PS2 Independence Exploit

The PS2 Independence Exploit opens up the possibility for running homebrew programs on an unmodified PlayStation 2. It relies on creating a deliberately incorrect entry inside the TITLE.DB file (which the PS2 normally uses as a simple database of special options to apply to specific old PS1 games for their correct operation) that triggers a buffer overflow and, combined with a small stub loader located inside the file, allows the running of unencrypted code from the memory card upon the insertion of a specific PSone game. Normally, only Sony-encrypted programs (such as the DVD player) will run from the memory card.

The TITLE.DB file is located under the directory BxDATA-SYSTEM, where x is the letter corresponding to the region the PS2 was sold on (i.e., BEDATA-SYSTEM for a European PS2).

The discovery of this vulnerability in the PS2's software opens up the possibility of running programs created by the PS2 homebrew developer community without the need for a modchip or CD-ROM swapping techniques. The exploit does require a way of installing the modified files, which may be copied onto a memory card using another PS2 (either modified or with the exploit installed), a memory card reader/writer, or using a CD-ROM swap technique. Also this exploit may be achieved by using a combination of HDAdvanced/HDLoader along with winhiip/hdl dumb to place an .ISO of a CD that is a FTP server which allows you to exploit your memory card via FTP from PC to PS2. Documentation on how this is achieved can be found here. Code Breaker (versions 8 and higher) can also be used to install the exploit without a modified system by placing the System Settings save file on a USB flash drive to transfer the save to a computer, where you can implant the exploit with the aid of programs such as PS2 Save Builder.

The PS2 Independence Exploit does not work on newer Slim (V12) models, since the buffer overflow has been corrected.