Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.

PS4 4.55 BPF Race Condition Kernel Exploit Writeup by SpecterDev

PS4 Jailbreaking       Thread starter PSXHAX       Start date Mar 30, 2018 at 12:13 AM       70      
Status
Not open for further replies.
Earlier this month we saw the PS4 4.55 WebKit Exploit Write-up by PlayStation 4 developer @SpecterDev, and now he announced on Twitter that he's added the PS4 4.55 / FreeBSD BPF kernel exploit writeup to his GitHub repository crediting qwertyoruiop and stating: "The bug is present on any system running FreeBSD such that you have privileges (which we did on PS4). Could be used on other systems for root to ring0 code execution."

Below is an excerpt from it, with the full documentation available on the Github Repo for those interested in learning more about it! :geek:

To quote: Conclusion

This was a pretty cool bug to exploit and write-up. While the bug is not incredibly helpful on most other systems as it cannot be exploited from an unprivileged user, it is still valid as a method of going from root to ring0 code execution.

I thought this would be a cool bug to write-up (plus I love writing them anyway) as the attack strategy is fairly unique (using a race condition to trigger an out-of-bounds write on the stack). It's also a fairly trivial exploit to implement, and the strategy of overwriting the return pointer on the stack is an easy method for learning security researchers to understand.

It also highlights how while an attack strategy may be old, perhaps this one being the oldest there is - they can still be applied in modern exploitation with slight variations.

Credits
References
Thanks to Edark knight for the heads-up on this earlier today in the forums. (y)
PS4 4.55 BPF Race Condition Kernel Exploit Writeup by SpecterDev.jpg
 
Click to expand...
PSXHAX
PSXHAX
Live in Your World, HAX in Ours!
Hello World! I've been reporting on Sony PlayStation hacking news since 2000 and started PSXHAX in 2014 to cover PlayStation (PSX), PlayStation 2 (PS2), PlayStation 3 (PS3), PlayStation 4 (PS4), PlayStation Portable (PSP), PlayStation Vita (PS Vita), PlayStation TV (PS TV) and next-gen PlayStation 5 (PS5) platforms along with anything else of interest.

Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM.

If you enjoy gaming and would like to write (unpaid) for this site, Contact Us and we'll be happy to have ya join our Authors! :)

Comments

So many offtopic "we want xxx exploit." Just be grateful for what is released so far, which is a lot of things in the past months. This writeup is also great for people to learn!
 
Is there any real reason to release newer kexploits?

Homebrew is really non-existant, and devs doesn't support backups.

So there's no motivation to release more than we have nowadays. Personally, I'd probably do the same.
 
Bottom line here guys, is these devs owe us absolutely nothing, i patiently wait for a year and half to even be able to do anything whatsoever. This was a choice, a choice i happily made for the hopes of one day having a bootable linux build and be able to play all our emulators and stuff.

Guess what its here now.. and sooner than later it will be available for later firmware's. But this disdain people show towards developers that spend countless hours of there free time working on these projects. Instead of going out and having a good time alot of the time.. I mean how do you guys justify the way you speak to them in DM and on forums.. Show some tact its embarrassing seriously..

You should have to say thank you 1000x before your allowed to write one bad comment in situations like this.. you also could cough up the money to get a console which DOES work and trade out your console. The bottom line is you all have numerous options if your impatient which don't revolve around belaboring the point about not having your current firmware exploited.. or crapping all over qwerty.. for all accounts hes working on things constantly and your giving him crap because its not instantly something he could figure out immediately ? This makes absolutely no logical sense, and everyone needs to stop it. This is why devs stop producing and go away because they don't need this crap from anyone.

Im not kissing ass, its honestly very annoying to me at this point that people treat any of the devs this terribly, who do you think you are to demand anything.. god it drives me nuts.
 
What knowledge do i have to have for this. I do know some c , java and js but still am unable to understand these writeups. References to books or youtube would be helpful
 
Most comments seem like they’re coming from 14 year old deserve-everything types. Every post is followed by “where is cfw”, “5.5 now”, “how does this help me?”.

I’m aware that for a lot English is a second or maybe third language, or just quickly translated via whatever, but damn. I feel shame every time I see stuff like that as just a “user”. It’s like every post is followed by the same stuff, as if they can’t be bothered to do any research or be thankful for what IS available.

Blah, sorry.
 
Status
Not open for further replies.

PSXHAX Categories

PS4 Jailbreak Status
PS5 Jailbreak Status

Latest Forum Topics

Share This Page

Back
Top