Just took an interest in this, so I'm fairly new to what has been tried and what has not. I've looked throughout these forums but, I couldn't find an answer to this question...
Has anyone tried to overrun the various extra blocks in mp3's - or various picture types? I know jpegs have a couple areas that data can be stored in that has nothing to do with the picture data - it's something along the lines of a "caption text" block of data.
For example, there was a nasty exploit with a malformed ID3 header for mp3's that allowed code to be run in Windows just by mousing over an mp3 (in windows, if you hover the mouse over an mp3 it reads the header.)
If this hasn't been looked heavily into, is there any reason that this is an area that could not contain unchecked buffers? Is the PSP able to mark an area in RAM that is non-executable?
Quick question...
Some people have tried to exploit the MP3 player with no success. There is a wierd one here where certain MP3 files become corrupted in the Music File Manager:
Bizarre MP3 Bug
http://forums.ps2dev.org/viewtopic.php? ... ht=id3+mp3
There was also some research being done on the PNG files inside a .PBP:
http://forums.ps2dev.org/viewtopic.php?t=1215
If you do find something that you think is an overrun, please post it here so others can attempt to exploit it.
Good Luck!
Bizarre MP3 Bug
http://forums.ps2dev.org/viewtopic.php? ... ht=id3+mp3
There was also some research being done on the PNG files inside a .PBP:
http://forums.ps2dev.org/viewtopic.php?t=1215
If you do find something that you think is an overrun, please post it here so others can attempt to exploit it.
Good Luck!