For a number of years there has been a small amount of research into PlayStation 1 games that created save files where certain text field length checks were not performed (say, when custom naming a character or other save information), and could potentially result in a buffer overflow attack (a common security attack that allows unofficial, unsigned code to write to memory space outside of its authorised area, including new code to run).
Just this month, developer Marcos Del Sol Vives (aka socram8888) released a real world implementation of this method which allows a number of games to have custom save files loaded from a memory card in-game, triggering the overflow and running what he has named “tonyhax”, a piece of software that allows any homebrew or unofficial code loaded on a standard CD or CD-R to run on a large variety of PlayStation 1 (and even some early PlayStation 2) hardware. This allows completely unmodified hardware to execute homebrew and backup software without any need for mod chips, soldering, or ODE installs such as the PSIO or XStation (all of which have huge benefits themselves, however all of which come with their own requirements, complexities and dollar costs).
The software gets its name from the Tony Hawk games (specifically 2 and 3) that were initially discovered has hackable, however further work has been put in to 29 unique game variants (many regional releases of the Tony Hawk games, however there are quite a number of other games and matching saves that can trigger the exploit). Research and updates to the software continue, so there are plenty of options for people wanting to soft mod their own consoles, with millions of physical discs available. Check the site frequently to see new games added to the list as time goes on.
The software has been released to a dedicated website, which can be found here:
In order to download the save files to a PlayStation 1 memory card, either a PlayStation 2 running the uLaunchELF homebrew (soft mods like FreeMCBoot work) can be used to copy the data from a USB thumbdrive to a real PlayStation 1 memory card, or any of the existing devices that allow custom software to be loaded on a PS1 memory card, such as a PS3 memory card adaptor and matching software for PC, older style DexDrives, or the brand new and highly versatile Mem Card Pro, which Bob took a look at last week:
Modern Vintage Gamer also took the time to demo the process, as well as give his usual excellently detailed background into what’s happening technically behind the scenes. See his video on the process, and his YouTube channel for detailed explanations of PlayStation 1 security and copy protection methods, as well as how hardware mod chips work to overcome them:
An interesting footnote: the PlayStation console image in the article thumbnail was taken by video game historian Evan Amos. He takes high quality photographs of various video game hardware and other electronics, and releases them as public domain for anyone to use freely. Take a look at his work here: