Modding the PSP
With all the talk about what a modded PSP can do and all the different methods of modding it, I decided to take a look at the latest way to install custom firmware on the PSP WITHOUT a Pandora’s battery or a modded PSP.
Now there are several different methods of doing this. Most of them show the Pandora’s battery trick which basically boots the PSP into service mode which is what happens when you boot a PSP with a service battery. This lets you flash firmware onto the PSP allowing for all kinds of possibilites. There is a problem with this way of doing it however. You either need a PSP that’s already modded or you need to physically mod your battery to get the EEPROM to show up as 0xFFFFFFFF.
A vulnerability was found in the PSP’s firmware that allowed malicious tiff images to execute code. Chickhen is a tool that uses this exploit on the 5.03 firmware. Chickhen allows you to run homebrew on ANY PSP including the unmoddable ones (Certain PSP Slims and the PSP 3000s currently). For those with unmoddable PSPs you can still run homebrew, but you cannot permanently flash with a custom firmware (CFW) or else it will brick your PSP. Make sure you know which model of PSP you have before attempting anything.
Requirements:
PSP
USB Cable
Memory Stick Pro Duo
PSP 5.03 Firmware
ChickHEN
Hellcat’s Recovery
Step 0 – Abbreviations
OFW – Original Firmware
CFW – Custom Firmware
Step 1 – Double check you’ve got a moddable PSP
Just go here and make doubly sure. You don’t want a brick.
Step 2 – Installing PSP Firmware 5.03
5.03 is a vulnerable firmware. We need to be running this so as long as you are on a lower firmware, you can download the firmware from the link above, make a folder called UPDATE in your PSP/GAME folder on the memory stick.
You should now be able to navigate to Games->Mem Stick and update the firmware to 5.03.
Step 3 – Installing ChickHEN and Hellcats Recovery
Copy the tools to the Mem Stick as outlined in their readme’s. You should also google around to see that you are getting the latest version, however the ones linked to above are the ones that I used.
Step 4 – Running ChickHEN
Time to mod the psp, temporarily. ChickHEN is a Homebrew ENabler meaning that once its running, we can run Hellcat’s Recovery, install 5.00 M33-6 and have a CFW installed. For people with unmoddable PSPs, you can follow this step to get homebrew enabled but just don’t try to install a CFW.
On the PSP, browse to the photo on the memory stick and click the ChickHEN photo. If the PSP flashes colors and reboots then you have loaded ChickHEN properly. I had trouble with this and the only time I got it to work was with the USB cable still plugged in. You just have to play with it until you get it working. Might need full shutdown before hand in order to get it working.
Step 5 – Installing CFW!
Now that your PSP is homebrew enabled, browse to Game->Mem Stick and run Hellcat’s Recovery. Install M33 CFW and you’re good to go!
Step 6 – Using the CFW
In the XMB pressing Select to view the VSH menu. This menu allows you to do an easy full shutdown which is required to get into the M33 recovery menu to enable new plugins such as custom themes. To enter the recovery menu, hold the Right Trigger while turning on the PSP (from a full shutdown, not standby which is the default method of turning off with the power button).
Conclusions
You better put DoomPSP on it immediately or it can’t be considered truly hacked. For more reading check out Dark_Alex’s wiki. He’s the man that lead the craze for the longest time and formed team M33 which has gone on to release the best CFWs for the PSP so far.