Just getting into the PS4 scene

MurkyConspiracy · Jul 9, 2017 at 2:11 PM

I've been a small timer modder/hacker for awhile producing mainly private mods and hacks, a couple public ones, but mainly for PC games and such. I think I would like to get into the PS4 scene. I understand a couple programming languages and can learn fairly quickly the basics of a new one. I was wondering what I need to get started in this new 'field' if you will.

I currently have a PS4 with 3.55, I updated it to this because i was above 2.0 already and figured I had seen some development for this firmware version. I have my webkit server running and have been playing around with that side of things.

I got all the basic PoC stuff up and going and downloaded the file browser exploit but functionality and design was very minimal so that is kinda what I am aiming at improving first. I am not used to scripting languages so JS and HTML are kinda new but they don't seem difficult. I've started making my own 'website' to run exploits on, and am in the process of recreating the file browser exploit.js so I can understand it.

I was wondering if there are any good resources or tips and tricks out there I can use. I would like to be a part of these scene but I am not sure where to go. I still don't really understand what/how the exploits works. I get it's pulling some information off the system from the PS4 Playground PoC but that doesn't seem like anything major. If anyone can point me in the right direction that would be amazing.

I did however find that the file browser has an upload function that is empty, through a little reverse engineering I found that you can choose a path that then is never used.

Nino Z · Jul 9, 2017 at 4:19 PM

Do you actually mean 3.55 or made and mistake and meant 4.55?

gregdaleg · Jul 9, 2017 at 4:55 PM

Welcome the scene. Its always good to see someone with some knowledge joining the community.

ryan111 · Jul 9, 2017 at 5:48 PM

I would start by learning python if you know that that is good then I would learn how to fuzz the webkit to find vulnrabilitys go here https://github.com/stephenfewer/grinder you will need to update the config file cause it is old just have xampp installed and then you can run the fuzzer over a webserver or you can setup a grinder node but that requires ruby once you find a crash you have to change the log to html and boom it should repeat the crash on the ps4 if keep in mind you will want to run the fuzzer from the webserver on your ps4 you want to look for code execution vuln that is the most useful to start off with anyways that is how I would get started

EDIT: I mean find vuln read and wright access not code execution lol my bad

Wultra · Jul 9, 2017 at 8:11 PM

Dad x

PSXHAX · Jul 9, 2017 at 10:23 PM

It's great to have ya here on the forums @MurkyConspiracy and as for resources I'd definitely recommend checking out CTurt's Articles for some in-depth documentation PS4 development.

MurkyConspiracy · Jul 10, 2017 at 12:14 PM

Nino Z said:
Do you actually mean 3.55 or made and mistake and meant 4.55?

I mean 3.55, I updated from 2.XX to 3.55 because I couldn't find anyway to downgrade to 1.76, and I hadn't found and 2.XX progress being made, so i jumped ship.

PSXHAX said:
It's great to have ya here on the forums @MurkyConspiracy and as for resources I'd definitely recommend checking out CTurt's Articles for some in-depth documentation PS4 development.

ryan111 said:
I would start by learning python if you know that that is good then I would learn how to fuzz the webkit to find vulnrabilitys go here https://github.com/stephenfewer/grinder you will need to update the config file cause it is old just have xampp installed and then you can run the fuzzer over a webserver or you can setup a grinder node but that requires ruby once you find a crash you have to change the log to html and boom it should repeat the crash on the ps4 if keep in mind you will want to run the fuzzer from the webserver on your ps4 you want to look for code execution vuln that is the most useful to start off with anyways that is how I would get started

EDIT: I mean find vuln read and wright access not code execution lol my bad

Thanks! Ill definitely read the article and learn some python, I already have the xampp server thing working, and was playing with building websites to get and idea of what the HTML stuff would be like. Also is JS important here, I've been looking through all the exploits I have found, and they all use a JS payload it seems

ryan111 · Jul 10, 2017 at 12:15 PM

yes those are the test cases you can change them into html and repeat the crash

MurkyConspiracy · Jul 10, 2017 at 12:30 PM

ryan111 said:
yes those are the test cases you can change them into html and repeat the crash

Reading some of the articles that PSXHAX posted, I realize this is a good time to brush up on my C/C++. Being newer to the programming world (took my first class in 2014) my main languages include C# JAVA VB and Lua. I can understand C/C++ to a level but I think for this adventure im going to do some labs/work with C/C++ first before delving in. Im reading the article/tutorial on DS hacking with smash stacks (something I used way back when!) and am trying to learn along side it. hopefully after getting through a couple bit of this over the next day or two I will be better prepared! I have an entire day off on Wednesday so ill have plenty of time to learn my way around! Thanks for all the help

ryan111 · Jul 10, 2017 at 12:35 PM

no problem man have fun

Just getting into the PS4 scene

MurkyConspiracy

Nino Z

gregdaleg

ryan111

Wultra

PSXHAX

MurkyConspiracy

ryan111

MurkyConspiracy

ryan111

PSXHAX Categories

Latest Forum Topics

Share This Page