Apologies if this has been covered before. I did a search and couldn't see it.
It occurred to me that there are known exploits in PNG file, especially with LIBPNG under linux. These have been fixed in the latest releases, but I thought it would be worth a try anyway.
I created a PNG which should jump to address 0 on a libpng implementation which is vulnerable to the attack. I couldn't include it inline in case it killed some of your browsers :) Below is the code I compiled:
http://lists.virus.org/bugtraq-0408/msg00158.html
I replaced the icon0.png in a savegame directory and crossed my fingers. Unfortunately, it just displayed an image of the playstation buttons, indicating it was an invalid file format.
I compiled the above file using MinGW on a Windows PC rather than a Linux PC which it was designed for. I don't know if the byte ordering or anything else could have affected the output. I don't have a Linux box to compile it with and see if the same happens.
I also noticed that the other thread dealing with Wipeout Pure's online download contained a ZIP file. There are also known exploits for ZIP's which may be worth testing. I guess you would need some sort of proxy to get the PSP to download a false ZIP from your local server. The link below contains information on the ZIP exploit:
http://www.securiteam.com/windowsntfocu ... 1PC1Y.html
There may be other compressed files on the PSP which are really ZIPs that may be easier to exploit.
Steddy (in anticipation of being locked)
File format exploit
hey admin,
look at the filesize! 18,9kb
http://66.102.9.104/search?q=cache:Oda3 ... =firefox-a
Please delete my account, im to stupid to dev for the psp :-)
look at the filesize! 18,9kb
http://66.102.9.104/search?q=cache:Oda3 ... =firefox-a
Please delete my account, im to stupid to dev for the psp :-)
Last edited by Pit0711 on Fri Apr 15, 2005 5:59 am, edited 1 time in total.