cristi20tgv
Forum Noob
This means nothing...he ask theflow0 eta when he just put some smiles on tweeter...Cturt will not release nothing...the only chance it's that another or theflow0 release ..not cturt
PS4 (Rumor) Possible Exploit for 8.52
- Thread starter pinky
- Start date
cristi20tgv
Forum Noob
And pinky on hackerone Sony claims also a WebKit to test before they pay 10k ...if they doesn't test the xploit with a WebKit they doesn't pay him 10k
pinky
Retired
you don't need a webkit exploit to test a kernel one. that's what happened with theflow. he used a 7.02 flash dump to test if the exploit still worked, without a webkit exploit being available, and it did. we didn't have a webkit exploit at the time for when that kernel exploit (7.02) was released.
I doubt that s#ny would require people to submit a second separate 0-day exploit in order to claim the bounty on the first but then again conditions for bounty attribution may evolve & it is safer not to put anything past them. Lol
I believe the requirement is that the vulnerability must be demonstrated on the ps4 so I assume that in many cases, it would be sufficient to show:
1. the new kernel vulnerability exploited on 7.xx (using a 7.xx webkit exploit to trigger the kexploit or whatever else you may have to run unsigned code or rop in userland)
2. the kernel code where the vulnerability is located has not changed since 7.xx & if ever it has, show at least that the vulnerability is still there.
Of course some vulnerabilities may appear in 8.52 & not exist in previous versions etc.. so you have to adapt to the situation & find a way to demonstrate the vulnerability otherwise no bounty (or maybe a reduced bounty?). But obviously if you report a kernel exploit on 8.52 that cannot be tested on 7.xx, I am sure s#ny would be curious to know how you tested it, as you would most likely need to have a userland exploit for 8.52 at your disposal..
I believe the requirement is that the vulnerability must be demonstrated on the ps4 so I assume that in many cases, it would be sufficient to show:
1. the new kernel vulnerability exploited on 7.xx (using a 7.xx webkit exploit to trigger the kexploit or whatever else you may have to run unsigned code or rop in userland)
2. the kernel code where the vulnerability is located has not changed since 7.xx & if ever it has, show at least that the vulnerability is still there.
Of course some vulnerabilities may appear in 8.52 & not exist in previous versions etc.. so you have to adapt to the situation & find a way to demonstrate the vulnerability otherwise no bounty (or maybe a reduced bounty?). But obviously if you report a kernel exploit on 8.52 that cannot be tested on 7.xx, I am sure s#ny would be curious to know how you tested it, as you would most likely need to have a userland exploit for 8.52 at your disposal..
Last edited:
atreyu187
Loathsome Dung Eater
They do not it's just a bunch of tweens upset they can't pirate the latest games. Suck it up buttercup they owe you and I absolutely NOTHING. If they release cool but devs have been burnt by the masses to where most don't give a crap if the end user gets their exploit. Cancerous people like GaryOPA use others work to like their pockets. Then you have everyone asking ETA WHEN?!??! I wouldn't disclose it to you guys either.
pinky
Retired
I couldn't care less about the games. for example, I haven't hacked my hackable switch at all. I don't know much about it, but all I'd want to do is backup my saves. I also wouldn't want to get caught, then banned. cloud saving is one of the only reasons I'm a member of nso (pay next year, next month actually), because my original switch died while still under warranty. I lost all saves, since I wasn't a member. I've gotten all saves back but octopath and xenoblade chronicles 2. I kinda lost interest in both games after that happened. anyway, I don't want to pirate games for any system, because then I wouldn't play them. there's no obligation to anyway.
cristi20tgv
Forum Noob
No news?
Checkity_CheckYoSelf
Member
So I turned off internet on my console at 8.52 on my ps4 a while ago as well as turned off automatic system updates. I know that 9.00 came out recently so i'm trying to avoid my system updating just in case we get lucky. If I turn internet back on, will it allow me to get game updates without forcing a console update? Also I take it I won't be able to play my psn plus games until I update to the latest? Appreciate the advice.
pinky
Retired
I've heard you had to be on the latest firmware or signed into psn to download game updates, but with my first tutorial of blocking sony, I thought I could download updates while blocking psn (not entirely sure). you could try the dns to see if you can download game updates. it should block sony. I don't know if it changes regularly though, considering I'm offline completely and have never used it. if the dns fails, you shouldn't be able to connect to the internet though afaik.
as for psn plus games, most likely won't be able to download them. sometimes updates are not mandatory, but I'm sure this one is. it fixes the c-bomb problem, but I've heard of wide-scale bricks, so sony may retract the update. I don't know how true that is, just heard of it happening.
btw, if an exploit does materialize, you can use this site: https://orbispatches.com/en/
they're official packages (not fake packages), so you need the game disc or license for them to work, but once installed (installed the normal way), they can be dumped to fpkg by just opening the game.
also, btw, I think pkg files that are split can be combined with the copy /b command. that's how I merged final fantasy vii remake actually, and it didn't seem to mess anything up. pkg files are split into 4GB parts on psn, since the ps4 is only capable of reading up to that size. it merges them on the system using a manifest file, I believe. I read about how pkg files work on the ps4 a while back, so this is based on memory. the manifest file is just what it sounds like: a list of content within the pkg files.
here's where it mentions that: https://www.psdevwiki.com/ps4/Package_Files#Manifest
as for psn plus games, most likely won't be able to download them. sometimes updates are not mandatory, but I'm sure this one is. it fixes the c-bomb problem, but I've heard of wide-scale bricks, so sony may retract the update. I don't know how true that is, just heard of it happening.
btw, if an exploit does materialize, you can use this site: https://orbispatches.com/en/
they're official packages (not fake packages), so you need the game disc or license for them to work, but once installed (installed the normal way), they can be dumped to fpkg by just opening the game.
also, btw, I think pkg files that are split can be combined with the copy /b command. that's how I merged final fantasy vii remake actually, and it didn't seem to mess anything up. pkg files are split into 4GB parts on psn, since the ps4 is only capable of reading up to that size. it merges them on the system using a manifest file, I believe. I read about how pkg files work on the ps4 a while back, so this is based on memory. the manifest file is just what it sounds like: a list of content within the pkg files.
here's where it mentions that: https://www.psdevwiki.com/ps4/Package_Files#Manifest
Last edited by a moderator:
Please, this is an English forum, so if you want to post in Spanish, add a translation otherwise your posts will get deleted.
SeanRanklin
Member
Still have an old PS4 sitting on 8.03, patiently waiting for a exploit. 
Egopez
Forum Noob
Cturt said that even if there is a jailbreak, he cannot be released until Sony gives him permission
I put it in English, I don't know why it came out in Spanish,sorry
No worries & no need to apologise.
;-)
cristi20tgv
Forum Noob
He told you this ?
He does not need to, that's how it works for those bounties afaik, the claimant agrees not to disclose any information through a NDA, until s#ny allows disclosure.
When the vulnerability is in freebsd or other open source based code, they seem to approve disclosure (most likely because of the licensing terms they agreed to) & the creation of a CVE (made public only after they fixed their firmware code), otherwise they don't.
Last edited:
pinky
Retired
I think @zecoxao said it's a kernel exploit, but we're still not sure how high up in firmware it goes. however, it's thought to be 8.52. don't have a webkit exploit, or some other userland exploit, which will be needed to use the kernel one. a userland exploit doesn't grant you much access to stuff. I took a picture of the userland exploit of 4.07 on my system, when the kernel exploit only went up to 4.05. let me see if I can find it (found it). can't do much with it, but it was pretty exciting for me:
Similar threads
-
PS1 Special Pico-memcard+/BitFunX PSX Memcard Firmware For FreePSXBoot Users- Started by alexfree
- Replies: 0
-
PS3 Rumors about PS3 online service shutdown - and how to prepare
- Started by NiQ
- Replies: 2
-
PS3 PS3HEN w/ Linux & Overclocking Support? BadHTAB A hardware-software based hypervisor (lv1) exploit- Started by STLcardsWS
- Replies: 52