Last week I noticed a new set of experiments for the PS4WebKit exploit targeting vulnerabilities in PS4 Firmware 4.01 by @Uint32Array, and recently dragood2 shared further details on it with PlayStation 4 developers.
Before we dive into that, some other recent contributions from dragood2 include news of a PS4 3.11 Out of Bound Read (Freetype 64bit Exploit) and a PS4 3.55 Full Browser FileSystem and Gadget List for those interested.
Download: PS4WebKit-master.zip / GIT / Lamashtu GIT (Mirror) / Lamashtu PS4 WebKit (Mirror)
To quote: PS4 4.01 Webkit Exploits (POC , no ROP yet)
New Alias (I have no idea XD): White0verFlow -> Uint32Array -> Lamashtu -> DonaldDuck64 (2Dork).
Had to embed his New Alias @VultraAID sick off tired Seeing people posting in Shout box That his Testing Ground was new When its not.. Its White0VerFlow just changing his name for some Odd Reason.
This repository contains all the WebKit Vulnerabilities that affect the PS4 on version 4.01 (Not tested on lower versions, but could be ported with enough development).
Keep in mind that it's not a ROP, so it won't give you access to SysModules, Dumping, FSBrowsing and all that.
It's just a Proof Of Concept of which are the vulnerabilities of WebKit for the PS4's Orbis OS version 4.01
https://github.com/Uint32Array/PS4WebKit
Credits go to Uint32Array !
Also greets to @toni1988 for sharing the memo with us in the PSXHAX Shoutbox!
Before we dive into that, some other recent contributions from dragood2 include news of a PS4 3.11 Out of Bound Read (Freetype 64bit Exploit) and a PS4 3.55 Full Browser FileSystem and Gadget List for those interested.
Download: PS4WebKit-master.zip / GIT / Lamashtu GIT (Mirror) / Lamashtu PS4 WebKit (Mirror)
To quote: PS4 4.01 Webkit Exploits (POC , no ROP yet)
New Alias (I have no idea XD): White0verFlow -> Uint32Array -> Lamashtu -> DonaldDuck64 (2Dork).
Had to embed his New Alias @VultraAID sick off tired Seeing people posting in Shout box That his Testing Ground was new When its not.. Its White0VerFlow just changing his name for some Odd Reason.
This repository contains all the WebKit Vulnerabilities that affect the PS4 on version 4.01 (Not tested on lower versions, but could be ported with enough development).
Keep in mind that it's not a ROP, so it won't give you access to SysModules, Dumping, FSBrowsing and all that.
It's just a Proof Of Concept of which are the vulnerabilities of WebKit for the PS4's Orbis OS version 4.01
https://github.com/Uint32Array/PS4WebKit
Credits go to Uint32Array !
Also greets to @toni1988 for sharing the memo with us in the PSXHAX Shoutbox!