Softmod

Softmods are especially popular among video game consoles, in which they usually enable a homebrew environment that allow execution of unsigned code.

Softmods may be used to install an alternative operating system (e.g. a Linux distribution) on a device, as well as reinstate functionality that was removed from the official firmware, such as "OtherOS" on the PlayStation 3.

In January 2011, security researcher Geohot and associates of the hacking group known as fail0verflow were sued by Sony for jailbreaking the PlayStation 3.

[3] In Japan, softmods were outlawed as part of new legislation in 2018 which made savegame editing and console modding illegal.

TonyHax can be booted either with a gamesave exploit (usually Tony Hawk's Pro Skater 2, 3, or 4, hence the name, but several other games are also supported), or except on the PS2, directly from a specially-flashed memory card.

Some PlayStation models are partially incompatible (slow load times, skipping audio and video) with phthalocyanine CD-Rs, preferring the older standard cyanine discs.

[8] MechaPwn[9] is an exploit that permanently unlocks the DVD drive of the slim PS2 (and some later revisions of the fat PS2), allowing PS1 and PS2 discs from any region to be booted.

This allows the running of homebrew, load game backups, bypass region checks, enter Factory Service Mode, change fan and RSX (GPU) speeds, overclock the RSX, grant access to root keys, as well as run PS2 ISOs on unsupported backwards compatible models (via software emulation).

This softmod shares core CFW features - running homebrew, load backups of games, bypass region checks, change fan speeds, and play installed PS2 Classics PKGs.

Softmodding a PS4 allows users to run homebrew, load game backups, bypass region checks, and change fan and CPU/GPU speeds.

The exFAT filesystem kernel exploit that led to the 9.00 jailbreak[21] also affected PS5 firmware up to 4.03, however due to additional protections on the PS5 it is not possible to use this to softmod the PS5.

In June 2023, a payload called libhijacker[27] was disclosed, becoming a reliable method of running homebrew and partially circumvents the HV, which works by creating a new, separate process by interacting with the PS5's Daemon, effectively acting as a background ELF loader.

In November 2023, scene developer LightningMods disclosed[29] that they had managed to load and play a retail PS5 game backup.

In December 2023, scene developer LightningMods updated his Itemzflow[30] homebrew to support loading PS5 game backups.

In October 2024, security researcher SpecterDev disclosed[23] two exploit chains that compromise the hypervisor, which affect all firmware versions up to 2.50.

Using various exploits (such as the TIFF exploit or specially crafted savegames from games such as Grand Theft Auto: Liberty City Stories, Lumines, and later GripShift) or original unprotected firmware, the user can run a modified version of the PSPs updater, that will install custom firmware.

Originally, via a piece of software called "MechInstaller" created by members of the Xbox-linux team, an additional option could be added to the Xbox Dashboard for booting Linux.

If the data stream from the DVD drive indicated signs of unauthorized use, Microsoft would permanently ban the console from using Xbox Live service.

In August 2024, a savegame exploit affecting multiple consoles and generations called TonyHawksProStrcpy[10] was released, which is present in Tony Hawk's American Wasteland for the Xbox 360.

However, in June 2024, a userland exploit was disclosed for a Microsoft Store app called Game Script that had a bug which allowed for arbitrary code execution.

The Twilight hack was superseded by the development of Bannerbomb, which allowed for executing unsigned code without relying on an exploit within a game.

FlashHax[34] superseded Letterbomb, which used an exploit in the Wii's End-user license agreement to run unsigned code, requiring the Internet Channel to be installed.

As of February 2024 the easiest way to softmod a Wii U is by using the DNSpresso exploit which leverages several bugs in the network stack, and achieves kernel access, in addition to having a specially crafted SD card inserted.

Softmodding a Wii U allows users to run homebrew, load game backups, bypass region checks, and change fan and CPU/GPU speeds.

Previously, a few Virtual DS games could be exploited with specially crafted savegames to install a permanent CFW which is active as soon as the console powers on.

This method also allows for a scrapped DS Lite AV/Out feature to be used again with a Hardmod [37] The Nintendo DSi made it easier to softmod the console with the introduction of an SD card slot.

Custom UI environments have been created, most notably TWiLight Menu++ which facilitates other programs like nds-bootstrap to launch homebrew software.

It was discovered the Tegra home button could be emulated by shorting pin 10 on the right JoyCon rail, initializing RCM.

The softmods allow running homebrew, installing CFW (RCM exploit), bypass region checks, load game backups, and change fan and CPU/GPU speeds.

Mig Switch works on all models and firmware, partially defeating some of the security in order to play game backups, and also run homebrew.