Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.

PS4 4.55 BPF Race Condition Kernel Exploit Writeup by SpecterDev

PS4 Jailbreaking       Thread starter PSXHAX       Start date Mar 30, 2018 at 12:13 AM       70      
Status
Not open for further replies.
Earlier this month we saw the PS4 4.55 WebKit Exploit Write-up by PlayStation 4 developer @SpecterDev, and now he announced on Twitter that he's added the PS4 4.55 / FreeBSD BPF kernel exploit writeup to his GitHub repository crediting qwertyoruiop and stating: "The bug is present on any system running FreeBSD such that you have privileges (which we did on PS4). Could be used on other systems for root to ring0 code execution."

Below is an excerpt from it, with the full documentation available on the Github Repo for those interested in learning more about it! :geek:

To quote: Conclusion

This was a pretty cool bug to exploit and write-up. While the bug is not incredibly helpful on most other systems as it cannot be exploited from an unprivileged user, it is still valid as a method of going from root to ring0 code execution.

I thought this would be a cool bug to write-up (plus I love writing them anyway) as the attack strategy is fairly unique (using a race condition to trigger an out-of-bounds write on the stack). It's also a fairly trivial exploit to implement, and the strategy of overwriting the return pointer on the stack is an easy method for learning security researchers to understand.

It also highlights how while an attack strategy may be old, perhaps this one being the oldest there is - they can still be applied in modern exploitation with slight variations.

Credits
References
Thanks to Edark knight for the heads-up on this earlier today in the forums. (y)
PS4 4.55 BPF Race Condition Kernel Exploit Writeup by SpecterDev.jpg
 
Click to expand...
PSXHAX
PSXHAX
Live in Your World, HAX in Ours!
Hello World! I've been reporting on Sony PlayStation hacking news since 2000 and started PSXHAX in 2014 to cover PlayStation (PSX), PlayStation 2 (PS2), PlayStation 3 (PS3), PlayStation 4 (PS4), PlayStation Portable (PSP), PlayStation Vita (PS Vita), PlayStation TV (PS TV) and next-gen PlayStation 5 (PS5) platforms along with anything else of interest.

Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM.

If you enjoy gaming and would like to write (unpaid) for this site, Contact Us and we'll be happy to have ya join our Authors! :)

Comments

@AeonLewis ;) i know.

All of that sounds great and i'm positive that day will come when this will be reality, but for now, i will be happy with stable exploit, maybe on some newer firm, but not necessary, keyword is stable.
 
What's sad is that scene starts to die slowly....

I mean, it's great that we can play ALL of indie and japanese games, it's cool that we can play 3-4 year old aaa games, and i'm happy.

But, even if you wanna play every game that is available, passionate player will finish them all in relative short time, in two months from jailbreak i played almost everything that interest me. Ok, i'm picky, so that's not a lot of games, but still... Very soon all of available games will be finished and forgotten. And what then? Consoles will collecting dust on shelves once again, people will just upgrade and move on (like they started already)....

And then one day, when "regular" user will be playing gta7 on 8.25 firmware, we'll get 5.xx jailbreak, and here we go all over again, again will people dig their forgotten dusted consoles (if they don't upgrade them), again we will browsing shops and internet to find some console with low firmware..... What for? So that 0.6 % of ps owners can play few year old games for free, not to mention that bluray copy of such games on second hand market cost as bag (small) of peanuts...

I mean, this is great stuff, but if you don't keep up with time, becomes useless very fast.

Just hope we won't see this outcome
 
I definitely agree with your post but I feel this will go the same way the PS3 CFW scene went meaning there will be several months between new firmwares. I believe they are just playing it safe right now because of the attention they could possibly get from Sony for releasing a web exploit that anyone on latest firmware can use but eventually someone will develop CFW an it will be able to play the latest games available just like PS3.

The PS4HEN method is good but CFW like the PS3 is much safer in my opinion. All we can do at this point is faith in the developers.
 
CFW is not possible unless Sony's private keys leak which is highly unlikely. People keep saying the PS3 has CFW, but remember CFW can only be installed on PS3s older than June 2011 which shipped with 3.56 or lower, that includes all FATs and older Slims. But CFW cannot be installed on newer PS3s that were released after June 2011, this includes newer Slims and all Super Slims.

So if newer PS3s don't even have CFW, how are people expecting the PS4 to have CFW??
 
I believe there a 4.82 PS3 CFW available for select PS3 models now and I'm not much a tech guy I just wanted to voice my opinion on this from a casual standpoint but I honestly believe anything can happen from all the different hacking scenes i have kept up with over the years
 
There is a 4.82 CFW, but it's only installable on older PS3s, those released before June 2011 which shipped with OFW 3.56 or lower as mentioned above. CFW cannot be installed on PS3s released after June 2011.
 
Exactly!

Just to be clear, i'm not going into moral, legal, or any point, just talking about basic stuff - evolve or extinct ;)

If we stuck long enough at 4.55, scene is going to slow down until to point where no scene exist. Just look at pkg's repo and you will see what i mean. From ten games per day, now it's one game, and (not to offend somebody) it's some game i'm honestly newer heard of, and i have zero interest in it. And majority of people.

Ps2 emulation is great stuff, but let's be real, ps2 is cheap and often can be found for free, just to take someone garbage from house (at least in my country). So if i want to play ps2, i'll buy ps2 for dirt cheap and play, no repacking, no compatibility isuess, nothing....

5.50 will be overkill at this point, but (lets say) 5.01 or so will make scene explode, availability is bigger, scene is automaticaly bigger, and everyone is on gain. Only if we have 5.xx exploit.... Wait, we have.

Why nobody want to release it, that is a mystery. Or not?
 
at this point im tired of asking and begging for 5xx to come out i have 2 ps4 one 4.55 jb and one 5.50 because i know we will not see it for a while
 
That is great alternative, for some people. Others have only one console and no option to buy another.

And really there's no need. For me, during spring and summer i'll be playing maybe one or two times, so i can wait. But if there's no public jailbreak above 4.55 until winter, i'll just upgrade and forget whole thing.
 
Status
Not open for further replies.

PSXHAX Categories

PS4 Jailbreak Status
PS5 Jailbreak Status

Latest Forum Topics

Share This Page

Back
Top