A PlayStation 2 DVD exploit that leverages a vulnerability in the DVD player to execute custom code.
YADE is a proof-of-concept exploit for the PlayStation 2 that uses a malformed DVD-Video disc structure to gain code execution. The exploit targets the PS2's DVD player firmware and allows loading custom ELF binaries.
mipsel-none-elf-gcc- MIPS cross-compiler for PS2 EE (Emotion Engine)gcc- Native compiler for the injector toolgenisoimage- ISO image creation tool
Simply run the build script:
./compile.shThis will:
- Compile the exploit code for PS2 (
code.c,jump.c) - Build the injector tool for your host system
- Generate the exploit DVD ISO image at
build/exploit.iso
src/code/- PS2 exploit code that runs on the targetcode.c- Main exploit loaderps2*.c/h- PS2 system call interfaces and utilities
src/jump/- Secondary stage loadersrc/injector/- Host-side tool to inject exploit into DVD structureinjector.c- Main injector logicpgc.c/h- DVD PGC (Program Chain) manipulation
src/ld/- Linker scripts for PS2 binariesfs/- Base DVD-Video filesystem structure
The exploit works by:
- Creating a malformed DVD-Video structure with specially crafted PGC (Program Chain) data
- Triggering a buffer overflow in the PS2 DVD player firmware
- Redirecting execution to custom code loaded from the disc
- Loading and executing a custom ELF binary
This software is provided for educational and research purposes only. The authors are not responsible for any misuse or damage caused by this software. Only use this on hardware you own.