PS4 A New PS4 kernel exploit by qwertyoruiop

Discussion in 'PS4 News' started by STLcardsWS, Apr 2, 2017.

By STLcardsWS on Apr 2, 2017 at 3:11 AM
  1. 5,916
    3,487
    123
    STLcardsWS

    STLcardsWS Administrator

    Joined:
    Sep 18, 2014
    Messages:
    5,916
    Likes Received:
    3,487
    Trophy Points:
    123
    Things are starting to get a bit interesting in the PlayStation 4 Hacking Scene, as well known hacker qwertyoruiop a couple of days ago released a webkit exploit for 4.0x firmware (non 4.50), however this exploit needs a kexploit (kernel exploit) on the same level as something like 1.76 firmware and did not work in 4.50. So the hacker has been working on a kernel exploit as well and in 5 days the developer has not only a kernel exploit but one that works for 4.50 but with 4.50 we do not have an entry point to execute the kernel exploit, which is where the webkit exploit comes in. So 4.50 user's appear has some strong hope , .

    C8YkhwRWsAANHFy.jpg

      • Nothing to kernel in 5 days. GG sony
      • 0day, it should work on 4.50 too
      • It was actually simpler than expected. iOS is more challenging from the post exploitation point of view
      • 30 hours of no sleep later i am finally happy about the ps4 exploit
      • So it turns out sony is doing sneaky syscall shit. updated code some further, you'll have to manually call libkernel syscall stubs
      • updated ps4 rce with actually functioning fcall and syscall primitives
      • updated ps4 exploit with rop code exec (for 4.06 specifically).
      • updated the ps4 exploit with some more comments and it no longer alerts a JSValue, but prints a function pointer

     
    Last edited: Apr 2, 2017
    TONY-T, esc0rtd3w, Zar and 7 others like this.

Comments

Discussion in 'PS4 News' started by STLcardsWS, Apr 2, 2017.

    1. pinky
      pinky
      check out my ps4 tutorial to block updates, because (last I checked, the download and install function on the ps4 is broken). I have all connections disabled. it still allows the internet btw.
    2. TOM1211
      TOM1211
      So we just need a bug in web browser for 4.5.,?
      Thinking about buying a ps4 pro now but do I need to look for specific firmware or wait abit and see what happens before picking one up.
    3. DeViL303
      DeViL303
      Dont take my word for this, but I think this means any current sealed PS4 Pro's will be exploitable as now he has both parts needed for an exploit on 4.06. (there might be some really new PS4s out of the factory with 4.50 but I reckon almost all in the shops will have lower). And now he has the hard bit done on 4.50 aswell, probably wont take long for a webkit exploit to surface for 4.50.
    4. rasoulia
      rasoulia
      So it's that means close to have CFW on PS4 ( sorry for my bad english )?
    5. DeViL303
      DeViL303
      I don't think it means CFW, but it means it will be open like 1.76, for Linux at least, maybe more in the future, who knows.
      WTF-IGO and TOM1211 like this.
    6. TOM1211
      TOM1211
      Did they ship with 4.07?
    7. DeViL303
      DeViL303
      I don't know, the ones here shipped with 3.70, but there is probably newer now, maybe someone else can tell you. Probably best to get one from a smallish store that doesn't move many units, more chance of getting a launch model pro, don't get one from amazon or somewhere like that.
      WTF-IGO and TOM1211 like this.
    8. ioritree
    9. STLcardsWS
      STLcardsWS
      4.06 not much different then 1.76. Still many will have a hard time getting to that firmware,
      4.06 good for devs/research

      The 4.50 stuff is the interesting bit to be the focus.
      WTF-IGO likes this.
    10. Traace
      Traace
      I just bought a Slim last year and never open it. The time to do it will come :)
      DeViL303 likes this.
    11. Berion
      Berion
      PS4 Pro have (or has...) 4.01 or lower as I remember.

      If You want 4.07, You need find full OFW, and someone trustworthy who have checksums. I can provide checksums for full 4.05.
      WTF-IGO likes this.
    12. bguerville
      bguerville
      No it does not. The kernel exploit allows for privilege escalation & breaking out of restricted userland, in which webkit runs, to get access to the whole system. It does not solve the private keys issue.
      To give you an idea, the current hack, using webkit + kernel exploit, is basically the same type of hack as henkaku on the Vita. Everything that can be done with henkaku could be done in theory on the ps4 using such a hack...
      What we could expect in the future for ps4 on fw up to 4.50, except Linux support, if development follows of course (big if!), is something equivalent to Taihen...
      Last edited: Apr 2, 2017
      WTF-IGO likes this.
    13. barelynotlegal
      barelynotlegal
      Im confused , this might be a possibilty for 4.50 or 4.?. Stopped using mine ar 4.01, anyways great job and thankcyou for the hard work and focus.
    14. bguerville
      bguerville
      For the moment there is publicly no webkit exploit available for 4.50 but there are some for 4.0x fw so currently you can use the hack on your ps4 with 4.01 or you could update to another 4.0x fw using a PUP.
      Soon, when a webkit exploit becomes available, you will be able to use it on 4.50.
      WTF-IGO likes this.
    15. barelynotlegal
      barelynotlegal
      Bueno. Curious why would i update if there is no webkit for 4.50? Im sure there will be but is there something better? No talking sh!t truely curious.
    16. bguerville
      bguerville
      You could update to 4.06 or 4.07...
      WTF-IGO likes this.
    17. atreyu187
      atreyu187

      We have entry up to 4.07 right now but none for 4.50. We do have the second and most important part the kxploit for 4.50 as I am sure a 4.50 webkit exploit will pop up soon enough.
      WTF-IGO likes this.
    18. barelynotlegal
      barelynotlegal
      Is there abplace i can start reading up and catching up to speed as far as running exploit and whats required, am sure i could google but rather get it from a trusted place. And more than likely the webkit too.
      I followed for a while then it started they started using big words lol.
      Going to assume i will need a linux device or a virtual linux device to begin with?
      (Once my plus was up i went to gold, well grandma and M$ allows to share gold/games unlike sony. And really se no point going back plus/online)
      Thank in advance
    19. TONY-T
      TONY-T
      Forgive my ignorance, but if we get a webkit exploit on 4.50, does this mean emulators?

      Also my PS4 is on 3.55. Am i safe staying on this firmware??

Share This Page