Vita hack: Proof of concept code updated to support up to firmare 3.18, and credits
Earlier this week, Davee released a proof of concept Native exploit within Webkit for the Playstation Vita. The code would only work on firmware 2.60, but with the implicit promise that firmwares up to 3.18 included are vulnerable.
Given the fire that propagated through the scene within minutes of us mentioning this release, hackers left and right were quick to contact me about giving proper credit for the exploits; Davee also got busy upgrading the exploit with BBalling (CodeLion) to make it work for all supported firmwares. That is, all firmwares up to 3.18 included (no, as we said several times over the past few weeks, this specific Webkit exploit does not work on 3.30, and if you upgraded, you made the decision intentionally).
It is also now confirmed that this is the same exploit that was mentioned by Acid_snake and CodeLion in this article: Native Vita Hacking: What’s the situation so far? (Part 2)
He also updated the exploit, after CodeLion posted his own 3.18 compatible version. Davee’s version ends up being more self contained for the end user, so that’s the one I’m showing below (CodeLion’s code needs netcat to run on the server, which can be extremely useful for debugging purposes, devs might want to give it a look).
Test on your vita
You can test if your vita is vulnerable with the link below. Vulnerable vitas should see something like this (screenshot thanks to @WAFLNeo):
Non vulnerable vitas will see an error code, most likely, something similar to the screenshot below:
So, is your vita vulnerable? Did you avoid the temptation of updating to 3.30?