PS3 WebKitSploit and PS3 Playground WIP Github Forks by Esc0rtd3w

Following his PS3 OFW PSID Dump Tool Tutorial and recent d0 / d1 pdb file findings PlayStation 3 developer @esc0rtd3w (Twitter) set up some new work-in-progress Github forks for a PS3 WebKitSploit and PS3 Playground port.

Download: ps3-webkitsploit-master.zip / PS3 WebKitSploit GIT / ps3-playground-master.zip / PS3 Playground GIT / Websploit.org / PS3 Playground Test Page / PS3 Webkit POC / PlayStation 3 Browser Investigation

The PS3 WebKitSploit is based on original PS4 code from Cryptogenic and qwertyoruiopz focusing on PS3 3.xx / 4.xx code execution, while the PS3 Playground WebKit exploit port is based on CTurt and Cryptogenics PS4 code.

From the README.md file, to quote: PS3 Playground

A collection of PS3 tools and experiments using the WebKit, Flash, and other options.
We are only testing on firmware 4.81 only at the moment.

THIS REPO IS FOR THE PUBLIC PS3 COMMUNITY TO EXPLORE AND TEST ON THEIR OWN

OUR TEAM IS CURRENTLY WORKING ON THIS PROJECT PRIVATELY AND WILL UPDATE WHEN FINISHED!

FOR A LIVE DEMO WITH PUBLIC TESTS TO TRY OUT, PLEASE VISIT: http://www.websploit.org/ps3/ps3-playground/test/

There are a lot of files here for reference and exploration.

Once more testing has been done, these will be cleaned up over time.

CREDITS:

Inspired by original work from CTurt (https://github.com/CTurt/PS4-playground/) and Cryptogenic (https://github.com/Cryptogenic/PS4-Playground-3.55)

Spoiler: Original (Outdated) Information

If anyone can lend him a hand on Github that would be much appreciated, and cheers to @B7U3 C50SS, @Bultra and @spyro2670 for the heads-up in the PSXHAX Shoutbox earlier today!

 

[esc0rtd3w]

Yeah thats great and all but I wanted to know was what can you guys actually do now.?

Not what are your plans for the future

Thanks.

as said before

1) We have access and control to root syscalls and can modify any region of memory

2) We have control of all registers, including CTR and LR

3) We do not currently have a graceful return back into the web browser without crashing the system, to enable things like buttons to do stuff.

4) Current direct goal is injecting nofsm patch or patch appldr to enable CFW features.

what else do you want to know???

 

[batman]

@esc0rtd3w

Man, you and your team rock!!! Thanks bro!! Thanks man!!! If you be able to get CFW on OFW 4K PS3 this will be a ressurrection of PS3 Scene!!!

Then I am happy that my project UDK Ultimate will find a new light on it`s way. So imagine now ALL PS3 can run homebrew games an apps, and there is a free game engine to allow anyone to create games for PS3

This will be awesome!!!!

I am counting on you guys!!!

Cheers.

 

[Ploggy]

what else do you want to know???

Release Date? jk

Thanks mate, I just know how fast things can change with these things

Things you were able to do a couple days ago could be completely different to what your able to do now.

Keep up the good work.

 

[esc0rtd3w]

@Ploggy also would like to point out the fact that during testing, each time a mistake is made while writing to flash memory, the PS3 must be re-flashed again using hardware, with the E3 Flasher. It all takes time.....plus we all have regular jobs too

 

[LightningMods]

If its possible can you send a screenshot of you testing?

 

[esc0rtd3w]

If its possible can you send a screenshot of you testing?

​

 

[LightningMods]

Looks like my screen, if you need a test done on a 3K I can do it for you

 

[esc0rtd3w]

once ready for release, will make call for testers....with E3 Flashers

i currently have a 3001 for testing/bricking, but when code is more stable, we will need other testers

 

[LightningMods]

It just so happens I also have 3 E3 Flashers

 

[Jaroslav01]

The only active P$3 scene, proud