Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 / PS5 PKGs.
Category PS5 Jailbreaking       Thread starter Thread starter PSXHAX       Date / timeStart date Sep 14, 2022 at 8:07 PM       Replies 16      
Status
Not open for further replies.
Proceeding his previous FreeDVDBoot for PS3 / PS4 & Blu-ray BD-J Attacks and Tweet updates, today Security Engineer @CTurt announced on Twitter a new article covering mast1c0re: Hacking the PlayStation 4 / PlayStation 5 through the PS2 emulator utilizing an unpatched PS4 / PS5 userland exploit that allows running PS2 game backups as well! 🥳

Below is a mast1c0re PS2 Emulator Escape demonstration video from CTurt's YouTube Channel with an excerpt from his mast1c0re: Hacking the PS4 / PS5 through the PS2 Emulator - Part 1 - Escape article:

"PS2 p!racy is a fun implication, especially being able to disclose it despite there being no patch, but my main goal was getting native homebrew applications running.

Regarding that goal, escaping the emulator is just the first half of the chain; we can't yet write arbitrary native code since our application process only has permission to map JIT shared memory as executable, not writeable.

We could technically write "PS4-enhanced" PS2 homebrew applications that could use any native PS4 functionality, and so could behave essentially the same as normal PS4 homebrew (accessing the PS4 controller's touchpad, etc), but I really wanted to achieve fully arbitrary code execution for a more practical homebrew environment. This makes the next step attacking the compiler process: mast1c0re - Hacking the PS4 / PS5 through the PS2 Emulator - Part 2 - Arbitrary Code Execution."
mast1c0re PS2 Emulator Escape Demo - Backup Loader Scenario

Proof-of-concept demonstration of loading custom PS2 ISO files using the mast1c0re emulator escape exploit: https://cturt.github.io/mast1c0re.html

The lengthy upload time was cut from this demonstration video, but could be improved to more practical speeds in the future by implementing compression support.


:arrow: Update: Another report by CTurt has now been closed according to the PlayStation Hacktivity on HackerOne for those keeping track, although no further progress updates are currently available.
it's a use after free. if it affects ps4 or ps5 i don't know yet, but it looks promising
the fdescfs bug is not valid on ps4 but can be valid on ps5. the issue lies on the ability to interact with /dev/fd 0 1 2 (ps4 is freebsd 9 so it handles this part properly)

:arrow: Mast1c0re: Hacking PS4 / PS5 via PS2 Emulator Part 2 by CTurt

[ATTACH type="full" alt="Mast1c0re Hacking PS4 PS5 with Userland Exploit via PS2 Emulator by CTurt.png"]7823[/ATTACH]
 

Comments

No, not all PS2toPS4 games are playable I.E. Klonoa 2 so this is going to the best emulator of all time on PS4/PS5 unpatched.
 
Status
Not open for further replies.
Back
Top