Live in Your World, HAX in Ours!
Hello World! I've been reporting on Sony PlayStation hacking news since 2000 and started PSXHAX in 2014 to cover PlayStation (PSX), PlayStation 2 (PS2), PlayStation 3 (PS3), PlayStation 4 (PS4), PlayStation Portable (PSP), PlayStation Vita (PS Vita), PlayStation TV (PS TV) and next-gen PlayStation 5 (PS5) platforms along with anything else of interest.
Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM!
Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM!
FreeBSD Compatibility Layers Weakness Analysis by PS4 Dev CTurt
Earlier this month we reported on his analysis of FreeBSD Kernel Exploits, and today PlayStation 4 developer CTurt returns with his analysis of stack disclosure vulnerabilities in FreeBSD Linux compatibility layers.
Check out his full analysis on GitHub with the related FreeBSD Project FreeBSD-SA-16:20.linux and FreeBSD-SA-16:21.43bsd Security Advisories now posted as well.
Thanks to @GrimDoe for the news tip in the PSXHAX Shoutbox today!
Check out his full analysis on GitHub with the related FreeBSD Project FreeBSD-SA-16:20.linux and FreeBSD-SA-16:21.43bsd Security Advisories now posted as well.
Thanks to @GrimDoe for the news tip in the PSXHAX Shoutbox today!
PS4 Linux on 3.50 via Blu-ray Drive with BDLive Bug by 00001234
Recently we reported on the PS4 3.50 Webkit Crash avenue to exploit the PlayStation 4 browser, and thanks to @toni1988, @Chaos Kid and @mcmrc1 in the Shoutbox comes news of PS4 Linux also running on 3.50 OFW using the PlayStation 4 Blu-ray drive as the loader through a BDLive bug from 00001234. 
To quote, roughly translated: So great is the vulnerability hardly, it is unencrypted and the code is freely available. Funny that's, this is on the 3.50. Thus one can save anything on the PS4 and also run! So you can even boot Linux.
What do you need:
1. Windows or Linux system
2. Charles web debugging proxy or burpsuite
3. A film with BDLive (in my test it was by Universal Pictures) others will surely go well. Can you really test yourself.
4. Connect to best PS4 with Lan.
It is described for Charles... Insert and start now to film, short wait at Charles appears Universal Pictures after about 1 minute a bootloader file.
Looks like this:
XML source
To quote, roughly translated: So great is the vulnerability hardly, it is unencrypted and the code is freely available. Funny that's, this is on the 3.50. Thus one can save anything on the PS4 and also run! So you can even boot Linux.
What do you need:
1. Windows or Linux system
2. Charles web debugging proxy or burpsuite
3. A film with BDLive (in my test it was by Universal Pictures) others will surely go well. Can you really test yourself.
4. Connect to best PS4 with Lan.
It is described for Charles... Insert and start now to film, short wait at Charles appears Universal Pictures after about 1 minute a bootloader file.
Looks like this:
XML source
Code:
<?xml version="1.0" encoding="utf-8"?>
<update version="1" targetTitle="89">
<statusCodes>
<statusCode id="100" type="Information">Successful</statusCode>
</statusCodes>
<resources>
<resourceFile uri="http://cdn.www.universalhidefclub.com/u/ContentServer/Universal/xxxxxxx/Package/xxxx-xxxx-xxxx-xxxx-xxxx/boot.bin" fileSizeInBytes="1234" localStorage="common/boot.bin">
</Resource file>
<resourceFile uri="http://cdn.www.universalhidefclub.com/u/ContentServer/Universal/xxxxxxx/Package/xxxx-xxxx-xxxx-xxxx-xxxx/boot.xml" fileSizeInBytes="1234" localStorage="common/boot.xml">
</Resource file>
<resourceFile uri="http://cdn.www.universalhidefclub.com/u/ContentServer/Universal/xxxxxxx/Package/xxxx-xxxx-xxxx-xxxx-xxxx/v3.zip" fileSizeInBytes="1234" localStorage="v1.zip">
</Resource file>
</Resources>
<bumf>
<bumfFile...
First Decrypted Audio Packet in PS4 3.50 FW for RPPC by Twist3d89
Following his initial Remote Play PC release, PlayStation 4 developer Twist3d89 of Twisted Productions tweeted today that they are finally making progress on Sony's PS4 3.50 Firmware update announcing news of the first decrypted audio packet for RPPC.
Check out the tweets below!
Cheers to @B7U3 C50SS for the heads-up in the PSXHAX Shoutbox!
https://www.psxhax.com/threads/play...ing-ps4-video-demo.330/PS4 3.50 Firmware[/url
Check out the tweets below!
Cheers to @B7U3 C50SS for the heads-up in the PSXHAX Shoutbox!
https://www.psxhax.com/threads/play...ing-ps4-video-demo.330/PS4 3.50 Firmware[/url
Sony Announces PS4 Sales of Over 40 Million Globally!
Way to go PlayStation 4! Today Sony Interactive Entertainment officially announced that their PS4 sales have now reached over 40 million consoles around the globe! 
From their Press Release:
SAN MATEO, CA, May 26, 2016 – Sony Interactive Entertainment (SIE) today announced that PlayStation 4 (PS4) has cumulatively sold through more than 40 million units*1 to consumers worldwide as of May 22, 2016, continuing to demonstrate the fastest-selling console in PlayStation history.
By offering users a vast array of exciting software titles from 3rd party developers and publishers as well as from SIE Worldwide Studios (SIE WWS), PS4 software sales also remain strong, with more than 270.9 million copies*2 sold in retail stores globally and through digital downloads on PlayStation Store as of May 22, 2016.
“We are truly grateful for the enormous support from our fans and partners across the globe, which helped us achieve this significant milestone in such a short span of time,” said Andrew House, President and Global CEO of Sony Interactive Entertainment.
“We will strive to deliver even more exciting gaming experiences to our users, further driving the momentum and accelerating the expansion of the PS4 platform and its business this fiscal year by offering an unparalleled line-up of games, bringing our virtual reality system, PlayStation VR, to market and providing ground-breaking features and network services.”
On the software front, much anticipated title, Uncharted 4: A Thief's End (SIE WWS), was released on May 10, recording remarkable global sales of over 2.7 million units in just one week. PS4 software portfolio will continue to expand with highly anticipated games including FINAL FANTASY XV (SQUARE ENIX CO., LTD), Nioh (KOEI TECMO GAMES CO., LTD.), Ryu ga Gotoku 6 (SEGA Games Co., Ltd.), Gran Turismo SPORT, Gravity Rush 2, and The Last Guardian (SIE WWS).
The independent development community will also continue to deliver a variety of innovative new titles for PS4 including DOWNWELL (Devolver Digital), Jotun (Thunder Lotus Games) and Push Me Pull You (House House Games). *3
SIE will continue to expand the world of PS4 to deliver entertainment experiences that are only possible on PlayStation.
The PS4 system is currently available in 124 countries and regions*4 worldwide.
From their Press Release:
SAN MATEO, CA, May 26, 2016 – Sony Interactive Entertainment (SIE) today announced that PlayStation 4 (PS4) has cumulatively sold through more than 40 million units*1 to consumers worldwide as of May 22, 2016, continuing to demonstrate the fastest-selling console in PlayStation history.
By offering users a vast array of exciting software titles from 3rd party developers and publishers as well as from SIE Worldwide Studios (SIE WWS), PS4 software sales also remain strong, with more than 270.9 million copies*2 sold in retail stores globally and through digital downloads on PlayStation Store as of May 22, 2016.
“We are truly grateful for the enormous support from our fans and partners across the globe, which helped us achieve this significant milestone in such a short span of time,” said Andrew House, President and Global CEO of Sony Interactive Entertainment.
“We will strive to deliver even more exciting gaming experiences to our users, further driving the momentum and accelerating the expansion of the PS4 platform and its business this fiscal year by offering an unparalleled line-up of games, bringing our virtual reality system, PlayStation VR, to market and providing ground-breaking features and network services.”
On the software front, much anticipated title, Uncharted 4: A Thief's End (SIE WWS), was released on May 10, recording remarkable global sales of over 2.7 million units in just one week. PS4 software portfolio will continue to expand with highly anticipated games including FINAL FANTASY XV (SQUARE ENIX CO., LTD), Nioh (KOEI TECMO GAMES CO., LTD.), Ryu ga Gotoku 6 (SEGA Games Co., Ltd.), Gran Turismo SPORT, Gravity Rush 2, and The Last Guardian (SIE WWS).The independent development community will also continue to deliver a variety of innovative new titles for PS4 including DOWNWELL (Devolver Digital), Jotun (Thunder Lotus Games) and Push Me Pull You (House House Games). *3
SIE will continue to expand the world of PS4 to deliver entertainment experiences that are only possible on PlayStation.
The PS4 system is currently available in 124 countries and regions*4 worldwide.
Code:
*1 Number of retail sales to...
PS4 3.50 Webkit Crash Exploit Demo Video via JNSXM0nster
Proceeding the PS4 3.50 Webkit Exploit, this past weekend we saw the release of a PS4 Heap Use-After-Free at WebCore 3.50 PoC and today the awesome @GrimDoe tipped us off in the Shoutbox thanks to @toni1988 that JNSXM0nster of JNSX Modz shared a demo video of a PS4 3.50 Webkit Crash Exploit he was testing out.
Check out the PlayStation 4 3.50 crash exploit footage below, and from the video's caption:
Disclaimer: This crash was not found by me, i was simply just testing it out however more info on these sites.
https://www.psxhax.com/
http://wololo.net/
http://playstationhax.it/
Also below is a cleaned up version of the PS4 3.50 Webkit Exploit with some screen grabs by BANFREEDJ and links to the most recent version of the PS4 Webkit Playground from eXtreme:
Check out the PlayStation 4 3.50 crash exploit footage below, and from the video's caption:
Disclaimer: This crash was not found by me, i was simply just testing it out however more info on these sites.
https://www.psxhax.com/
http://wololo.net/
http://playstationhax.it/
Also below is a cleaned up version of the PS4 3.50 Webkit Exploit with some screen grabs by BANFREEDJ and links to the most recent version of the PS4 Webkit Playground from eXtreme:
- PS4 Web Crash 3.50
- PS4 WebKit Playground (1.76) / PS4 WebKit Playground (1.76 - DE)
- PS4 WebKit Playground Lite (1.76) / PS4 WebKit Playground Lite (1.76 - DE)
- PS4_DEV Files