Skip to content
Home
Projects
About Me
Contact Me
Archives
Twitter
LinkedIn
GitHub
Search for:
Yifan Lu
Random stuff I'm making and thinking
Menu
Widgets
Social Links
Search
3DS
The 3DS Cryptosystem
Cosmo3DS: The CFW nobody wanted
3DS Code Injection through “Loader”
Opening Up CARDBOARD: Crafting an American New 3DS (non-XL)
Nintendo 3DS System Updater
Reversing Gateway Ultra Stage 3: Owning ARM9 Kernel
Reversing Gateway Ultra Stage 2: Owning ARM11 Kernel
Reversing Gateway Ultra First Stage (Part 2)
Reversing Gateway Ultra First Stage (Part 1)
Announcements
Welcome Jekyll!
HENkaku KOTH Challenge
HENkaku: Vita homebrew for everyone
How To Register and Download for PSM (Shutdown Bypass)
Rejuvenate: Native homebrew for PSVita
PS Vita 3.30 Filesystem Listing
I need your help to fund Vita hardware analysis
[April Fools] Yifan Lu has been acquired by Electronic Arts Inc.
[April Fools] Electronic Arts Inc. announces the closing of Yifan Lu
Welcome to the new yifan.lu!
And now for something different…
Welcome to yifan.lu!
Site Updates + iPhone Support
Goodbye Habbo!
Welcome to the new www.yifanlu.com!
Assembly
Opening Up CARDBOARD: Crafting an American New 3DS (non-XL)
Reversing Gateway Ultra Stage 3: Owning ARM9 Kernel
Reversing Gateway Ultra Stage 2: Owning ARM11 Kernel
Reversing Gateway Ultra First Stage (Part 2)
Reversing Gateway Ultra First Stage (Part 1)
Unlocking T-Mobile 4G Hotspot (ZTE MF61): A case study
Reversing the Xperia Play emulator (part deux)
Reverse engineering a dynamic library on the Xperia Play
Analyzing the PSX emulator on the Xperia Play
Porting Kindle 3.1: Part 2 - Update encryption
Quickguide: Bypassing Lenovo S10 BIOS Whitelist
C
Cosmo3DS: The CFW nobody wanted
3DS Code Injection through “Loader”
Opening Up CARDBOARD: Crafting an American New 3DS (non-XL)
Reversing Gateway Ultra Stage 3: Owning ARM9 Kernel
Reversing Gateway Ultra Stage 2: Owning ARM11 Kernel
libVitaMTP & OpenCMA: Vita content management on Linux (and more)
Devices
Modem Cloning for Fun (but NOT for profit!)
Embedded
Unbricking SHIELD TV (2015) with a Bootrom Exploit
Guides
Opening Up CARDBOARD: Crafting an American New 3DS (non-XL)
How to Disassemble Vita Game Cartridges
Updates on the Vita Hardware Hacking project
Removing the CPU and NAND from PSVita
Unlimited Backgrounding on iOS
Unlocking T-Mobile 4G Hotspot (ZTE MF61): A case study
Installing Windows 8 Developer Preview (8102) on a USB Drive (Windows To Go/Portable Workspace)
Recovering a formatted or corrupt Kindle 2
Quickguide: Bypassing Lenovo S10 BIOS Whitelist
Creating a PSP FreeCheat Memory Patch
Update: T-Mobile Proxy released: Free unlimited EDGE internet without any plans (for now)
Free 3G/EDGE internet on any T-Mobile phone without a data plan
Load Creative Zen V Plus’s firmware on your Zen V
Compiling the Linux kernel for Amazon Kindle
Information
On the future of Rejuvenate
Secure your eMMC devices!
Calling all coders: We need you to help create an open Vita SDK!
Reversing Gateway Ultra First Stage (Part 1)
Why hacking the Vita is hard (or: a history of first hacks)
PlayStation Vita: the progress and the plan
Welcome to the new yifan.lu!
And now for something different…
Welcome to yifan.lu!
New Year: Domain garage sell!
Free 3G/EDGE internet on any T-Mobile phone without a data plan
New projects and new ads
Recode of Josh
Site Updates + iPhone Support
Making a Facebook app…
First beta of Josh released
Project Josh announced!
Goodbye Habbo!
What I’m working on
Winter Break brings updates!
Welcome to the new www.yifanlu.com!
Java
PSXperia: Converts any PSX game to work on Xperia Play
JoshPong: A Pong game in Windows Console written in Java
ASCIIMan: A Windows Console platformer game written in Java
Josh 1.0 Released
Recode of Josh
Update to TweetBot
Update Foursquare from Twitter
First beta of Josh released
Project Josh announced!
Kindle
Kindle Touch (5.0) Jailbreak/Root and SSH
Analyzing Kindle 4.0
Kindle 3.2.1 Jailbreak (Update)
One more thing: custom recovery kernel for Kindle 3
Kindle 3.2.1 Jailbreak
Kindle 3.X updater for Kindle 2 and Kindle DX released
Porting Kindle 3.1: Part 3 – Update packaging script
Recovering a formatted or corrupt Kindle 2
Porting Kindle 3.1: Part 2 - Update encryption
Kindle 3.1 Jailbreak
Compiling the Linux kernel for Amazon Kindle
Objective-C
Unlimited Backgrounding on iOS
PHP
Ajax Word Search Solver
PS3 update link finder site
Google Apps User Registration Script
My first iPhone app (kind-of)
What I’m working on
IPA Manager, HoloCMS updated
PS Vita
HENkaku KOTH Challenge
HENkaku: Vita homebrew for everyone
CGEN for IDA Pro
Rejuvenate for Unity (and VitaTV support)
On the future of Rejuvenate
Hacking the PS Vita
Rejuvenate Public Beta Release
Rejuvenate: Native homebrew for PSVita
Calling all coders: We need you to help create an open Vita SDK!
You Should Register for PSM
How to Disassemble Vita Game Cartridges
Dumping the Vita NAND
PS Vita NAND Pinout (Updated)
Random observations on Vita logic board
PS Vita NAND Pinout
Removing the CPU and NAND from PSVita
I need your help to fund Vita hardware analysis
Why hacking the Vita is hard (or: a history of first hacks)
libVitaMTP & OpenCMA: Vita content management on Linux (and more)
PlayStation Vita: the progress and the plan
Playstation Vita progress report
Playstation Vita’s USB MTP Connection Analyzed
Paper
Attacking Hardware AES with DFA
Injecting Software Vulnerabilities with Voltage Glitching
Qualcomm
Huawei E587 (T-Mobile 4G Sonic Hotspot): Information and rooting
Unlocking T-Mobile 4G Hotspot (ZTE MF61): A case study
Releases
HENkaku Update
Cosmo3DS: The CFW nobody wanted
CGEN for IDA Pro
Rejuvenate for Unity (and VitaTV support)
Rejuvenate Public Beta Release
Kindle Touch (5.0) Jailbreak/Root and SSH
Kindle 3.2.1 Jailbreak (Update)
PSXperia: Converts any PSX game to work on Xperia Play
One more thing: custom recovery kernel for Kindle 3
Kindle 3.2.1 Jailbreak
Kindle 3.X updater for Kindle 2 and Kindle DX released
Kindle 3.1 Jailbreak
Ajax Word Search Solver
Update: T-Mobile Proxy released: Free unlimited EDGE internet without any plans (for now)
OSX FaceTime auto-accept script
PS3 update link finder site
JoshPong: A Pong game in Windows Console written in Java
ASCIIMan: A Windows Console platformer game written in Java
Josh 1.0 Released
Update to TweetBot
Update Foursquare from Twitter
Google Apps User Registration Script
First beta of Josh released
My first iPhone app (kind-of)
IPA Manager, HoloCMS updated
Scheme
CGEN for IDA Pro
Scripts
OSX FaceTime auto-accept script
Technical
Foobar, Blossoms, and Isomorphism
Array Shuffling with Additive Generators
The 3DS Cryptosystem
3DS Code Injection through “Loader”
Hacking the PS Vita
Opening Up CARDBOARD: Crafting an American New 3DS (non-XL)
Nintendo 3DS System Updater
Reversing Gateway Ultra Stage 3: Owning ARM9 Kernel
Reversing Gateway Ultra Stage 2: Owning ARM11 Kernel
Reversing Gateway Ultra First Stage (Part 2)
Dumping the Vita NAND
Huawei E587 (T-Mobile 4G Sonic Hotspot): Information and rooting
Playstation Vita progress report
Unlocking T-Mobile 4G Hotspot (ZTE MF61): A case study
Playstation Vita’s USB MTP Connection Analyzed
Reversing the Xperia Play emulator (part deux)
Analyzing Kindle 4.0
Installing Windows 8 Developer Preview (8102) on a USB Drive (Windows To Go/Portable Workspace)
Kindle 3.2.1 Jailbreak (Update)
Reverse engineering a dynamic library on the Xperia Play
Analyzing the PSX emulator on the Xperia Play
Porting Kindle 3.1: Part 3 – Update packaging script
Recovering a formatted or corrupt Kindle 2
Porting Kindle 3.1: Part 2 - Update encryption
Quickguide: Bypassing Lenovo S10 BIOS Whitelist
Kindle 3.1 Jailbreak
Creating a PSP FreeCheat Memory Patch
Free 3G/EDGE internet on any T-Mobile phone without a data plan
Load Creative Zen V Plus’s firmware on your Zen V
Compiling the Linux kernel for Amazon Kindle
Vita
Glitching a $20k Piece of History
Attacking Hardware AES with DFA
The First F00D Exploit
Injecting Software Vulnerabilities with Voltage Glitching
Vita HDMI Mod (Attempt)
psvsd: Custom Vita microSD card adapter
HENkaku Ensō bootloader hack for Vita
psvimgtools: Decrypt Vita Backups
State of the Vita 2016
Designing taiHEN: A CFW Framework
taiHEN: CFW Framework for PS Vita
HENkaku KOTH Solved
Yes, it’s a kernel exploit!
HENkaku Update
Vita Hardware Hacking
How to Disassemble Vita Game Cartridges
Dumping the Vita NAND
PS Vita NAND Pinout (Updated)
Updates on the Vita Hardware Hacking project
Random observations on Vita logic board
PS Vita NAND Pinout
Removing the CPU and NAND from PSVita
Xperia Play
Reversing the Xperia Play emulator (part deux)
PSXperia: Converts any PSX game to work on Xperia Play
Reverse engineering a dynamic library on the Xperia Play
Analyzing the PSX emulator on the Xperia Play
iPhone
Unlimited Backgrounding on iOS