TIFF Based Exploit found, Firmware 5.03 Says Hello World!

Monday, April 13th, 2009
Share
PSP firmware 5.03 running the TIFF Exploit! :)

PSP firmware 5.03 running the ! :)

The day many PSP owners have been waiting for is coming, as PSP homebrew developer has released a TIFF-based exploit in the form of a “Hello World,” proof of concept for PSP Firmware 5.03. So the idea of running homebrew on TA88v3 / is rapidly approaching! (This is no late April fools joke)

*Update* 14-April: Version 2 has been released. Works on the Slim & PSP-3000. -> Hello World TIFF Exploit Version 2

The exploit is run in the PSP’s photo menu and takes advantage of a vulnerability found in the TIFF image library. Just think in the old early days of the PSP scene when using software downgrades and GTA: LCS TIFF exploits etc was the way to go.

This current version is only for PSP-1000 (Fat) units at this stage. But don’t fret a separate release is being prepared by MaTiAz for Slim models. Both the the PSP-2000 and PSP-3000 (Ta88v3).

MaTiAZ also commented that “a bit of awesomeness” is due out soon. We’ll keep you updated on this. Looks like we’ll all soon have hombrew access again on Firmware 5.03.

The days of TIFF based exploits aren’t long gone, at least not yet
Here’s the third TIFF exploit for the PSP, enjoy.

Just copy the files to the memory stick root, disconnect USB and go to photo menu.
Don’t dismiss the exploit even if it doesn’t work on the first time, it’s *very* unstable.
You might get it working on the first time, but you might as well have to try it 20 times!

The h.bin is loaded to 0×08800000, and the text address of paf.prx is passed in $a0 to the
binary code. You can then trick out function imports, like for example sceDisplayWaitVblankStart:

sceDisplayWaitVblankStart = (void*)(paf_addr+0x15F068);

This release works _only_ on fat PSPs. The slim version will come out later.

I’m not gonna include a list of credits here, I’ll just forget some important names and then
I’ll be screwed :P The people who need to be credited will know it anyway.

Have fun!

P.S. Just wait a few days, there’s a bit of awesomeness coming up.

- MaTiAz

Please see installation instructions included in the file.

Source: 5.03 TIFF Hello World


Download: Hello World TIFF Exploit for Firmware 5.03
(Hello World TIFF Exploit for Firmware 5.03 - 115.2 KiB - 3,753 Hits)


Similar Posts:

  • None Found


Tags: , ,

Posted in PSP Homebrew

  • http://pspslimhacks.com/ PSPFan

    Just when I thought the days of TIFF exploits were well over…. My Guess is Sony will soon try and release a patch to patch this exploit up. I suggest if its released that PSP-3000 & PSP-2000 (TA88v3) owners don’t update :) You might want to see were this exploit is going.

  • n00b81

    Its important to note that MaTiAz himself won’t be working on the 2k/3k releases due to the fact that he doesn’t own a slim himself :) Likely to be someone like FreePlay.

    n00b81

  • dimy93

    Nothing for now but I’m quite curious what MaTiAz is cooking up -I’m quite sure that it would be something very big or at least it sound like that
    Keep your fingers crossed people :)

  • PSP ruler

    YAHOOOOOOO!!!!!!!!!!

    Finally! Hope!

  • k91po

    i dont get it

  • good job

    congratulations!! you hacked the 3000

  • http://pspslimhacks.com yehuda

    can somebody explain this 2 me., how does this work., im new in having a psp 2001 5.03 fw., pls response.,

  • joe joe

    @yehuda
    currently you can’t do anything with it.
    its just a step forward in hacking it.

  • http://pspslimhacks.com yehuda

    @joe joe
    tanx dude., my psp disables pandora., does it mean that its a v3.,???

  • .ISO

    @yehuda, ya probably.

  • http://pspslimhacks.com yehuda

    thanks.,.. ill just wait then.. until its hacked., good luck!!!

  • http://aaronmax.deviantart.com waveofdoom

    wait a sec, so this will allow psp-1000s to be hacked without a pandora battery?

  • ragnarok01

    MMMM OK im not sure i tested in my phat and load the photo it says something then shuts down thats all or there is something else i’m not getting???

  • BeliEveR

    go MAtiaZ go!!!

  • aeon44

    uhmm.. so if Matiaz released a psp-3000 version of this update, does it mean that the psp-3000 will be hackable??

  • Pingback: Firmware 5.03 TIFF Based Exploit Released | TIFF Exploit | PSP-3000 Hacks

  • http://pspslimhacks.com pogiakkano

    will this work in psp 2001 5.03ofw? v3?

  • http://pspslimhacks.com/ PSPFan

    Not yet, but they plan to release a PSP-2000 / PSP-3000 version in a few days.

  • http://pspslimhacks.com pogiakkano

    @PSPFan
    f this program will be released., will it need pandora.,?

  • argis123

    i have tried the tiff exploit on a psp 3000 with firmware 5.02 it crashes and restard

  • Neltharion

    yesssssssss finally

  • http://www.bebo.com/RyanW_18 Rhino

    oo skeen

    so if da 3000 version comes out how do i go about puttin dis on my psp 3000???

    i mean like where do i put it???

  • PSP ruler

    Just wait until the 3000 version comes out. There will be instructions included in the file package. Try it now, and the PSP will just crash(And turn off).

    @pogiakkano
    Heck no! This is a software-based hack. No pandora is needed.

  • pogiakkano

    @PSP ruler
    ok tanx 4 d info… when will it be released…? i onw a psp 2001 5.03ofw.. v3… pls make a 200x version. tanx…

  • PSP ruler

    Patience my friends. Iknow it will come out *soon*

    P.S. I don’t long is *soon*, but here is a clue: in a few days ;)

  • http://insaneskill.blogspot.com ngageqder

    Yo, this is killah! I am going to buy a PSP-3000 in a couple of days, though I know the crack’s not out yet. But I hear the prices will go sky high soon as the crack’s out.
    So I am just going to sit with my fingers crossed, beside my 3000 till then…. :)

  • aeon44

    there has already a version for psp phat and slim, but derz still no version for the psp brite.. just go here, “http://forums.mformature.net/showthread.php?t=2242″ to download the psp-2000 version of this update by matiaz.

  • http://pspslimhacks.com pogiakkano

    @aeon44
    thats not the finished program for downgrading the psp slim… 5.03fw v3…

  • RAWR

    hmm i wonder what the awesomeness is gonna be

  • abdul

    can somebody help me when u put it on does the psp switch off and what folder do the downloaded games need to be in

  • Drake

    The awesomeness is a hombrew loader through this TIFF exploit. Meaning hoebrew on PSP-3000s !!! Yeah I cannot wait for that day. My PSP-3000 is dusty. Time to wipp that of with the homebrew goodness in a few weeks

  • Crowbar

    Its gonna take a lot more work to downgrade the slim/brite with the tiff exploit than to do it with a phat psp since the exploit can manipulate the version firmware the psp thinks it has because psp phats can go down to v.1.5, while v3 slims/brites can only go down to 4.01. so its gona be a miracle to activate the kernel mode with what little code the tiff exploit can hold.

  • .ISO

    @crowbar
    please, shut up if you don’t have a clue what you are talking about…
    who says that you must downgrade a psp in order for it to have custom firmware?
    the exploit can simply chainload a cfw installer rather than downgrader…

  • Greg

    I have a Ta88v3, supposedly its can be hacked now. I have tried the exploit multiple times, each time I open my Photo part of the XMB the PSP freezes, any help? Or is Ta88v3 exploit to unstable to work properly?

  • .ISO

    @Greg,
    We are not fully sure what MATIZA have up in his sleeve to reveal, therefore the public is not sure if it will be hacked or not.
    Also, if you have read the descriptions, he did mention that the exploit is fairly unstable, requires many tries before h.bin can be chainloaded

  • Greg

    Thanks for the response .ISO

  • .ISO

    Also, did you download the new PSP-2000 version?

  • .iso

    however,if i run TIFF Exploit no i can play iso file games?

  • Greg

    No. Not yet. You’ll have to wait a little longer for that!

  • Greg
  • ME

    I tried tiff on 3000 5.02 and it worked

  • MeMo!

    yeaaaaaaaaaaaaa
    i can’t wait
    for new releases =D
    yeahh
    ta-088v3 is not hacked yet but
    i see the light at the end xD

  • Karnbmx

    WTF! Not working!

    I tired renaming it… EVERYTHING!!! The tiff keeps on moving to the front (first picture)… I tried moving it to the back but no luck…

    HELP please?

  • gnoby_anatomy

    I just dumped the slim.tiff to the root memory of my PSP 3000 OFW 5.02 then I dumped 8 copies of photos (jpeg) in \PSP\PHOTO. Disconnect USB and then browse the photo directory. I scrolled ups and down then my PSP 3000 unit went died (went off)

    I thought I bricked it but not (hey I believe in you MatiaZ) I powered it on then I’m back again. I guess I’ll give it another try until I got the flash of the exploit.

    Yodda man MAtiaz and including all the PSP God Smackerz. Thanks guys! really appreciate your work. I can’t wait until tuesday.

  • gnoby_anatomy

    It could work I think. I just can’t get the exact timings to invoke it. But after I browsed photo folder for at least 10 sec my unit freezes for at least another 5 sec and then screen goes blank, I hear a sound (like a croak! sound) then the power went off. I tried this for at least 15 times … I think that the exploit is too fast and I cannot see the flash of Hello World exploit …

  • DragonRiderWolfe

    Hey guys, I just d/l the exploit to my psp 2001 (ta88v3) and I used the slim photo. I’ll list the installation steps, ok?

    1. Place the h.bin into the MSROOT (or x:\ drive).

    2. *Place the phat.tiff (if you have the thicker PSP) or slim.tiff (if you have the thinner PSP) into the x:\PSP\PHOTO area.

    3. If you have a theme activated, I had read on dl.qj.net to *disable this theme. However since I only possess the Slim type, I know it works for slims.

    4. Go into the photo on the XMB and click onto the photo. It will use either the photo or turn black then automatically shut down.

    5. Reboot after the shutdown process is complete and enter the photo menu. The screen will go black then it will reboot with these words in this format exactly:

    “Hello World for PSP Firmware 5.03
    Running via The Easter Eggsploit. :>

    Exploit by MaTiAz

    Thanks to malloxis, FreePlay, Archaemic, wololo,
    Cloudy, Davee and everyone else who was involved.

    Also hi Sony :D

    After you see this message, since the exploit is only for showing, you need to reboot your PSP through hardboot. Don’t go into the photo folder again though or the message above will occur again (unless you wish to see it again, which I don’t know why people would after the first boot but…). Anyways, I got mine up on the 1st try so, it might work that way. Good luck guys.

    • http://www.gamer911.moonfruit.com lb8068

      If I copy h.bin to MP_ROOT, will it work? I have tried copying it to F:/ and tried more than 50 times, no joy.

  • sam

    do you have to copy the readme file?

  • gnoby_anatomy

    I think not because its just a readme (HOWTO’s) the main hack is within the code itself – within the h.bin file. Anyone knows how to open h.bin? – maybe i’ll try a HEX editor – my thing is just to take a peek on the codes.

  • Josh

    Guy how come the tiff is not working for me i need help please and i have a fat psp

  • mike

    after you do the tiff exploit what can you do with your psp after that if you have a phat