Category PS4 Jailbreaking       Thread starter PSXHAX       Start date Jun 30, 2020 at 1:13 PM       17,710       31            
Status
Not open for further replies.
Long ago we saw the Original PS4 Jailbreak for 1.76 FW via BadIRET Exploitation (Github Articles), and following his recent FreeDVDBoot PS2 DVD Player Exploit PlayStation 4 developer @CTurt shared via Twitter thoughts on FreeDVDBoot for PS3 / PS4 after discovering his FreeDVDBoot PREBUILT ISOs (GIT / Blog) also crash the PS4 in a video demonstration from V3dita BR on YouTube... meaning it may be vulnerable to the same bug, although he favors Blu-ray BD-J Attacks due to ASLR in later Firmware versions. 🤩

Previously we've seen PS4 BD-J (Blu-ray Java) Homebrew, some PS4 BD-J (Blu-ray Java) Homebrew Answers, Ukko's Journey Blu-Play Game, Loading PS4 Payloads via Blu-ray (Server-less Option) BD-J, The UFO Game! Blu-Play Game and a Blu-Play DOOM I Port / Homebrew Games with C / C++ with further details on the PlayStation Blu-ray Disc Drive Security and Hacking PS4 / PS3 Blu-ray Drives via the 36c3 Livestream.

From @CTurt via Twitter in the Tweets below, to quote:
  • Regarding PS3/4, Blueray BD-J is what I'd attack. You can run arbitrary Java code by-design and can some native methods with controlled arguments which could be pretty nice attack surface. ASLR can be defeated in this scenario with some info leak bug, like in WebKit scenario.

  • As you say, exploiting DVD player on PS4 is probably impractical on later firmwares with ASLR (so I'd aim for Blu-ray instead), but apparently my DVDs crash PS4 so it might be vulnerable to the exact same bug lol
And from @theorywrong via Twitter from the Tweet below:
  • Probably vulnerable, but it's Userland with some more auth. And you need to deal with ASLR and It's not easy.
Download: dvdplayer.7z (5.35 MB - contains BdvdPlayerCore.elf from PS4 7.00 and bdp_BDVD.self.elf from PS3 4.86)
CTurt on FreeDVDBoot for PS3  PS4 and Blu-ray BD-J Attacks.jpg
 
:idea: Reminder: Those without a Verified Badge yet on Discord to access the private areas we recommend Joining Us! Why? The waiting process takes a week for new Members, and there's a lot we're unable to share on public forums including the latest PS4 PKG Games. 🏴‍☠️

Comments

Status
Not open for further replies.

jwooh

Staff Member
Moderator
Developer
Senior Member
Contributor
Verified
I saw this for the PS2 pretty cool how it might also work on the PS4 and PS4.
 
:idea: Reminder: Those without a Verified Badge yet on Discord to access the private areas we recommend Joining Us! Why? The waiting process takes a week for new Members, and there's a lot we're unable to share on public forums including the latest PS4 PKG Games. 🏴‍☠️

yota1979

Senior Member
Contributor
Verified
It's a great news, if it's exploitable with a dvd inserted on PS4 I think it's a very very good chance for sony to sell a lot of ps4 before the ps5
 

chrisrlink

Senior Member
Contributor
Verified
as i explained the disclosure "deal" is not a deal at all it was bait to fool these devs into thinking releasing vulnerabilities in the wild after disclosure with sony would be ok but there is one fine detail they probably failed to read on the agreement section 17 of the DMCA still applies

for those who don't know all of the DMCA that is the anti security circumvention law... to put it in layman's terms when they (the devs) release stuff Sony will just sue them and reclaim the money they paid out (pretty crooked on sony's part if you ask me) two things would result

1) it will flat out kill the scene cause devs would just sell their exploits to sony and never release to us ever again (highly likely) or

2) best case scenario (highly unlikely) they care about the scene more after the first lawsuit they'll clam up and not release to sony again (and even though might not be to us either it still means at least one vulrnability will remain unpatched for US to discover)
 

arifx2

Member
Contributor
don't hope too much in this 3 year, cause the patch will never come and the trick release will only make them jailed, probably sony can't patch it, too deep in the codes for the trick that simple update can mess up sony library of games.
 

Chaos Kid

Developer
Senior Member
Contributor
The lawsuit can be bypassed by releasing to other hackers that aren't in sony claw of dmca so the name is never revealed where the leak came from only the info, and besides these guys aren't trying to circumvent their trying to allow homebrew on the system that can be used for greater things
 
Status
Not open for further replies.
Recent Articles
Sega Announces Astro City Mini Arcade with HDMI Out and Classic Games
The legendary @jwooh let us know that following the Genesis Mini, TG-16 / PC Engine Mini and Capcom Home Arcade developer Sega recently announced their Astro City Mini Arcade featuring HDMI out to...
Sony Unveils First Look at Box Art for Upcoming PS5 Games
Topping the PlayStation 5 News today is a PS5 Box Art Unveiling giving everyone a sneak peek at what PS5 games will look like when seen on store shelves this Holiday 2020 season. 🤩 This latest...
Latest Sony PlayStation Store Sale on PSN Games for July 2020
Sony's latest PlayStation Store promotion for July is now underway featuring a sale on a variety of PSN 'thrilling adventure' games including MediEvil, Devil May Cry 5 Deluxe Edition and Call of...
PS4 Webkit Bad_Hoist 6.72 Exploit Port WIP by Sleirsgoevy & 6.72 Dumps
Proceeding his PS4 ROP 8CC Port and the 7.02 PS4 Kernel Exploit (KEX) release, PlayStation 4 scene developer sleirsgoevy added a work-in-progress (WIP) port of the PS4 Webkit Bad_Hoist 6.XX...
Top