Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.

PS4 4.55 BPF Race Condition Kernel Exploit Writeup by SpecterDev

PS4 Jailbreaking       Thread starter PSXHAX       Start date Mar 30, 2018 at 12:13 AM       70      
Status
Not open for further replies.
Earlier this month we saw the PS4 4.55 WebKit Exploit Write-up by PlayStation 4 developer @SpecterDev, and now he announced on Twitter that he's added the PS4 4.55 / FreeBSD BPF kernel exploit writeup to his GitHub repository crediting qwertyoruiop and stating: "The bug is present on any system running FreeBSD such that you have privileges (which we did on PS4). Could be used on other systems for root to ring0 code execution."

Below is an excerpt from it, with the full documentation available on the Github Repo for those interested in learning more about it! :geek:

To quote: Conclusion

This was a pretty cool bug to exploit and write-up. While the bug is not incredibly helpful on most other systems as it cannot be exploited from an unprivileged user, it is still valid as a method of going from root to ring0 code execution.

I thought this would be a cool bug to write-up (plus I love writing them anyway) as the attack strategy is fairly unique (using a race condition to trigger an out-of-bounds write on the stack). It's also a fairly trivial exploit to implement, and the strategy of overwriting the return pointer on the stack is an easy method for learning security researchers to understand.

It also highlights how while an attack strategy may be old, perhaps this one being the oldest there is - they can still be applied in modern exploitation with slight variations.

Credits
References
Thanks to Edark knight for the heads-up on this earlier today in the forums. (y)
PS4 4.55 BPF Race Condition Kernel Exploit Writeup by SpecterDev.jpg
 
Click to expand...
PSXHAX
PSXHAX
Live in Your World, HAX in Ours!
Hello World! I've been reporting on Sony PlayStation hacking news since 2000 and started PSXHAX in 2014 to cover PlayStation (PSX), PlayStation 2 (PS2), PlayStation 3 (PS3), PlayStation 4 (PS4), PlayStation Portable (PSP), PlayStation Vita (PS Vita), PlayStation TV (PS TV) and next-gen PlayStation 5 (PS5) platforms along with anything else of interest.

Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM.

If you enjoy gaming and would like to write (unpaid) for this site, Contact Us and we'll be happy to have ya join our Authors! :)

Comments

here where im at you can buy a broken drive ps4 for around 50$ usa dollars from pawnshop that way you can enjoy god of war and so on search your pawnshop ask for broken ps4 and you will see if the drive is broke and online only they will throw away
 
Like i said, for someone this is a great option, for someone is no option at all. Where i'm from we don't have pawn shops, and people can't afford to throw away console becouse of broken drive and just buy another. Repair or use as is, that is their only options.

But, we gone far off topic, the point is, if something is gonna happen, it better be fast, or it will be too late. And there's really no reason not to release newer kexploit, i'm told (if you wanna believe) that we have far more on jailbreaks and exploits in private circles that we even dream of.

Getting our hands on such stuff is more difficult
 
Good news I was wondering why Sony was releasing ps5 so soon ... Alot of people said that modders would ruin the PS4 , well have you ever had something so good that you hid it from yourself? It's one of them situations on Sony end ...

Im putting my faith in the freebsd bug and updating from 4.55 to 5.50. I'll give it 2 weeks before someone give us a full 5.50 exploit write up.

I appreciate all the work of qwertyoruiop and @SpecterDev ... I've been hanging around for at least 3 weeks and it's been a lot of progress. So what if Im not going to be able to run 4.55 Holy Grail and backups ... Pray for me lol
 
Sony is treating us as idiots. Not trying to be rude, but....ps4 is FIVE year old console, with basicaly no games.

I mean, basically no exclusive games. Totuku: two dragons and a pussycat (made up name) is not game to sell console, nor game why you bought console.

Remasters, remasters are key word in sony ps4 world. Just a few exclusives that are not remaster or is not available on other systems. And those exclusives are nothing more but click and watch game who can be finished in one afternoon (order, until dawn, etc). Yes there are few great games, but in five year, that is not enough. And now ps5 is coming. Why? So we can again play remasters of already remastered games, or buy again remastered ps4 exclusives?

@Hitch1996 nothing will happen in two weeks, hope i'm wrong, but....
 
What are you talking about. Last jailbreak for 4.55 is from end of february. Its long for you? This software is from half of 2017 and support every game older then this. There a lot of stuff. Dont tell me, that you played every single one game by this last month.
 
these is brilliant, i did take a look carefully on the code.. and dam maria.. its gonna be pretty hard to keep pushing for the news firmware.. but its possible.
 
@smyq999
Not sure are you reffering to me, but i'll answer in case you are.

4.55 jailbreak is from end of february, that is true, but in terms of game list, it bring very small amount of games, and all of them are playable on 4.05. So, if we talking about ripping those few games that we wasnt able to do on 4.05, then it's great. If we talk about playing these same games, then it's irrelevant.

Like i said, i don't play every game that exist, and my taste is specific, so yeah, i played almost everything that is available and can be played on 4.55 or below.

It's simple, i have ps4 long enough, so we don't talk about one or two months of playing, we tallking about years of playing, and again, yes, there is verry little games that interest me that i didn't play by now. Yes, there is bunch of games that i havent play yet, but this is impossible with this fw jailbreak anyway.

And i believe that this is true to most of ps users.
 
But 4.05 is from end of 2017, so only from 3 months back. Its also still fresh. 3 months and games from past few years. I also dont play on every game. No one did this I think :)

But still you can have every game from beginning (end of 2013) to half of 2017. And you cant only play newest one from last months. It is still good for me. I can play many of the games till waiting for 5.0x jb.

Ok you have ps4 for long time. I had ps4 for 3 weeks, so maybe thats the difference :) I also didnt have ps before, so I can play remasters and some games even from ps2.

I had only x360 before.
 
Status
Not open for further replies.

PSXHAX Categories

PS4 Jailbreak Status
PS5 Jailbreak Status

Latest Forum Topics

Share This Page

Back
Top