In context: The PlayStation 2 just celebrated its 20th birthday on March 4. Although the console is quite dated, it still has many fun and enjoyable games. Its age also makes it a great candidate for playing and creating homebrew titles, since voiding your warranty is no longer an issue if you mod the hardware.
Modding the PlayStation 2's hardware to play homebrew games and backup discs may be a thing of the past thanks to an exploit found by a security researcher. CTurt created software called FreeDVDBoot that uses the PS2's DVD player as an entry point to bypass disc checks at the software level. No hardware modification is required.
Hacks and Mods; PS2 Mod 2016-19: USB & HDD Loading, PS1 via POPS, Emus. PS2 'fat' console (model number SCHP 39001 date code 3A). HD Loader is good for. Later hackers found ways to install and play any game ISO from the HDD using special programs and modifications. Currently the most common method of doing this is by using a softmod called FreeMcBoot on a memory card. Then loading a program called OPL (Open PS2 Loader). OPL can load ISOs from USB, HDD and Network. 3) 60GB PS3 Launch Model (CECH-Axx) - Full hardware compatibility (EE+GS) for PS2 games. Basically a HDMI PS2. With CFW you can use your own ISO files directly without a disc. 4) PS2 Console (SCPH-5000x) - Quietest of the fat models. Compatible with HD Loader / Open PS2 Loader with network adapter. Hacks and Mods; PS2 Mod 2016-19: USB & HDD Loading, PS1 via POPS, Emus. PS2 'fat' console (model number SCHP 39001 date code 3A). HD Loader is good for. That's some of what I can think of. The whole PS2 modding thing is based ultimately on your perference. I have both, a modded fat PS2 with a 200GB HD istalled. I used HD Loader version 1 to format my HD and also, only HD Loader V.1, besides HD Avance, will allow you to use full space in HD. After my HD was formatted, I have 186GB of free space.
The PlayStation 2 will not load burned game discs, but it will read burned DVDs. CTurt saw this as a potential attack vector and began exploring how the PS2's optical drive plays DVDs. He eventually found that the hardware starts DVD loading by reading the disc's IFO file and writing data to a RAM cache.
Without going into the technical details, which you can read in his blog, CTurt created a corrupted IFO file that generates a 'large read overflow.' Essentially, it loads an ELF (Executable and Linkable Format) file—the type used in homebrew games—into the system's cache, which is then pushed into the main memory by the overflow.
This method completely bypasses the PS2's physical disc copy protection because the system thinks it is preparing a DVD for video playback. It is unique because CTurt claims it is the only exploit that does not use non-native hardware like network adapters, an HDD expansion, or a modchip. It also does not involve physically blocking the disc tray sensors. All that is needed is a disc.
The exploit can be used for a few things. As mentioned, homebrew games and burned backups are possible. CTurt showed a video running a backup of Shadow of the Colossus (above). Another shows the PS2 running a Super Nintendo emulator (below). It is also possible to put multiple games on one disc (providing they are small enough) and run them from a startup menu.
He also says that since all optical drives, including CD and Blu-ray, operate on the same principle, the exploit could potentially work on anything from a first-generation PlayStation through to the PS4.
'There's really no reason this general attack scenario is specific to the PlayStation 2 as all generations support some combination of burned media: from the PlayStation 1's CD support to the PlayStation 3 and 4's Blu-ray support, with the PlayStation 4 having only removed CD support. Hacking the PS4 through Blu-ray BD-J functionality has long been discussed as an idea for an entry point,' wrote CTurt. 'This may be something I would be interested in looking into for a long-term future project.'
While FreeDVDBoot does not have support for all DVD drives used in the PS2 line, he is working on expanding support. Instructions and the required files are posted on GitHub for those interested in trying it out.
Hello and welcome to YoYo's guide on soft modding your fat ps2, here you will learn how to soft mod your ps2 to play back ups without a modchip, play emulators, play homebrew, watch .AVI off of a HDD, load back ups off a internal and even external HDD, and much more. This guide is designed to help you get the most out of your PS2 without spending money!
Ok, wee are first going to start by having you download the required programs, I have taken the time to add everything you will need into one rar, Download it HERE! Make a new folder on your desktop named 'PS2 Mods' and extract the rar you downloaded from above to the folder you just made. Now that you have the files your going to need, it is time to find a PSx/PS1 trigger disk. When you load a PSX/PS1 game in a fat PS2, the ps2 looks for the file on your memory card called 'BOOT.ELF' Having that file modified the ps2 will boot uLaunchELF, a PS2 homebrew app. that is used to launch .ELF files on a PS2. Finding a PSX/PS! game that works as a trigger disk can sometimes be hard, I once seen a list online but can not seem to find it anymore, once I find it I will be sure to add it. I use Silent Hill 1 for PS1 as my trigger disk, I also know that THPS 3, Cool boraders1 and 2 work. Now that you have your PSX/PS1 and put it in your disk drive and wait for it to load. Once your computer has loaded the disk go to your PS2 Mods folder, go to PS2 Softmods folder and run the program IDGET.exe. The program will start and press the button 'Get' and it will tell you the ID of your PS1/PSX game, WRITE THIS DOWN!!!!!!! Next run the program Titleman Frontend, Click ‘Create TITLE.DB’ and next enter the ID of your PSX/PS1 game your using, click ‘Add Exec’. Click ‘List current contents of TITLE.DB’ and confirm your entry. Pay special attention to the initial four letters, sometimes TMFE messes these up. The TITLE.DB you just made is in the Titleman Frontend folder. Now open the program PS2 Save Builder. Note* If your some what lost on what wee are trying to do. The goal is to get the files TITLE.DB and BOOT.ELF on to your memory card, so when you try and load your trigger disk, instead it will load uLaunchELF. OK, on PS2 Save Builder at the top go to File create a new save. Ok now under ‘Root/ID’ put ‘BADATA-SYSTEM’ for US/NTSC or put ‘BEDATA-SYSTEM’ for EUR/PAL. Ok now wee need the TITLE.DB you made, it is in the Titleman Frontend folder, drag and drop the TITLE.DB onto thw white box on PS2 save builder. Next drag and drop the 'BOOT.ELF' onto PS2 save builder. Also, drag and drop any of the other .ELF's you would like on your memory card. If I were you, I would only add Cogswap.ELF and HDL.ELF on your memory card, having to many .ELF's on just your memory card can take up ALOT of space on your card. I would recommend using a USB flash drive/external HDD to keep your .ELF files. But as I said you at least want Cogswap.ELF on your memory card. Cogswap loader is a program used to boot back up games on your PS2, it is handy to have it on your memory stick ;) And now that I think of it, I didnt add Cogswap.ELF to 'PS2 Softmods' rar.. You can download CogSwapLoaderHERE Ok so now on the PS2 save builder you should have these files BOOT.ELF TITLE.DB COGSWAP.ELF icon.sys my.icn Now at the top go to file and save as, name the expoilt and right below the file name you will see the drop down box were you can change the file format, if you are using AR Max you must save the file in .max to the root level of you USB Flash drive/PSP. If you are using codebreaker you must save the file in .cbs to the root level of you USB Flash drive/PSP. Ok plug your USB flash drive/PSP intothe USB ports of your PS2 and start AR MAX, when AR MAX loads go to Max memory. When it loads press X on My device's. Choose memory card 1. Find and select ‘Your System Configuration’, then choose delete to delete it. Wee do this because our exploit files are going into the same folder as the system configuration (BADATA-SYSTEM) and certain versions of ARMAX will display an error (File already exists) if you don’t do this first. All the system configuration file contains is a couple settings (screen size, language, etc), so don’t worry about deleting it. These will be reset to default after doing this. Ok now press triangle to go back then go over to your UBS drive, press X it will load and you will see ‘NEW_FILE’ (this is our exploit.max) and go down to ‘Uncrush to MC1'. Confirm and wait a couple seconds for it to extract. :) Alrighty! Once it has finished shut off your PS2, reboot your PS2 and put in your PSX/PS1 trigger disk and the memory card with your newly added expoilt. Start the game and if it worked the screen should blink once and then load to this screen but with a white background ;) You have just soft modded your Playstaion 2 :great: Ok from you press O and it will take you to the file browser, from here you can search all device's on your PS2, your HDD, your memory card, launch .ELF's fromUSB drive/PSP or external HDD and run .ELF files (AKA: Hombrew :) ) The .ELF's files the I gave you in the download are HDL_0.8b.elf = HD Loader, Play Ps2 game from your internal HDD CogSwap.elf = Loads burnt PS2 back ups. A tutorial on how to use cogswap can be found below SNES_EMU.ELF = Super nintendo emulator :) Roms not included USBA_WAR.ELF = USBAdvaned, Play back up PS2 games off of a USB drive :) SMS Verison 2.5 (Rev.3).elf = A very nice media played that plays MP3's, .AVI, .MP4 has bugs though. I this program. Note* This guide is Not done, I plan on adding much much more.. please come back soon :) NOTE- A new and better method of booting back ups is now out on PS2, I will make a new guide soon.
<Myth0s> i love boys ------------------------------------------------------------------- I Go To Earth When Mars Is Boring. ------------------------------------------------------------------- ¿ʞɔпɟ əɥʇ ʇɐɥʍ I was first EPerson to have upside down title. -------------------------------------------------------------------
(This post was last modified: 17/09/2008 08:41 AM by YoYoBallz.)