The PlayStation 4 (PS4) firmware of choice for the hacking community has been firmware v1.76, as developer's have taken advantage of that webkit exploit in the firmware and have been able to achieve various things, most notable being able to install Linux on your PS4 with the ability to run apps like the Steam App with graphic acceleration for example However things could change for the PS4 as the recent HENkaku exploit for the PS Vita / PSTV has been ported to the PS4 's 3.55 Firmware by developer Fire30.
So this means a new webkit exploit is now in the wild for the PS4 and provides us code execution in 3.55, The webkit exploit for 3.55 would still need some additional work and exploitation before things would shake out like it is in the current 1.76 firmware on the PS4 with regards to things like Linux Support. However, this HENkaku exploit could bring some intriguing things to 3.55 firmware and being a current firmware will sure be avaiable to much more people then the advancements we seen in v1.76. So, stay tuned to your leader in PlayStation Hacking Coverage the one and only PSX-Place, as this story will is sure to develop and evolve over the next several days / weeks / months..
PS4 3.55 Code Execution
This repo contains a PoC for getting code execution on ps4's with firmware version 3.55 It uses the same webkit vulnerability as the henkaku project. So far there is basic ROP working and returning to normal execution is included. Next steps will be to map a jit page sucessfully and getting actual shellcode executed.
UsageYou need to edit the dns.conf to point to the ip address of your machine, and modify your consoles dns settings to point to it as well.
- python fakedns.py -c dns.conf
Debug output will come from this process.
- python server.py
Navigate to the User's Guide page on the PS4 and information about the exploit and all loaded modules should be printed out. This is an example of what running it will look like: https://gist.github.com/Fire30/2e0ea2d73d3a1f6f95d80aea77b75df8
There are a few notes:
- The exploit is not 100% reliable currently. It is more like 80% which is good enough for our purposes. So if it does not work on first try, try a few more times. Also doing to much allocating after the sort() is called can make it more unstable.
- The process will crash after the rop is done executing.
- xyz - Much of the code is based off of his code used for the henkaku project
- Anonymous contributor - WebKit vulnerability PoC
- CTurt - I basically copied his JuSt-ROP idea
PS4 HENkaku Ported to PlayStation 4 (PS4) - 3.55 Firmware Code Execution POC by Fire30
By STLcardsWS on Aug 6, 2016 at 6:34 PM
Enable PS4 web-browser on 1.76 with deactivated/no PSN account.With 1.76 having all the hacks recently buying a console on 1.76 can sometimes result in an unactivated psn account meaning your browser won't work. So basically this guide will allow you to enabled the web-browser of a PS4 if it denies you access. This is PERMANENT and requires NO activated PSN account. Originally there was no public or easy fix for this kind of thing until now, I am not writing a tutorial step-by-step since I thought a visual guide for this kind of thing is way easier and shorter than following steps. Luckily for you MODDED WARFARE made a clear and easy tutorial to do this. So if you are someone stuck in this situation give it a try, good luck! Continue reading
COBRA 7.52 (Homebrew Blocker for PSN & more) + REBUG TOOLBOX 02.02.13 (NEW Cobra Payload Updater)It has been quite impressive seeing the progression of the COBRA payload over time, COBRA originally debut on the PS3 way back in 2011 as the CobraUSB (by Team Cobra) this refers to version 1.0 - 6.0 of the payload. This is the period that the device was closed sourced and locked down to Cobra's USB dongle. After the device was put aside and shelved by Team Cobra, it laid dormant for sometime, not keeping up with firmware updates and leaving user with many bugs for the early 4.2x CFWs. There was some public pressure for the team to release the source code and with Team Cobra at the time launching a new product in the ODE, the team folded to public pressure and we seen the source code release(s) and the Open Source Cobra (usb-less version) refers to v7.0+ (which currently we stand at version 7.52)Continue reading
CMA Has Been Hacked & Backups Decrypted for all Firmwares even 3.63Well the other day I caught wind of this on Reddit but Yifan Lu quickly made it private as it wasn't ready for public use so I didn't report on this. Well it now seems it is ready and the dev has released this to everyone now. This means we can extract anything from CMA backups even 3.61+ or old ones you have with another account etc. And better yet we can repack these adding what we want as well. Please note this doesn't allow for piracy but some tricks can be done as this will allow one to install ARK on 3.61+ systems without the need of being on 3.60 first or a PS3.
Also some registry hacks can be done and possibly more as time goes on as this is kind of like Pexploit for the PS3 and the EML hacks by mr gas & Major Tom, which at first even the dev behind it didn't see a lot of use for it but over time many others found some nifty uses for it. So enough of my winded speech lets see what the dev has to say and what this is all about.Continue reading
Share This Page
Latest: sandungas, Feb 25, 2017 at 5:51 AM
Latest: Saaqi, Feb 25, 2017 at 4:49 AM
Latest: self_slaughter, Feb 24, 2017 at 9:13 PM
Latest: self_slaughter, Feb 24, 2017 at 8:06 PM
Latest: DUDUŚ, Feb 24, 2017 at 4:38 PM
Latest: kozarovv, Feb 24, 2017 at 3:42 PM
Latest: aldostools, Feb 24, 2017 at 11:19 AM
- 4.81 cfw
- cobra cfw
- henkaku homebrew
- homebrew game
- playstation 2
- playstation 2 emulator
- playstation 2 resources
- playstation portable
- playstation portable cfw
- playstation portable emulator
- playstation portable resources
- playstation tv
- ps tv
- ps vita
- ps2 emulator
- ps2 homebrew
- ps2 resources
- ps3 cfw
- ps3 homebrew
- ps3 plugin
- psp cfw
- psp emulator
- psp resources
- pstv homebrew
- vita homebrew
- vita tv
- webman mod
- User Record:
- Latest Member:
- Chen Kuo