ||
<br /> | <br /> | ||
http://pastie.org/1898468 | |||
---- | ---- | ||
Line 17: | Line 17: | ||
So maybe it would be a good idea to first try it with metldr as we can pass our modified loader without having to flash it. | So maybe it would be a good idea to first try it with metldr as we can pass our modified loader without having to flash it. | ||
Also the SCE header is usually not that big but it needs to be tested to which offset in the LS the data gets copied. If the offset is after the executable code the header will need to be rather big as we are trying to overwrite the code, so the address needs to wrap around to zero IMHO. | Also the SCE header is usually not that big but it needs to be tested to which offset in the LS the data gets copied. If the offset is after the executable code the header will need to be rather big as we are trying to overwrite the code, so the address needs to wrap around to zero IMHO. | ||
---- | ---- | ||
Please give your ideas/workings here, I figured using the devwiki would be better than forum threads since they are just full of people wanting a simple solution, lets work together instead.<br /> | Please give your ideas/workings here, I figured using the devwiki would be better than forum threads since they are just full of people wanting a simple solution, lets work together instead.<br /> | ||