Category PS4 Jailbreaking       Thread starter PSXHAX       Start date Mar 2, 2018 at 3:25 AM       19,104       39            
Since his 4.05 PS4 Exploit, related Documentation, release of the full 4.55 PS4 Jailbreak and 4.55 PS4 Holy Grail homebrew enabler today PlayStation 4 developer @SpecterDev made available via Twitter his 4.55 WebKit exploit write-up for the "setAttributeNodeNS()" bug so other scene devs and enthusiasts can learn from it. :geek:

Here's an excerpt from the complete setAttributeNodeNS UAF file, to quote: Conclusion

For a seasoned webkit attacker, this bug is trivial to exploit. For non-seasoned ones such as myself however, working with WebKit to leverage a read/write primitive from WebCore heap corruption can be confusing and challenging.

I hope through this write-up that it can help other researchers new to webkit to understand a bit of the magic that happens behind webkit exploitation, as without understanding fundamental data structures such as JSObjects and JSValues, it can be difficult to make sense of what's happening.

This is why I focused the core of the write-up on going from heap corruption to obtaining a read/write primitive, and how type confusion with internal objects can be used to achieve it.

In the next section (yet to be published), we will cover the kernel exploit portion of the 4.55 jailbreak chain. While this WebKit exploit will work on 5.02 and lower, the kernel exploit will only work on firmware 4.55 and lower.

Cheers to @Denisuu for the news tip in the PSXHAX Shoutbox tonight! :beer:
PS4 4.55 WebKit Exploit Documentation Write-up by SpecterDev.jpg



Senior Member
Thanks as always for all the knowledge share here be the community. this write-up sure is interesting to read and understand all the "Hen" process and exploit to achieve it...I've got to read it
Big thanks @SpecterDev
Recent Articles
AppendumPS4 v2.00 for PlayStation 4 v5.05 Preview by DeathRGH
Proceeding the AppendumPS4 v1.0 release, this weekend PlayStation 4 developer @DeathRGH shared via Twitter a preview of the AppendumPS4 v2.00 mod menu in development on his YouTube Channel. 😍...
PS4 Renesas RL78 Debug Protocol Implementation by Fail0verflow
Following the PS4 SysCon Renesas Chip Image and updates by droogie, PS4 Glitch Pinout research via @juansbeck and their PS4 Aux Hax Parts 1-4 today fail0verflow shared with PlayStation 4 scene...
PS Store Big in Japan Sale Live with Deals on Over 500 PSN Titles
PS Store's latest Big in Japan flash sale features discounts on over 500 PSN titles including Kingdom Hearts All-In-One Package, NieR: Automata Game of the YoRHa Edition, Code Vein and more! 🎎 🗾...
Hello Games Releases No Man's Sky Living Ship Update for PS4 / PS VR
Since the No Man's Sky initial release and No Man's Sky Beyond Update developer Hello Games released a new Living Ship Update for PS4 and PS VR gamers. :cool: Check out their latest PlayStation 4...