PS2 Possibilities with MechaCon code execution
- Thread starter uyjulian
- Start date
Berion
Developer
@Hugostoso PS2 don't have BIOS. It have firmware. And both BOOT ROM and DVD ROM are read only. So no. But code execution triggered by this exploit, stored in Dragon NVM (?) would allow user to patch the firmware (like modchips doing or like i.e FMCB doing). At least this is how I understand this, so in some meaning this can be a CFW if I'm correct. ^^
Last edited:
But if someone creates a custom firmware, will be able to flash it in the firmware eeprom or is something temporary that will be stored in Mechacon RAM? if doesnt have real overwrite possibilities it will not be possible,cause mechacon have a very limitated ram right?
sp193
Developer
The EEPROM that is mentioned in the wiki does not contain the MECHACON's firmware; it only contains keys and settings. The people behind the dump did not elaborate much, so this thread has quite a bit of speculations made so far.
For all we could know, the MECHACON chip models installed are always the one with the mask ROM - since the PS2 is mass-produced. The PS2's EE, IOP and MECHACON do not share the same RAM either, so I don't see how changing anything in the MECHACON will change how the EE and IOP operate...
There are also a few PS2 models. The models with the universal BOOT ROM that is changed in content, started with the SCPH-75000. Earlier sets may not even have a MECHACON that can do such magic. It's not in a good location as an exploit either, as you would need to somehow change the content there first...
For all we could know, the MECHACON chip models installed are always the one with the mask ROM - since the PS2 is mass-produced. The PS2's EE, IOP and MECHACON do not share the same RAM either, so I don't see how changing anything in the MECHACON will change how the EE and IOP operate...
There are also a few PS2 models. The models with the universal BOOT ROM that is changed in content, started with the SCPH-75000. Earlier sets may not even have a MECHACON that can do such magic. It's not in a good location as an exploit either, as you would need to somehow change the content there first...
What I mean is the possibilitie to overwrite the eeprom that contain all the bios files like sound effects and graphics from the mechacon,not the mechacon codes itself,is it possible? What do you think
I have thought the first post was quite too optimistic. But I understand that you can write to the EEPROM a specially prepared code which MECHACON is able to execute. If so, you can patch the original code in its RAM. Then the authentication process may be overridden.
Maybe the DRAGON MECHACON was designed to work with the universal BOOT ROM in mind. But it has not happened until the SCPH-75000 series.
There is not much information about the dump unfortunately. Therefore we can only speculate, as for now.
Hugostoso
Member
What do you mean by PS2 doesn't has a bios. If you go PCSX2 oficial site or even wikipedia they all say PS2 does has a bios
sp193
Developer
The chip was first changed with the SCPH-70000 (to CXR716080). I would think that it started to become universal with the SCPH-70000 (ROM v2.00), but it was not completed by then; it had the universal DVD ROM, but not PS1DRV.
EECONF from v2.00 (SCPH-70000) does not support the mechanism to customize the ROM, which is present in the EECONF from v2.20 (SCPH-75000) and later. This module is also the one that sets the MAC address and SPEED capabilities, based on data obtained from the MECHACON.
As of v1.70, the SCPH-50000's boot ROM was still quite region-specific, also containing OSDSYS that was customized for the region. It become more universal at v1.80 (1.90 for CEX PS2), with the possible and default language specified by the MECHACON.
It's a technicality. Sony doesn't call it the BIOS. It's listed as the BOOT ROM in the service manuals and this chip contains the EE and IOP kernels, as well as the OSD (the browser). Some board-specific functions may be included, to perform initialization - such as loading of configuration into the kernel or reseting the hardware into a known state.
Similarly: do PCs have a BIOS? If you called it the BIOS today, we know what you're referring to, but the firmware in modern PCs is not a BIOS anymore.
I/O, depending on what peripheral we're referring to, may be accessed directly by the game or is controlled by API that is provided by the EE or an IOP module. All games will technically have control over sections of hardware, so the boot ROM does not really initialize the whole PS2 and to provide basic I/O.
Neither is it what some people think it is, whereby it is a firmware that controls everything in the PS2, including the DRM.
Although it's a ROM, it's not like the functionality of the PS2 can't be "updated"; the OSD does check for updates (e.g. the System Driver Update) on the memory card, which is the mechanism that FMCB uses to get booted.
I missed your reply. But as TnA wrote: it's stored in ROM and not an EEPROM chip. So it doesn't work that way.
But it is possible to do modding of the OSDSYS, by patching OSDSYS in memory. This is a technique used by Sony and also in FMCB, which wouldn't require modding of the ROM.
There exists a mechanism in the new IOP of the SCPH-75000 and later to manipulate the contents of the BOOT ROM, which is configured by EECONF through the addresses fffe0180 (address) and fffe0184 (data). This is used to personalize the universal ROM that ships with the SCPH-75000 and later, at every IOP boot that lists EECONF.
I recall that @wisi mentioned that this is handled by the DECKARD IOP emulator, so it's not a MECHACON function...
Last edited:
That is not stored in an EEPROM, but in a ROM, called "BOOT-ROM" and it is NOT on the MechaCon either...
Search for the abbreviation "ROM".
Even this would already be epic. Like a ESR for Ps1 games.
I always wondered if it was possible to make a ESR-like program but for CD games (either Ps1 and Ps2) since there are also Ps1 CD video, but I know it is not the same as DVD video.
I tried once to boot a backup of the FF8 CD-video preview (the one that's in FF7 PAL platinum version) on my un-modded Ps2 (39004) and it appears the usual error screen: insert a ps1/ps2 disc.
However with some games (actually games, not CD-video) the behavior is different. For example if you insert a backup of the Ps1 game Apocalypse (always on a un-modded Ps2), it won't show the error screen but will lead you to the CD player (you can play a Track named Track 2 with no sound).
Yes, it is not the same and such approach will not work with the CD games. CD Audio format is totally different to the data CD format. ESR exploits the fact that games use ISO9660 file system only, allowing the UDF file system to contain a DVD-Video data.
PS1 does not support any Video CD discs. That disc is just a PS1 disc with a software to playback a video.
Because it's a game with an audio track:
redump.org • Apocalypse
I am not... I just told you FACTS!
What's your problem?
I do...
What kind of futile attempt to insult me is that?
...and again...
...and again...
I'm not sure what your problem is, but you've got plenty of time to enjoy the sun, go outside and call your imaginary friends, family or whomever names.
Nope! That's not me... You just looked into the mirror.
Berion
Developer
Possible with UMCDR or CDX (however, rather not with PSX games, only PS2 CD games).
There was one model released in China which supporting VideoCD but normally, not. There was also attachments for parallel port to read MP3 and VCD by third party hardware.
It's similar to "UniROM" with the drive-unlock. I am not sure, how it got decoding implemented and/or if it is custom code, or something "native".
It (the VCD-Player software) seems to support standard-VCDs instead of only playing an MPEG1-file, but I haven't tried it.
It's kind of off topic from this thread anyway.
It (the VCD-Player software) seems to support standard-VCDs instead of only playing an MPEG1-file, but I haven't tried it.
It's kind of off topic from this thread anyway.
Yes you're right, I noticed when I extracted it.
About CD video I forgot it was only the SCPH-5903 model supporting it.
And obviously is not possible to do the trick (it is obvious for me since otherwise, it'd already be exploited, I'm not that well versed in this things), since on CDs (with or without audio tracks) there aren't multiple file systems. I understood right?
Possible with UMCDR or CDX (however, rather not with PSX games, only PS2 CD games).
I do not think it could be possible. First and foremost, the classical sceCdRead function is not allowed in the CDDA mode. In the CD Audio mode reads are performed with a special CDDA command which reads the 2352 sector block. CD games usually read the 2048 sector size. Have I mentioned the UMCDR has got no error correction? After these first obstacles, if you did not scrapped the idea, you have to write some emulation layer to handle the logic of the different file system.
Or just use the ESR to play the CD games converted to the DVD.
Similar threads
-
PS3 qCFW and Future potential
- Started by aomsin2526
- Replies: 0
-
-
PS2 Resuming the topic (PS2 Open-Source Modchip Discussion)
- Started by CSylvain
- Replies: 0
-
PS1 Transitioning To Parasite Eve II Disc 2 With A Japanese Soft-Modded Console Method Discovered- Started by alexfree
- Replies: 4