Vulnerabilities

From PS1 Dev Wiki
Jump to: navigation, search

This page lists vulnerabilities found for the original Sony PlayStation. Here are display system flaws and userland flaws that are documented, exploited or not.

Savegames/Demos

These flaws in this category are relatively easy to find and exploit. There is a write-up on finding these flaws here

Game/Application name Vuln/Flaw Summary Revisions Timeframe this vuln was discovered Vuln discovered by
Castlevania Chronicles String Buffer overflow via unchecked profile name length The player name has a limit of 8 character strings to create a save-slot (Both original or arranged modes of the game). Since the string length/size is not checked, one can use a long excessive string(s) to overwrite several stack registers and take control of the $ra(return address) and then use it to jump to your region of custom code. N/A August 12th, 2018 ChampionLeake
Brunswick Circuit Pro Bowling 1 & 2 Custom Bowler name stack smash Brunswick Circuit Pro Bowling offers players to create their own bowler in their own imaginations. The custom bowler name is limited up to 15 characters long. When the player wants to create name, it's copied to the stack, however the string length isn't checked. So with a very large string, one can overwrite the stack and take control of the return address($ra) and jump to your very own custom code. 1.0 January 20th, 2019 ChampionLeake
Tony Hawk Pro Skater 2 Custom Skater name heap overflow The player has the chance to create their own skater, their name is copied over the heap, however its length is not verified. With a large enough skater name, one can overwrite some ptrs and get control of the return address($ra). One can trigger this overflow by selecting career mode and choosing to create a new career. 1.0 January 22nd, 2019 ChampionLeake

System/Hardware Flaws

Flaws in this category are related to the system/hardware that holds and powers the Sony PlayStation.

Summary Vuln/Flaw Documentation Revisions Timeframe this vuln was discovered Vuln discovered by
N/A N/A N/A N/A N/A N/A

Games already fuzzed(Useless Crashes)

These are games that developers have fuzzed/researched trying to find bugs. Any useless crashes or games that don't crash at all go here. This is to inform users if a game is not exploitable.

  • Family Feud -- Using a large string for the family name doesn't seem to crash the game. In conclusion, the family name is not exploitable. (Researched by ChampionLeake)