You Can Now Play Your Homebrew Games On PS2 With This Exploit
There’s No Need To Mod The Hardware At All
The PlayStation 2 has been around for two decades now, and it’s one of the best consoles for creating and playing homebrew games. The traditional method of playing homebrew games involves tweaking PS2 hardware. This means using either a modified memory card with pre-installed exploits, installing a modchip, or blocking the disc tray sensors.
FreeDVDBoot By CTurt
However, a security software engineer, CTurt (@CTurtE) has developed a new method that doesn’t require one to mod their console to play homebrew games. CTurt achieved this by creating software called FreeDVDBoot. The software exploits the PS2’s DVD player functionality, allowing you to play Homebrew games and also burned backups of commercial games.
FreeDVDBoot: an exploit for the PlayStation 2 DVD player which allows burning your own homebrew games and running them on an unmodified console as though they were official discs: https://t.co/MaPC6urUJQ
— CTurt (@CTurtE) June 27, 2020
CTurt had initially attempted to create a software-based entry-point exploit by exploiting the BASIC interpreter in early PAL region PS2s. Although he was successful in creating a BASIC interpreter exploit, this method was widely criticized, and only limited to PAL PS2s. As a result, he wrote off the exploit and continued to look for better ways to hack the PlayStation 2.
How Does @CTurtE’s FreeDVDBoot Work?
CTurt identified the consoles ability to read burned DVDs, but not load burned game discs as a potential attack vector. He then began studying how the Play Station 2’s optical drive plays DVDs. The console starts by reading IFO files in the disk and writing data to a RAM cache. IFO files contain the metadata that links the VRO and VOB files. CTurt then found a potential exploit in how the optical drive reads large IFO files.
He created a corrupted IFO file, generating a large read overflow. The file loads an Executable and Linkable Format File (ELF) into the systems cache. The ELF type is the same as the one used in homebrew games, and the overflow pushes it into the main memory. This completely bypasses the PlayStation 2’s security system. The PS2 can then natively read and run ELF files off a burned disk. The technical details of how he achieved this are found in his GitHub page.
After completing the hack, CTurt showed videos of his PS2 running a backup of Shadow of the Colossus and a Super Nintendo emulator.
To date, CTurt DVD player exploit is the only PS2 exploit that does not use non-native hardware. The exploit only requires a disc, as opposed to other exploits that require a modchip, network adapters, or an HDD expansion. According to CTurt, all-optical drives, whether CD or Blu-ray, work on the same principle. Hence, the DVD player exploit has the potential to work on anything from a PlayStation 1 to the PS4. This might not be possible for all of the PS5 models as some PS5 models won’t come with DVD drive. This mod is proving popular with PS owners.
— MrMario2011 (@MrMario2011) June 29, 2020
Apart from the capability to play homebrew games and burned backups, the exploit makes it possible to put multiple games in one disk. The games can then be run from a startup menu provided they are small enough.
CTurt only tested FreeDVDBoot in his PS2 DVD that uses firmware 3. 10E, and the exploit does not support all DVD drives in the PS2 line. Nonetheless, he is working on that. For those interested in the exploit, the required files and instructions are posted on his GitHub profile.