.TIFF Exploit proved fake

Copy and pasted from here http://forums.qj.net/showpost.php?p=1971019&postcount=53 all props and credit goes to Freeplay

Code:

I was examining the TIFF file, at first, I was excited, but then I saw the code that its fake.
Yep, fake. And so is their "exploit TIFF." As I posted on ps3hax:


Shame that this is a fake, too.

It's a real TIFF from a real exploit, sure, but the exploit was discovered in libTIFF in 2006 and FIXED in a LibTIFF 3.8.2 patch. Oh, and it was never capable of running code; only of crashing the client.



Code:
 >>> # LibTIFF 3.8.2 unpatched                      | >>> # LibTIFF 3.8.2 patched
 >>> snippet(0x2)                                   | >>> snippet(0x2)
    * Read offset to next directory for sequential  |
    * scans.                                        |  /*
    */                                              |   * Check for integer overflow when
    (void) ReadOK(tif, &nextdiroff,                 |   * validating the dir_off, otherwise
             sizeof (uint32));                      |   * a very high offset may cause an
  } else {                                          |   * OOB read and crash the client.
    toff_t off = tif->tif_diroff;                   |   * -- taviso@google.com, 14 Jun 2006.
                                                    |   */
 |if (off + sizeof (uint16) > tif->tif_size) {      | |if (off + sizeof (uint16) > tif->tif_size ||
      TIFFErrorExt(tif->tif_clientdata, module,     |      off > (UINT_MAX - sizeof(uint16))) {
       "%s: Can not read TIFF directory count",     |       TIFFErrorExt(tif->tif_clientdata, module,
       tif->tif_name);                              |        "%s: Can not read TIFF directory count",
      return (0);                                   |        tif->tif_name);
 >>>                                                | >>>
Read about it here. The author of the original proof-of-concept is Tavis Ormandy. Here, read some more.

Notice the highlighted bit above, and the highlighted bit below:


Seriously, people, this took me less than a minute with Google and a hex editor to figure out.

 

WTF!!!!!! Im sick of this. People need to stop posting fake stuff. I got my hopes up for nothing. I wasnt interested in this the first time this happened, but i feel bad for the people who was. Another dissapointment.....

 

Lame

 

Well done CKhaleel,my brother told me exactly this yesterday(Wednesday).

 

Thanks.


Team ICE fails at life.

 

Dont you think it at least has a potential of doing something good.

 

Well, I can try to re-compile the .TIFF code and try something...

 

Its worth trying,id love to try it myself but i dont have the patience.

 

If I can re-compile the TIFF it might be worth something

 

I mean if you look at one of the readme files they clearly say they used an iphone exploit.They are completely different the iphone and the ps3,so that should tell you right away that it is fake.I'm going to say even if it was real how long do you think it would last before Sony patched it with a firmware update.I would leave it alone CKhaleel this is not something to look into,but if your interested in messing with code try out the OtherOS demo source code provided by Marcus.

 

I didnt provide any source code dude.

 

I'm not sure what you mean marcusita,but I was referring to someone different.A person by the name of Marcus released an OtherOS demo with source code for the PS3.It isn't a Tiff exploit,but runs off the OtherOS option.It has been confirmed working from ps2dev which is a very reliable source,and they have a toolchain that can be compiled as well.The only thing visible right now is a demo,but running code through the OtherOS has its downside as well.It doesn't gain access into the Hypervisor which is needed in order to accomplish a loader.I would look into the OtherOS demo before this Tiff exploit as it has been confirmed working.

 

I really got my hopes up for homebrew on the PS3. That sucks!

 

LMAO,my real name is Marcus,i thought you were talking about me.

 

hi peeps. my name is Marcus too. people just need to relax until we see a workin mod for ps3. it should happen sometime. just chill till it does.

 

Forgive me if this seems like a noob question but what programming language is that in?

 

The programming language for the OtherOS demo is in C.It uses a similar method like the psp most code is in C/C++.You can use Cygwin to program for the PS3 or you can program from Linux.From my understanding the OtherOS is a programmed .elf file converted into a otheros.bin file then converted again into an otheros.bld .The compression is using gzip which is a GNU compression utility.You can find a bunch of documentation from IBM on the Cell processor as well.

 

Team ICE also said that the tiff were just for fun exploits. I tried it and my system just froze...wow. I did however try the Motorstorm exploit and that seemed to work with the provided self file. It may be fake and it may not but people are going to be mad if they update and this does turn out to be legit. Keep in mind that nobody has reached "hello world" and even if they do it's not going to do any good at the moment. If anyone has gotten the avatar thing to work I would like to know if others can see it or just you.

 

The Avatar thing is annoying me i can even get the software set up properly.Everybody should be able to see your Avatar.

 

Thanks. I'll see what I can do with it later. Sony should have let us use our own avatars long ago.