Category PS4 Jailbreaking       Thread starter PSXHAX       Start date Jun 30, 2020 at 1:13 PM       18,772       31            
Status
Not open for further replies.
Long ago we saw the Original PS4 Jailbreak for 1.76 FW via BadIRET Exploitation (Github Articles), and following his recent FreeDVDBoot PS2 DVD Player Exploit PlayStation 4 developer @CTurt shared via Twitter thoughts on FreeDVDBoot for PS3 / PS4 after discovering his FreeDVDBoot PREBUILT ISOs (GIT / Blog) also crash the PS4 in a video demonstration from V3dita BR on YouTube... meaning it may be vulnerable to the same bug, although he favors Blu-ray BD-J Attacks due to ASLR in later Firmware versions. šŸ¤©

Previously we've seen PS4 BD-J (Blu-ray Java) Homebrew, some PS4 BD-J (Blu-ray Java) Homebrew Answers, Ukko's Journey Blu-Play Game, Loading PS4 Payloads via Blu-ray (Server-less Option) BD-J, The UFO Game! Blu-Play Game and a Blu-Play DOOM I Port / Homebrew Games with C / C++ with further details on the PlayStation Blu-ray Disc Drive Security and Hacking PS4 / PS3 Blu-ray Drives via the 36c3 Livestream.

From @CTurt via Twitter in the Tweets below, to quote:
  • Regarding PS3/4, Blueray BD-J is what I'd attack. You can run arbitrary Java code by-design and can some native methods with controlled arguments which could be pretty nice attack surface. ASLR can be defeated in this scenario with some info leak bug, like in WebKit scenario.

  • As you say, exploiting DVD player on PS4 is probably impractical on later firmwares with ASLR (so I'd aim for Blu-ray instead), but apparently my DVDs crash PS4 so it might be vulnerable to the exact same bug lol
And from @theorywrong via Twitter from the Tweet below:
  • Probably vulnerable, but it's Userland with some more auth. And you need to deal with ASLR and It's not easy.
Download: dvdplayer.7z (5.35 MB - contains BdvdPlayerCore.elf from PS4 7.00 and bdp_BDVD.self.elf from PS3 4.86)
CTurt on FreeDVDBoot for PS3  PS4 and Blu-ray BD-J Attacks.jpg
 

Comments

Status
Not open for further replies.

jwooh

Staff Member
Moderator
Developer
Senior Member
Verified
I saw this for the PS2 pretty cool how it might also work on the PS4 and PS4.
 

yota1979

Senior Member
Contributor
Verified
It's a great news, if it's exploitable with a dvd inserted on PS4 I think it's a very very good chance for sony to sell a lot of ps4 before the ps5
 

chrisrlink

Senior Member
Contributor
Verified
as i explained the disclosure "deal" is not a deal at all it was bait to fool these devs into thinking releasing vulnerabilities in the wild after disclosure with sony would be ok but there is one fine detail they probably failed to read on the agreement section 17 of the DMCA still applies

for those who don't know all of the DMCA that is the anti security circumvention law... to put it in layman's terms when they (the devs) release stuff Sony will just sue them and reclaim the money they paid out (pretty crooked on sony's part if you ask me) two things would result

1) it will flat out kill the scene cause devs would just sell their exploits to sony and never release to us ever again (highly likely) or

2) best case scenario (highly unlikely) they care about the scene more after the first lawsuit they'll clam up and not release to sony again (and even though might not be to us either it still means at least one vulrnability will remain unpatched for US to discover)
 

arifx2

Senior Member
Contributor
don't hope too much in this 3 year, cause the patch will never come and the trick release will only make them jailed, probably sony can't patch it, too deep in the codes for the trick that simple update can mess up sony library of games.
 

Chaos Kid

Developer
Senior Member
Contributor
The lawsuit can be bypassed by releasing to other hackers that aren't in sony claw of dmca so the name is never revealed where the leak came from only the info, and besides these guys aren't trying to circumvent their trying to allow homebrew on the system that can be used for greater things
 
Status
Not open for further replies.
Recent Articles
PS5 DualSense Wireless Controller to Have Updatable Software
When you thought updating PlayStation 5's Firmware just to play a video game is enough hassle, Sony kicked things up a notch with confirmation on the DualSense Wireless Controller official page...
Latest PS4 Games Joining PlayStation Now in August 2020
Today Sony revealed the latest PS4 additions to their PlayStation Now digital video game streaming service this August for PS Now members will be Hitman 2, Greedfall and Dead Cells. šŸ˜€ Here's more...
Sony Reveals PS5 Details on Compatible PS4 Peripherals and Accessories
In PS5 News today, Sony revealed details on compatible PS4 peripherals and accessories with their upcoming PlayStation 5 console launch that is just months away now. After unveiling the PS5...
PS4 IPv6 UAF 6.70-6.72 Kernel Exploit with Patches, Maybe More Stable!
Since his PS4 Save Mounter Utility release, the PS4 6.20 ROP Execution Method, PS4 Webkit Bad_Hoist Exploit, 7.02 PS4 KEX, PS4 Webkit Exploit 6.72 Port, PS4 6.72 Jailbreak Exploit, Backporting PS4...
Top