PSXHAX.COM website and domain for sale. Contact Us with your offer!
PS4 Running Linux Chaitin Tech Exploit at Tencent Security Conference
Many may recall GeekPwn 2016 featuring the Chinese hackers of Chaitin Tech, and while little was available from the closed door Zer0Con their work appears to have resurfaced at the Tencent Security Conference which took place yesterday in Shenzhen, China. :kitty:

Below is a video courtesy of Noam Rathaus‏ of the related Chaitin Tech PlayStation 4 exploit footage showing the PS4 running Linux, who notes to quote: "To clarify, it's exploiting a vulnerability in WebKit, then a vulnerability in FreeBSD to gain execution privileges on a PS4."

Cheers to @raedoob on the PSXHAX Discord and both @UmarDaBest559 and @X41 in the PSXHAX Shoutbox for the news tip and follow-up details! :beer::beer::beer:
PS4 Playground for Webkit Exploits on 1.62 Firmware Port Arrives
Earlier this week we saw PS4 Playground 1.52 / 1.60 Ports, and today @zecoxao announced on Twitter that with the help of VVildCard777 for the gadgets they have now ported the PlayStation 4 Playground for Webkit Exploits to Firmware 1.62 with minimal code exec again. :winkxf2:

He also notes this will be the last PS4 Playground port he's doing as 1.70 introduces usermode ASLR (Address Space Layout Randomization) and system update nagging as detailed in the Tweets below.

Download: playground-1.62-master.zip / GIT / Live Demo / PS4 Web Exploits Mirror / PS4 Web Exploits Mirror #2

From the README.md on this latest PS4 playground revision:

A collection of PS4 tools and experiments using the WebKit exploit. This is for firmware 1.76/1.62/1.61/1.60/1.52/1.50b/1.01 only at the moment.

Props to @Bultra for the heads-up in the PSXHAX Shoutbox earlier today! <3
PS4 Secure Asset Management Unit (SAMU) Processor by HydrogenNGU
Following the previous updates on PlayStation 4's Secure Asset Management Unit more commonly referred to as SAMU, @HydrogenNGU shared details on further understanding the PS4 processor SAMU for developers. :geek:

According to a SAMU patent, it's described as a method and apparatus for including architecture for protecting multi-user sensitive code and data.

Below is a summary of what Hydrogen on NGU shared about it including details from Fail0verflow slides (if you missed it, see their Postscript also) to quote in part: Understanding The PS4 Processor SAMU

Conclusion


Overall, SAMU is a strong processor that holds mostly everything everyone in the PS4 Scene wants. If someone ever handles SAMU, modding has the chance to go online, but I don't know how things would work with the banning and the CIDs. We already had a few discussions speaking about the PSID awhile back. We know @theorywrong and @2much4u had discovered Partial IDPS from the kernel memory, including the PSID since it's there as well. To read more about that old post, you can view it here.

You can dump it from the kernel memory with a certain payload, and I will not be providing any payload in order to so. In addition, @zecoxao had explained to us you could do the same with it running the dl close. Use memcpy in the Kernel Mode, and use sys sendto. This should send it to your computer.

Approximately, most things that were done on PlayStation 3 is of course, possible on the PlayStation 4. If this ever gets decrypted and fully hacked. Yes, you'd see a lot of new innovations being brought on to the table. That's of course, if someone releases it first. This is a little guide explaining what SAMU is, and what it does. Hopefully, this clears out the questions from the air I've always got. Always...
PlayStation 4 Webkit Playground 1.52 / 1.60 Firmware Ports Arrive
Following his recent PS4 Playground 1.50b Port, PlayStation 4 developer zecoxao with help from VVildCard777 added PlayStation 4 Webkit Playground 1.52 and 1.60 Firmware ports to Github today for those seeking to examine pre-2.00 OFW versions before Sony ramped up the security. :D

Download: playground-1.52-master.zip / 1.52 GIT / playground-1.60-master.zip / 1.60 GIT / PS4 Playground Live Demo / Websploit.org (Mirror)

Another PS4 Github update comes from shakugan who recently shared a WIP called PS4Misc by esc0rtd3w for those seeking to run things outside the PlayStation 4 browser.

Currently their PlayStation 4 Playground WebKit exploit forks include support for PS4 firmware 1.76 / 1.60 / 1.52 / 1.50b / 1.01 only at the moment.

As @zecoxao notes below, to quote: 1.51 playground is not possible at the moment (missing a gadget that is not on main modules) and 1.61 playground is the exact same as 1.60.

And from the PS4Misc README.md file, to quote: if u want to run stuff outside the browser:

place a loader in /data/rcved

export ps4ip=xxx.xxx.xxx.xxx

cd function_hook make ./run.sh cd shellcore_inject make ./run.sh press home and do something like opening a non-granted pkg

at this point the 2nd loader should be running

rerun the kernel hooks outside the browser cd function_hook ./stage2.sh
Cheers to both @Bultra and @oneman123 in the...
PS4 Webkit Playground Ported to Firmware 1.50b by Zecoxao
Since the PS4 Playground 1.76, 3.55 Port, PS4 Playground 1.01, 1.05 Port, 3.x Playground and even a PS3 Port of CTurt's original PS4 WebKit Playground today @zecoxao ported it to PlayStation 4 Firmware 1.50b with details below from his Twitter feed. :fire:

There are also more PS4 MEME's courtesy of @Ginsor, @X41 and @xxmcvapourxx added to the PSXHAX Shoutbox MOTD for any developers interested! :angel:

Download: playground-1.50b-master.zip / GIT / PS4-Custom-WebKit-Playground_v2.00.01.rar (2.0 MB) / Zecoxao's Github (even more recent updates)

According to the updated README.md this PS4 playground branch is currently for firmwares 1.76 / 1.50b / 1.01 only at the moment, and for those unaware it's a collection of PS4 tools and experiments using the WebKit exploit.

Thanks to @romantizma for the heads-up earlier this morning in the PSXHAX Shoutbox! <3
Back
Top