The PlayStation 4 (PS4) firmware of choice for the hacking community has been firmware v1.76, as developer's have taken advantage of that webkit exploit in the firmware and have been able to achieve various things, most notable being able to install Linux on your PS4 with the ability to run apps like the Steam App with graphic acceleration for example However things could change for the PS4 as the recent HENkaku exploit for the PS Vita / PSTV has been ported to the PS4 's 3.55 Firmware by developer Fire30.
So this means a new webkit exploit is now in the wild for the PS4 and provides us code execution in 3.55, The webkit exploit for 3.55 would still need some additional work and exploitation before things would shake out like it is in the current 1.76 firmware on the PS4 with regards to things like Linux Support. However, this HENkaku exploit could bring some intriguing things to 3.55 firmware and being a current firmware will sure be avaiable to much more people then the advancements we seen in v1.76. So, stay tuned to your leader in PlayStation Hacking Coverage the one and only PSX-Place, as this story will is sure to develop and evolve over the next several days / weeks / months..
PS4 3.55 Code Execution
This repo contains a PoC for getting code execution on ps4's with firmware version 3.55 It uses the same webkit vulnerability as the henkaku project. So far there is basic ROP working and returning to normal execution is included. Next steps will be to map a jit page sucessfully and getting actual shellcode executed.
UsageYou need to edit the dns.conf to point to the ip address of your machine, and modify your consoles dns settings to point to it as well.
- python fakedns.py -c dns.conf
Debug output will come from this process.
- python server.py
Navigate to the User's Guide page on the PS4 and information about the exploit and all loaded modules should be printed out. This is an example of what running it will look like: https://gist.github.com/Fire30/2e0ea2d73d3a1f6f95d80aea77b75df8
There are a few notes:
- The exploit is not 100% reliable currently. It is more like 80% which is good enough for our purposes. So if it does not work on first try, try a few more times. Also doing to much allocating after the sort() is called can make it more unstable.
- The process will crash after the rop is done executing.
- xyz - Much of the code is based off of his code used for the henkaku project
- Anonymous contributor - WebKit vulnerability PoC
- CTurt - I basically copied his JuSt-ROP idea
PS4 HENkaku Ported to PlayStation 4 (PS4) - 3.55 Firmware Code Execution POC by Fire30
By STLcardsWS on Aug 6, 2016 at 6:34 PM
[TUT]Mounting PS2 SingStar on PS3 using webMAN MOD mount_ps2 featureSince @aldostools was nice enough to include this feature in the official builds of webMAN MOD, here is simple guide how to use extracted SingStar PS2 backups on SingStar PS3 version using the mount_ps2 webMAN MOD command.Personally I am using the mount_ps2 command, not sure if mount.ps2 does the same now. I will update wMM this weekend, currently still have 1.43.36 installed but it should work on the latest version unless aldo removed or edited this feature again.
CCAPI Updates Out - The Latest Been Revision 6 Of Version 2.70 Enstone is back with yet another update to Control Console API. This update, as seen in previous ones released, brings compatibility to current custom firmware versions. With the releases by the developers behind Rebug's latest custom firmwares, those been 4.81.1 and 4.81.2, developer Enstone updates CCAPI bringing support to custom firmware 4.81 DEX.Continue reading
VitaShell 1.50/1.51 Released by TheFl0w, Now with USB Access
Well seems developer TheFl0w is back with a new update to his popular application VitaShell with v1.50 and now v1.51 was pushed the next day to fix issues that came around to deliver something Sony blocked from us USB access to our memory cards. No longer are we stuck using the DRM ridden Content Manager Assistant or as we know it (Q)CMA. This allows much faster file transfer over the prior option of FTP access, which BTW is still possible as we can toggle between USB and FTP. This is needed as it seems Vita TV/PSTV users out in the cold as this is only for the Vita HENkaku user base. If you try you will be greeted with this lovely screen.Continue reading
Share This Page
- 4.81 cfw
- henkaku homebrew
- homebrew game
- playstation 2
- playstation 2 emulator
- playstation 2 resources
- playstation portable
- playstation portable cfw
- playstation portable emulator
- playstation portable resources
- playstation tv
- ps vita
- ps2 emulator
- ps2 homebrew
- ps2 resources
- ps3 cfw
- ps3 homebrew
- psp cfw
- psp emulator
- psp resources
- pstv homebrew
- vita homebrew
- vita tv
- webman mod
- xmb mod
- User Record:
- Latest Member:
- Oliver Sokolov
MegaMan- War of the Past OpenBOR OPL ready ISO -Neill Corlett