PS3 WebKitSploit and PS3 Playground WIP Github Forks by Esc0rtd3w

Following his PS3 OFW PSID Dump Tool Tutorial and recent d0 / d1 pdb file findings PlayStation 3 developer @esc0rtd3w (Twitter) set up some new work-in-progress Github forks for a PS3 WebKitSploit and PS3 Playground port.

Download: ps3-webkitsploit-master.zip / PS3 WebKitSploit GIT / ps3-playground-master.zip / PS3 Playground GIT / Websploit.org / PS3 Playground Test Page / PS3 Webkit POC / PlayStation 3 Browser Investigation

The PS3 WebKitSploit is based on original PS4 code from Cryptogenic and qwertyoruiopz focusing on PS3 3.xx / 4.xx code execution, while the PS3 Playground WebKit exploit port is based on CTurt and Cryptogenics PS4 code.

From the README.md file, to quote: PS3 Playground

A collection of PS3 tools and experiments using the WebKit, Flash, and other options.
We are only testing on firmware 4.81 only at the moment.

THIS REPO IS FOR THE PUBLIC PS3 COMMUNITY TO EXPLORE AND TEST ON THEIR OWN

OUR TEAM IS CURRENTLY WORKING ON THIS PROJECT PRIVATELY AND WILL UPDATE WHEN FINISHED!

FOR A LIVE DEMO WITH PUBLIC TESTS TO TRY OUT, PLEASE VISIT: http://www.websploit.org/ps3/ps3-playground/test/

There are a lot of files here for reference and exploration.

Once more testing has been done, these will be cleaned up over time.

CREDITS:

Inspired by original work from CTurt (https://github.com/CTurt/PS4-playground/) and Cryptogenic (https://github.com/Cryptogenic/PS4-Playground-3.55)

Spoiler: Original (Outdated) Information

If anyone can lend him a hand on Github that would be much appreciated, and cheers to @B7U3 C50SS, @Bultra and @spyro2670 for the heads-up in the PSXHAX Shoutbox earlier today!

 

[Haroonps3]

Awesome work guys But if IDPS thing is already done , why not release it so we can have fun playing backups on 4.81 OFW via IDPS while you guys work on bigger things?

 

[Reborn Persona]

Also, thanks @esc0rtd3w for your comment on the explanation. I did my best with the knowledge I have. I know it's a long and tedious process. Keep up the good work!

 

[Andrew92]

Awesome work guys But if IDPS thing is already done , why not release it so we can have fun playing backups on 4.81 OFW via IDPS while you guys work on bigger things?

Sony would want to patch it and many who had no idea their firmware would update and thus the whole work would be destroyed again. If it comes then right and not only half.

 

[B7U3 C50SS]

Sony would want to patch it and many who had no idea their firmware would update and thus the whole work would be destroyed again. If it comes then right and not only half.

Well.. the idea of whether or not a company such as Sony, themselves, would want to bother on the PlayStation 3, remains in question to me. Sure they'd want to patch it, but at what expense does it really need to be done?

Ask yourself this: If I am Sony, do I:

1. Option - Patch a useless system that's been hacked beyond repair, that just cost us millions (again) with (a.) an update (b.) apply over ssh.
2. Option - Do nothing. Let the hack happen And cost us millions
3. Option - Compromise: If I were them I'd try to do something that appeals to the users, yet at the same time, can end this cycle of cat and mouse, while somewhat patching the device features that people wanted. as it has been a long time of a game of cat and mouse.

Think the XBOX ONE: People have been able to sign up for developer status signed off by Microsoft

Welcome to ID@XBOX
The ID@Xbox program enables qualified game developers of all sizes to unleash their creativity by self-publishing digital games on Xbox One and Windows 10 with Xbox Live, giving studios the tools and support needed to maximize their success.

• Simply put the [B]Xbox One Developer Mode activation Instructions[/B]
  

  How Developer Mode works
  Xbox One has two modes, Retail Mode (1) and Developer Mode (2). In Retail Mode, the console is in the state that any customer or user of an Xbox One console would use: you can play games and run apps as a user. In Developer Mode, you can develop software for the console, but you cannot play retail games or run retail apps. Developer Mode can be enabled on any retail Xbox One console. After Developer Mode is enabled, you can switch back and forth between Retail (2a) and Developer Modes (2b).

I'm only drawing comparison's to the Xbox ONE, for one reason and that is this. I thought this was a pretty important thought process that could help end the whole cat and mouse game of hacker vs. patcher. And etc. finally end. as it ruining some people's lives and lifestyles that I know.

As much as I cannot stand Microsoft, for all their misguided efforts and attempts to do things they still had a better platform than Sony does SERVER-WISE, Because simply put they allow any users to get those developer settings on their console with the exception of allowing them to play games on them at the same time. I think this is cool and certainly, think it doesn't lead to any hacks just a better business model.

Sorry for my tangent rant. it's just how I feel ATM. I'm sure there are those who agree/disagree on this forum, with myself about this.

AAAAND BACK TO PS3!!

 

[Jaroslav01]

Sony won't care about the PS3 anymore when the PS5 will release. that's the perfect date to release it.

 

[ZeroFadedBlaze]

Nah sony hardly even cares about ps3... but they still care enough to patch and ban so... yeah...

 

[ShadixAced]

@Reborn Persona great explanation of current situation! We are indeed re-using code in a ROP style in conjunction with javascript.

The soft-downgrade however has multiple benefits for many reasons and should be workable for most hardware revisions. IDPS extraction is already basically done. We are currently working on using the USB port for reading/writing dump tests using syscalls, as well as various NAND/NOR patching options.

Hey ! If you can only make the IDPS extraction public, it would be really nice ! Thanks for your hard work again. (only this ofc)

 

[Geokgian]

hello from Romania. excuse my English. many say ps3 is dead maybe for one. but for me not. even ps2 is not dead for me. for my country at an average salary of 300 euro you can not give 60 euros per game. for example I paid for my ps3 75 euro and I also got 12 games. this exploit helps me to play more games than new and old games.

thank you esc0rtd3w for work I understand it's a lot of work but I hope to finish it well it does not matter when it will be ready.

 

[esc0rtd3w]

Hey ! If you can only make the IDPS extraction public, it would be really nice ! Thanks for your hard work again. (only this ofc)

cannot be done without exposing all of the source code

have patience... good things will come

you will later look back at IDPS extraction as a very minor thing, and you will be able to do that after release anyways

 

[batman]

cannot be done without exposing all of the source code

have patience... good things will come

you will later look back at IDPS extraction as a very minor thing, and you will be able to do that after release anyways

Hey dude, no worries, do not hasten, take all the time you and your team need, I am sure all the PS3 comunity will benefit from this, even if we need to wait some months.

The fact of being able to run homebrew on my PS3 Super Slim 12GB is worth waiting no matter how many days, weeks, months

Cheers.