Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.

Kun Yang of Chaitin Tech on PS4 4.01 Jailbreak, OFW 4.05 Untested

PS4 Jailbreaking       Thread starter PSXHAX       Start date Oct 26, 2016 at 6:06 AM       91      
Status
Not open for further replies.
Yesterday we saw their Full Demo Video, and today Kun Yang (GIT / Twitter) of the Chinese PS4 4.01 Jailbreakers Chaitin Tech responded via e-mail to @mcmrc1 who reached out to them with some questions about their recent PlayStation 4 exploit. :hushedface:

Check out the e-mail response image and related Tweets from mcmrc1 below, and in summary they invite all PlayStation 4 fans to follow their Chaitin Tech Twitter for updates on their PS4 Jailbreak, they are still awaiting word back from Sony on their bug submission and have not yet tested their exploit on PS4 Firmware 4.05 to see if it's been patched yet.

Kun Yang of Chaitin Tech on PS4 4.01 Jailbreak.jpg

Thanks to @B7U3 C50SS for the tipoff in the PSXHAX Shoutbox (and PM), @Winchest and a VERY SPECIAL THANKS to @mcmrc1 for reaching out to the Chaitin Team and keeping us all in the loop here! <3
PS4 Jailbreak Firmware 4.05 Untested.jpg
 
Click to expand...
PSXHAX
PSXHAX
Live in Your World, HAX in Ours!
Hello World! I've been reporting on Sony PlayStation hacking news since 2000 and started PSXHAX in 2014 to cover PlayStation (PSX), PlayStation 2 (PS2), PlayStation 3 (PS3), PlayStation 4 (PS4), PlayStation Portable (PSP), PlayStation Vita (PS Vita), PlayStation TV (PS TV) and next-gen PlayStation 5 (PS5) platforms along with anything else of interest.

Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM.

If you enjoy gaming and would like to write (unpaid) for this site, Contact Us and we'll be happy to have ya join our Authors! :)

Comments

The argument validation in r296956 was not enough to close all possible overflows in sysarch

Modified:
stable/9/sys/amd64/amd64/sys_machdep.c
Directory Properties:
stable/9/ (props changed)
stable/9/sys/ (props changed)

Modified: stable/9/sys/amd64/amd64/sys_machdep.c
Code: 
==============================================================================
--- stable/9/sys/amd64/amd64/sys_machdep.c      Tue Oct 25 17:16:08 2016      
(r307940)
+++ stable/9/sys/amd64/amd64/sys_machdep.c      Tue Oct 25 17:16:58 2016      
(r307941)
@@ -612,6 +612,8 @@ amd64_set_ldt(td, uap, descs)
                largest_ld = uap->start + uap->num;
                if (largest_ld > max_ldt_segment)
                        largest_ld = max_ldt_segment;
+               if (largest_ld < uap->start)
+                       return (EINVAL);
                i = largest_ld - uap->start;
                mtx_lock(&dt_lock);
                bzero(&((struct user_segment_descriptor *)(pldt->ldt_base))
@@ -624,7 +626,8 @@ amd64_set_ldt(td, uap, descs)
                /* verify range of descriptors to modify */
                largest_ld = uap->start + uap->num;
                if (uap->start >= max_ldt_segment ||
-                   largest_ld > max_ldt_segment)
+                   largest_ld > max_ldt_segment ||
+                   largest_ld < uap->start)
                        return (EINVAL);
        }
 
PSXHAX said:
Maybe, but if it's been plugged in 4.05 already that price better be lower :D

Let them set up a PS4 jailbreak crowdfunder and everyone can donate like $0.50 for a public jailbreak, instead of lameass Re-DRM dongles for $50+ each shipped from China that only get lost in the mail after you realize they charged your credit card three times... that'll deter PlayStation 4 scene Re-DRM profiteering ;)
Click to expand...
Hahaha of course
 
the Chinese now have working codes for full break-in, between well-known teams and hackers who differences - all want to put the coding on github, but Sony does not. I know personally that they have the decryption lv0, but no one will just pass it.
 
sEKTOR said:
the Chinese now have working codes for full break-in, between well-known teams and hackers who differences - all want to put the coding on github, but Sony does not. I know personally that they have the decryption lv0, but no one will just pass it.
Click to expand...
You are serious?
...
They should leak the stuff -.-

With this...a fully cfw is possible right?
 
sEKTOR said:
the Chinese now have working codes for full break-in, between well-known teams and hackers who differences - all want to put the coding on github, but Sony does not. I know personally that they have the decryption lv0, but no one will just pass it.
Click to expand...
Yeee
 
start with the fact that the developers as I have a chat between hackers, who sit share everything (totally not going to talk about everything). I just have a team and we know what and how, but no one does not want to risk all understand why.
 
Status
Not open for further replies.

PSXHAX Categories

PS4 Jailbreak Status
PS5 Jailbreak Status

Latest Forum Topics

Share This Page

Back
Top