Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
PS3 Jailbreaking       Thread starter PSXHAX       Start date Apr 30, 2018 at 9:23 PM       7      
Status
Not open for further replies.
Since the PS3Xploit Tools v3.0 updates, PlayStation 3 developer Derrik (aka @GhzGangster on Twitter) recently made available Zerosense which is an exploit toolkit for the PS3 Browser via ROP exploitation in development with details below. :ninja:

Download: zerosense-master.zip / GIT

To quote from the README.md: zerosense

Zerosense is an exploit toolkit for the PlayStation 3 Browser, based on work by the PS3Xploit team, and the proof-of-concepts which came before. It also takes inspiration other projects, such as PegaSwitch and PS4 Playground.

This project is primarily designed to manipulate files for the SaveMGO MGO2 Revival project, to aid users on official firmware. Additional functionality may be added in the future.

Node.js is used both to bundle the application, and to act as a web server. The JavaScript target is ES3, so additional functionality is added as needed.

Warning

Project is still under heavy development. Things may completely change in the future.

Approach

We create an array a certain size, number of elements, and first element for verification. After searching, we should find the address of the array in memory. Once we have this, we can get the addresses of elements within the array.

Once we have the array, we can create our ROP chains, figure out their addresses, and then trigger the Use-After-Free exploit.

This approach allows us to conduct only one initial, cheap search, as opposed to searching for each chain in memory.

Goals
  • Have a clean and easy-to-understand codebase
  • Be easily extendable
  • Be able to execute quickly and reliably
  • Be able to easily add support for different firmware
Setup

Node.js and NPM should be installed beforehand. See https://docs.npmjs.com/getting-started/installing-node
Code:
npm install
This project has been built using Node 7.10.1 and NPM 4.2.0. There may be some issues that arise for other versions.

Building
Code:
npm run build
Running
Code:
npm start
The web server will be running on port 9000, by default.

Zerosense file manager demo for PS3 4.84 HFW. You can look at your file system and copy files to dev_usb000. It's really slow, like 0.25 MB/s max. I'll see if I can speed it up sometime.

Download: zerosense-master.zip (Exploit library for the PlayStation 3 Browser) / Live Demo / GIT / zerosense-ftpd-master.zip (FTP server in the PS3 browser, not ready for public use) / GIT

Cheers to @HydrogenNGU for the heads up on the news via Twitter below! :beer:
Zerosense PS3 Browser Exploit Toolkit Development by GHzGangster.jpg
 

Comments

what we need is an exploit that injects a payload ftp on 3xxx and 4xxx models and that converts the converted games directly to the game folder
 
@Boloul
Between this and PS3xploit? Not really. One big difference is that my project was designed to use and create ROP chains over a longer period of time, so I had to make it faster than PS3xploit. Most of their stuff can just be done with once chain, so it's not a problem for them, but if you want to do something like a file manager, their project would have a harder time.

@vservis
Don't think I could do a proper FTP server, but the plan is for it to effectively be a file manager.
 
the important thing is to inject converted games without the need of another unlocked ps3 and neither continue to convert games into pkg and reaffirm them and all that cumbersome business .... only direct connection with something and folder game .. in ps4 there is less scene and there is ftp
 
I have Rebug 4.82, I want play online..... help me install 4.83 Ferrox or spy or wait for Rebug 4.83.

by the way i want delete webman completely help me pls :unsure:
 
Status
Not open for further replies.
Back
Top