JailbreakMe PS4 4.0x: PS4 4.0x WebKit RCE Exploit by Qwertyoruiopz!

Following the PS4 Playground for Firmware 3.55 and PS4 3.55 File Browser, today PlayStation 4 developer qwertyoruiopz made available a PS4 4.0x WebKit RCE Exploit dubbed JailbreakMe PS4 4.0x with details via Twitter below!

PS4 Link (click go 3 times): http://rce.party/ps4/ / local rce.rar (3 KB) via Nesterwork / Local RCE v2.rar (6 KB) via Nesterwork / Local rce v3.rar (12 KB) via Nesterwork

According to the developer's Tweets below, the bug used is a stack uninit read yielding UaF and the actual exploit does nothing but give you read/write/infoleak arbitrary JS object primitives.

He also confirmed the exploit won't work on PS4 4.50 as Sony updated WebKit past a vulnerable version unfortunately, but it's still an entry point for those on PlayStation 4 OFW 3.55 through 4.07.

That said, if you give it a try on a PlayStation 4 under 4.50 and receive a ffff000000000539 error prompt it's expected output for the exploit's success.

Spoiler: Related Twitter Tweets

Cheers to @DarkElementPL, @DoxyMarket, @hyndrid, @ryan111, @toni1988 and @vettegast for sharing the news in the PSXHAX Shoutbox!

 

[GrimDoe]

Im hoping the next big step is having everything that we already have on 1.76 so i can update
And get pass 1.76
But not going to do anything until then. Fantastic news for today and I really do hope this is a big sign for what's to come....

 

[cebs]

Just wanted to let you all know that works on 4.07

​

 

[gammerfordement]

I clicked three times on ps4 slim v3.55 and it did not work

 

[Samuze]

I just tried it and got the same error message, meaning that it works, by the way I am on 4.05

 

[Howie648]

Anyone else having trouble with the slim? Mine is on 4.50 and my phat still rocking 3.55.

 

[xGTAPro]

I tried on 1.76 but nothing happen when i press GO

 

[Samuze]

I clicked three times on ps4 slim v3.55 and it did not work

Check your net connection or refresh the page and try again, it should work, unless you're not on 3.55 check it out again

 

[gammerfordement]

Check your net connection or refresh the page and try again, it should work, unless you're not on 3.55 check it out again

The connection to the network is fine, the ofw is 3.55, at 3 clicks only the browser is locked and does not throw any messages.

 

[Samuze]

I tried on 1.76 but nothing happen when i press GO

Have you written well the article ?!
If i am not wrong it's for the 4.xx, and don't forget to click GO in a quick way 3 times by pressing the X button !

The connection to the network is fine, the ofw is 3.55, at 3 clicks only the browser is locked and does not throw any messages.

The same thing happened to me, but i retried 2 or 3 times, and then it worked ! i am on 4.05, just insist, it has to work

 

[xGTAPro]

Have you written well the article ?!
If i am not wrong it's for the 4.xx, and don't forget to click GO in a quick way 3 times by pressing the X button !

ye i know but this work also for people who have 3.55 not only 4.0x so i tried on 1.76