PSXHAX

While most are still digesting the impact of #CloudBleed, @aimaim dropped by the PSXHAX Shoutbox this morning and shared news of this CVE-2017-6074 Linux Kernel DCCP double-free local root vulnerability (Proof-of-Concept by xairy) with us today!

As was done with CVE-2016-1885, here's to hoping some more PlayStation 4 developers take a peek at it and see what possibilities (if any) it may present.

Until then, some quick observations in the PSXHAX Shoutbox from @xxmcvapourxx:

• kmalloc() <-- dcloser again wow
• but that can cause a lot of issues: https://github.com/fail0verflow/ps4-linux
• config ip dccp ohhhhhhhh wireshark uses it
• can be used on linux

From @VultraAID:

• that DLClose is for IPV6_RECVPKTINFO
• nothing to do with a kernel, if i say

And a follow-up from @xxmcvapourxx:

• no its kmalloc
• you just need web crash find that memory
• then find the offsets for vtable and gadgets

It was recently fixed on February 17, 2017, and to quote from the CVE-2017-6074: Linux kernel: CVE-2017-6074: DCCP double-free vulnerability (local root)

Hi, This is an announcement about CVE-2017-6074 [1] which is a double-free vulnerability I found in the Linux kernel. It can be exploited to gain kernel code execution from an unprivileged processes.

Fixed on Feb 17, 2017:

https://git.kernel.org/cgit/linux/kernel/git/torvalds/linux.git/commit/?id=5edabca9d4cff7f1f2b68f0bac55ef99d9798ba4

The oldest version that was checked is 2.6.18 (Sep 2006), which is vulnerable. However, the bug was introduced before that, probably in the first release with DCCP support (2.6.14, Oct 2005).

The kernel needs to be built with CONFIG_IP_DCCP for the vulnerability to be present. A lot of modern...

Since the initial sign-ups, PS4 4.50 Firmware Beta 2, PS4 4.50 Firmware Beta 3 and Sasuke 4.50 video walkthrough many have reported that the PS4 Firmware 4.50 Beta 4 Update is live (339.9 MB) for official testers, while others including Blastoise confirmed that Sony is sending out another round of invites to those who signed up after the Beta started... so definitely re-check your mail folks!

Download: PS4UPDATE FW 4.50 Beta 4.rar (324 MB) via Senaxx

To quote from PlayFront.de on Beta 4 changes and a possible public release window, roughly translated:

"Unfortunately Sony does not have to provide an official changelog again, so you have to assume that only minor errors have been fixed since the start.

The most important features are therefore the new Quick Menu, the Boost Mode, Custom Wallpapers, as well as 3D Movies Support in conjunction with VR.

It should also be assumed that it will be the last BETA release before the final release, which is expected to take place in the next 1 to 2 weeks."

Cheers to @Sametto Chan for the heads-up on the PS4 Firmware 4.50 Beta 4 Update and to @Skye1337 for providing burner accounts for members here to give Sasuke a test run before it is officially released!

Following his previous demos and the PS4 UI Modding Database, today PlayStation 4 Modder @Thisismrnameles shared a PS4 Custom UI video demonstration HERE showcasing changes in the system app icons for PS4 Firmware 1.76 consoles.

Below is a brief guide from the demo video by Hydrogen, as follows: How to Mod Your Own UI Application with FTP 1.76 PS4

Pre-Requisites

• 1.76 Firmware PlayStation 4 Console
• Eyes
• FileZilla

Hand Typed Tutorial by Hydrogen:

1.) Turn on your PS4 Console.

2.) Connect your PS4 to a FTP Server (FileZilla).

3.) On FileZilla, go through your directories from the following and find the game/app you want to change: User > appmeta

4.) Drag the game folder or application folder into a brand new folder. Open it there, and you should see all the meta data for it. From here, "icon0" is the image of the application.

Quick Note: The images have to be 512x512 size, or this will not work. Also, 1st icon0 is a .png, and the 2nd icon0 is a .dds. Pic1/pic2/pic3/etc are always 1920x1080.

5.) Now get your image you want, and make sure you re-edit them to a .png file, and a .dds file. Afterwards, drag and drop them in.

6.) Drop the folder you were editing back into your game applications from FileZilla on your PS4.

7.) Restart your PS4, congratulations you have now created a UI Mod on your applications.

Thanks to @raedoob in the PSXHAX Shoutbox for the tip and @HydrogenNGU on Twitter!

Today Sony released details on the 2017 PlayStation Game Developer's Conference (GDC) including game kiosks, sessions, dates, times and locations all which takes place from February 27 through March 3, 2017 at the Moscone Convention Center in sunny San Francisco, California.

Below is the event's full itinerary courtesy of Sony Interactive Entertainment's Darren Fong, as follows:

Tech Kiosks

• PlayStation VR Aim Controller & 3D Audio
• PlayStation VR Game Engine
• PlayStation Developer Tools – SN Systems
• PlayStation 4 Subdiv
• PlayStation VR Trace Tool
• PlayStation Magic Lab VR Tech Demo

Click here for more information about Tech Kiosks.

Game Kiosks

PS4 Titles	PS4 Pro Titles	PSVR Titles
Pyre Full Throttle Remastered Everything Nex Machina Gang Beasts Cosmic Star Heroine Crash Bandicoot N. Sane Trilogy Nidhogg 2 Sundered Rain World EITR GNOG	GT Sport Horizon Zero Dawn RiME	Farpoint Dino Frontier Psychonauts in the Rhombus of Ruin

Introducing “Ask Developer Relations At GDC”

The Ask Developer Relations table will be here throughout GDC to answer any development related questions around working with PlayStation you may have. Members of our Third Party Developer Relations team will be here to answer them and have discussions with you throughout GDC. Click here for more information about times and availability.

Sponsored Sessions

Subdiv for the PlayStation 4 (Presented by Sony Interactive Entertainment America) (More Info)

Date: Thursday, March 2nd
Time: 11:30am – 12:30pm
Location: Room 3007, West Hall
Speakers: John Doolittle (Senior Software Engineer, SIE), Anthony Rivero (Senior Character Artist, SIE)

Competitive Gaming with PlayStation (Presented by Sony Interactive Entertainment America) (More Info)

Date: Wednesday, March 1st
Time: 11:00am...

The PlayStation Vita scene is on fire following the recent PSVIMGTools release, and today PS Vita developer @SilicaAndPina passed along word on Twitter of a Hidden Applications 3.63 homebrew app that includes a Package Installer (for Interface Demonstration Unit PS Vita IDU consoles) and the ability to Sign Up for PSN which enables Account Switching with details below.

Download: CreateBackup.zip (1.9 MB) / bootimage_extract-master.zip / GIT / PSVIMGTools Frontend / out.zip (PSTV Full Dump - 169.85 MB)

Here is what SilicaAndPina has to say on this homebrew app: Hello! I have had this for awhile but only releasing this now since we have VitaIMGTools which gives us an easy way to install this.

This is a 'homebrew' for 3.63 if you will that allows you to launch the 2 applications that sony has hidden - Package installer (however it doesnt run on non-idu vita's) and - Sign Up For PSN (Enables Account Switching!)

I've made this as easy as i possibly can to install just read the readme.txt inside the .zip file, but if you want a tutorial here:

0.1 Download ★Hidden Applications CreateBackup.zip
1. Download VitaIMGTools for your OS
2. Obtain your CMA Key From: http://cma.henkaku.xyz
just enter your AID (the random letters and numbers where your CMA backups are stored) and it will give you the key.
3. Put the PSVIMGTools in the same place as the readme.txt from CreateBackup.zip
4. Run the BuildScript for your OS.
5. Paste/Enter your CMA Key and press enter
6. Copy the "HIDENAPPS" folder into your CMA Backups/APP Folder
7. Refresh CMA Database, and restore backup to your vita

If your wondering how this works its because it doesn't actually need to launch...