Category PS3 Jailbreaking       Thread starter PSXHAX       Start date Aug 7, 2017 at 2:49 AM       186,879       532            
Status
Not open for further replies.
Following his PS3 OFW PSID Dump Tool Tutorial and recent d0 / d1 pdb file findings PlayStation 3 developer @esc0rtd3w (Twitter) set up some new work-in-progress Github forks for a PS3 WebKitSploit and PS3 Playground port. :ninja:

Download: ps3-webkitsploit-master.zip / PS3 WebKitSploit GIT / ps3-playground-master.zip / PS3 Playground GIT / Websploit.org / PS3 Playground Test Page / PS3 Webkit POC / PlayStation 3 Browser Investigation

The PS3 WebKitSploit is based on original PS4 code from Cryptogenic and qwertyoruiopz focusing on PS3 3.xx / 4.xx code execution, while the PS3 Playground WebKit exploit port is based on CTurt and Cryptogenics PS4 code. :ninja:

From the README.md file, to quote: PS3 Playground

A collection of PS3 tools and experiments using the WebKit, Flash, and other options.
We are only testing on firmware 4.81 only at the moment.

THIS REPO IS FOR THE PUBLIC PS3 COMMUNITY TO EXPLORE AND TEST ON THEIR OWN

OUR TEAM IS CURRENTLY WORKING ON THIS PROJECT PRIVATELY AND WILL UPDATE WHEN FINISHED!

FOR A LIVE DEMO WITH PUBLIC TESTS TO TRY OUT, PLEASE VISIT: http://www.websploit.org/ps3/ps3-playground/test/

There are a lot of files here for reference and exploration.

Once more testing has been done, these will be cleaned up over time.

CREDITS:

Inspired by original work from CTurt (https://github.com/CTurt/PS4-playground/) and Cryptogenic (https://github.com/Cryptogenic/PS4-Playground-3.55)

Spoiler: Original (Outdated) Information
If anyone can lend him a hand on Github that would be much appreciated, and cheers to @B7U3 C50SS, @Bultra and @spyro2670 for the heads-up in the PSXHAX Shoutbox earlier today! :beer:
PS3 WebKitSploit and PS3 Playground WIP Github Forks by Esc0rtd3w.jpg
 
:idea: Reminder: Those without a Verified Badge yet on Discord to access the private areas we recommend Joining Us! Why? The waiting process takes a week for new Members, and there's a lot we're unable to share on public forums including the latest PS4 PKG Games. 🏴‍☠️

Comments

Status
Not open for further replies.

twostepmic

Member
Contributor
Verified
Found this, not sure how useful it would be to anyone but I'll just leave it here: http://www.edepot.com/ps3_linux.html
 
:idea: Reminder: Those without a Verified Badge yet on Discord to access the private areas we recommend Joining Us! Why? The waiting process takes a week for new Members, and there's a lot we're unable to share on public forums including the latest PS4 PKG Games. 🏴‍☠️

ShadixAced

Member
Contributor
Mmmph. 2011 Webkit. Please wait while i'm searching for userland, and then maybe for kernel.
Found this, not sure how useful it would be to anyone but I'll just leave it here: http://www.edepot.com/ps3_linux.html
PS3 = UNIX-coded, with an outdated Chromium and 2011 AppleWebkit. To achieve something, we need a Webkit exploit that goes through the kernel (UNIX-based) and then exploit it to make a probable "something-something" we already have LV1:LV2 access thanks to RSXploit by zecoxao. We can adapt the code to launch the Webkit accompanied with RSXploit + code for a probable and maybe good kernel access (BUT NO R/W only READ ONLY).

For example, this can be used : http://www.cvedetails.com/cve/CVE-2016-4584/
And this to attack directly the old Chromium : https://www.cvedetails.com/cve/CVE-2011-1797/
 

esc0rtd3w

Developer
Member
Contributor
i heard you guys already achieved kernel access on ofw ? Is that true ? Can we have a poc soon :D
this is true :p

additional details cannot be revealed at this time.....yet.

more testing and work is still needed before any type of PoC or release to the public.

once things are finalized, the plan is to put all code onto GitHub from the team :coffee:
 

ShadixAced

Member
Contributor
this is true :p

additional details cannot be revealed at this time.....yet.

more testing and work is still needed before any type of PoC or release to the public.

once things are finalized, the plan is to put all code onto GitHub from the team :coffee:
Awesome ! Make S0ny suffer :p

And thanks @PSXHAX for linking the RSXploit article.
If I helped with the linked CVE's, this will make my day XD
 

ShadixAced

Member
Contributor
this is true :p

additional details cannot be revealed at this time.....yet.

more testing and work is still needed before any type of PoC or release to the public.

once things are finalized, the plan is to put all code onto GitHub from the team :coffee:
Also one more question, does this permit R/W access to the firmware, and probably a JB or code injection ?
 

B7U3 C50SS

~ Team_Zer0 ~
Senior Member
Contributor
Wow, I actually did some digging and I found this post from 8 years ago.

I guess people were doing this before most others knew it was a feasible way to attack the PS3

Also this.
 
Status
Not open for further replies.
Recent Articles
Sony Unveils Latest PlayStation Now Games for June, 2020
The last additions to Sony's PlayStation Now digital video game library include survival horror title Metro Exodus, stealth action adventure Dishonored 2 and racing sim NASCAR Heat 4. 😎 Here's...
Nanospeed Gamer 1.0 The Videogame PS4 PKG by LapyGames
The PlayStation 4 homebrew keeps flowing from scene developer @Lapy, and following Super Console Wars 1.0 comes Nanospeed Gamer 1.0 The Videogame PS4 PKG by LapyGames (PayPal for supporting his...
OrbisSWU: The PS4 Update Tool Developer Research by TheoryWrong
As mentioned previously, following Fail0verflow's Documentation, the PS4 NoBD Updating Method, his PS4 Updater Toolkit release and the PS4 RL78 Syscon implementation PlayStation 4 scene developer...
Sony CEO Jim Ryan States PS5 Price Won't be the Lowest, Reflects Value
With their official PS5 Gaming Showcase set to be unveiled next week, Sony Interactive Entertainment president and CEO Jim Ryan revealed in an interview that the PlayStation 5 Price won't be the...
Top