search

brad-lin / FreePSXBoot

Exploit to allow loading arbitrary code on the PSX using only a memory card (no game needed)
MIT License
574 stars 44 forks source link

How to determine BIOS of SCHP-1001 #52

Closed dwillmore closed 3 years ago

dwillmore commented 3 years ago

Hello, all! I heard about this project a little while ago and finally got time to looking into it. I dug out my early NA model PS-X. The sticker on the bottom says "SCPH-1001". I see there are different BIOS and some hardware revisions all called by this same model #. I can't find any good information on how to tell which version my box has.

I should probably plug it in to see if it even still works. I don't think I've had it powered on since the 90's.

nicolasnoble commented 3 years ago

It's always a bit of a chicken and egg issue. If you can already run arbitrary code, then running the latest version of Unirom will show you a CRC32 of the bios you have, and you can then look it up. The other option if you can easily rewrite memory cards is to simply test multiple versions until one works. Be aware that once you've written one image, it may be difficult to write another one.

dwillmore commented 3 years ago

The box has a very early mod chip, so I should be able to run homebrew. I will try that angle. I will eventually have to slap together the arduino based card reader, but it will be easier to put that off for a bit.

Thank you for your help! I will close the issue once I am back at my computer if someone else hasn't already done so by then.

On Mon, Apr 26, 2021, 8:22 PM Nicolas Noble @.***> wrote:

It's always a bit of a chicken and egg issue. If you can already run arbitrary code, then running the latest version of Unirom https://github.com/JonathanDotCel/unirom8_bootdisc_and_firmware_for_ps1/releases will show you a CRC32 of the bios you have, and you can then look it up. The other option if you can easily rewrite memory cards is to simply test multiple versions until one works. Be aware that once you've written one image, it may be difficult to write another one.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/brad-lin/FreePSXBoot/issues/52#issuecomment-827222086, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACPEX7G7KHQZ5CSRUMBY4Z3TKX7TJANCNFSM43TRGUEQ .

nicolasnoble commented 3 years ago

Great! If you burn a CD-R with Unirom on it, and manage to boot it, then you will be able to flash all of the images you want from the CD-R itself, without issue.

dwillmore commented 3 years ago

The hacked memory card can be plugged in once the cd boots and it will be okay? I guess I would expect an open project to have the bugfix for this exploit. ;)

On Mon, Apr 26, 2021, 9:35 PM Nicolas Noble @.***> wrote:

Great! If you burn a CD-R with Unirom on it, and manage to boot it, then you will be able to flash all of the images you want from the CD-R itself, without issue.

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/brad-lin/FreePSXBoot/issues/52#issuecomment-827245070, or unsubscribe https://github.com/notifications/unsubscribe-auth/ACPEX7BJ3EXJVLNEHA6XYPTTKYIHFANCNFSM43TRGUEQ .

nicolasnoble commented 3 years ago

You can properly run unirom from the CD at boot time with a memory card that hosts the exploit, yes.

dwillmore commented 3 years ago

Now to figure out what Unirom is and how it works. :) Thank you!