Official HENkaku PS Vita Jailbreak Exploit Site Now at HENkaku.me

Today PlayStation Vita hacker Yifan Lu tweeted that the original Henkaku domain https://henkaku.xyz/ has been taken down and redirects to their new home located at https://henkaku.me/ to continue the PS Vita 3.60 jailbreak exploit love!

Also similar to the VPK Files Archive from haxxeyHD located at http://haxxey.com/vpkmirror/, there is a growing PlayStation Vita VPK repository in the official Showcase which currently includes:

• GenesisPlusVITA by Frangar (GIT)
• VITA-8 by xerpi (GIT)
• Numpty Physics for Vita by meetpatty (GIT)
• Snes9xVITA by skogaby (GIT)
• Flood It! by romain337 (GIT)
• VitaTester by SMOKE (GIT)
• BreakVeetOut by InvalidExcepti0n (GIT)
• CATSFC-libretro Vita by skogaby (GIT)
• Vita Doom by Netrix (GIT)
• HandyVITA by Frangar (GIT)
• NeopopVITA by Frangar (GIT)
• SMSplusVITA by Frangar (GIT)
• FTPVita by xerpi (GIT)
• realboy by xerpi (GIT)
• vitahelloworld by xerpi (GIT)
• mGBA by endrift (GIT)
• GXTConvert by xdanieldzd to convert GXT-format PS Vita game textures (GIT)

And here are some related Twitter tweets on the recent PS Vita HENkaku updates:

 

[mcmrc1]

scene drama ^^ i want this for ma playstation 4..

 

[PSXHAX]

Yep, from what I've read it doesn't sound like Sony is involved in the takedown attempt but time will tell for sure

 

[racer0018]

I'm sure sony has their hand in it somewhere. I have said it time and time again. The best thing that can happen to a system is that it does get jailbroken. Not like for getting free games but for homebrew. This will make people want to buy the system and in doing so will help them out. And let's me honest sony needs a lot of help with the Vita. Lol.

 

[PSXHAX]

Yeah, PS Vita is mehhh deadddd... even with the homebrew, it's still just a... Vita

 

[AZGA87]

though i agree the vita is dead, this could boost hardware sale which COULD trigger some interest for $ony to invest on better software

 

[PSXHAX]

Here's an update on this news from Yifanlu:

From Yifanlu on Reddit.com, to quote: URL IS BACK TO https://henkaku.xyz/ (self.vitahacks)

If you don't know what this means, ignore it.

For the rest of you, sorry for the confusion! Actually both domains work now so pick or choose. The other one will still serve as a backup. You do not need to reinstall. You do not need to change anything.

Long story short, the problem was not .xyz's fault. I did some investigating and spoke with their product director and we cleared up the confusion with what happened. What I gathered was that because the site served an old webkit exploit, it was marked as dangerous and .xyz banned it because multiple sources (not just URIBL) said so and their own internal abuse system was triggered (young domain, check. multiple sources say abuse, check. malware, check). They do not ban you just for spam (although I'm still in contact with URIBL to see why it was marked as such).

We thought we prevented this problem by 1) asking for user consent and giving them a warning before running the exploit, and 2) do not load the exploit code unless your user-agent is a Vita 3.60 in order to prevent this. However, it's likely that ISPs or other proxying hosts (maybe in company/school networks) sniffed the data and saw that it was dangerous. HTTPS might have prevented ISP snooping but does not prevent company/school network snooping. HTTPS also does not play well with triggering the exploit, which is why we didn't decide to use it.

Anyways I have to apologize to .xyz for my rash response in blaming them for what happened. I thought they only looked at URIBL's (false) report, but they actually did have a system in place and there was no way to prevent this. Their quick response to the problem left a good impression with me.