PS2:Mechapwn
MechaPwn is a homebrew software designed to patch the EEPROM of PS2 models with the dragon Mechacon[1].
 | It's very important to backup the EEPROM before playing around with MechaPwn. If you lose your backup, you'll have a very hard time trying to restore EEPROM to original state due to EEPROMs being not only model-specific, but also factory-specific. For example, applying the stock EEPROM of a 70001 model manufactured on X factory (eg: Foxconn) into the same model but made on Y factory (eg: Kisarazu) will lead to major issues. The most conflictive part of EEPROM is the MECHACON configurations, not the ones intended for security, but the ones for mechanics controlling (eg: laser movement config). The homebrew application PS2IDENT can help you determine from which factory your PS2 comes from if you need to (or are just curious). |
Technical Details
Mechapwn exploits an update feature introduced on the dragon Mechacon, the main purpose of this update system was to reduce the costs of updating the MECHACON software (because this software was stored on an independent ROM, meaning that an update to this software implied decommissioning of all the Sony stock of already programmed ROMs). As PlayStation 2 models evolved, the capabilities of these patches became more and more powerful, up to the point where DECKARD slims region can be changed by a single byte on EEPROM, amongst other new possibilities, such as enabling the languages of an European/American PS2 on any Asian slim.
MechaPwn's main purpose is to change the EEPROM encrypted area where the Mechacon update patches are stored, and the patches applied intend to make the console security measures for discs weaker. Although, some of the security mechanisms remain, because they're stored on the console boot ROM (such as PS2 and PS1 logo decryption, which were used to confirm region match between game and console), USA and pseudo Asian PS2 units (Korea, Taiwan and Hong Kong models) are more permissive compared to European, Japanese and Chinese models.
Compatibility
This mod only works on SCPH-5xxxx and later because of those models using the ARM based dragon chip, therefore being vulnerable to this exploit. You can identify your model easily by reading the label on the back/buttom. All slims are compatible because of them being SPCH-7xxxx and later.
References
- ↑ MECHACON is an acronym for MECHAnics CONtroller. In addition to the tasks implicitly described on its name, it's also in charge of security measures. For example: it participates in games, memory card, and memory card update authentication.