Webkit exploit confirmed to run on PS4 Firmware 1.76!
Developers nas and proxima have extended the recently released Vita Webkit exploit, and made it compatible with the latest PS4 firmware, firwmare 1.76. (Update: Proxima actually clarified that although this is the same webkit exploit, it was developed in parallel to the Vita exploit, and not “based” on it)
Their proof of concept code provides several samples, including a module dumper and some tool to create more advanced ROP code.
I am not close to my PS4 right now and cannot confirm if the Proof of Concept actually works, but the code looks perfectly legit, the devs behind this have a great track of record, and it should be a matter of minutes now for other people to confirm that this indeed works.
This webkit exploit, just like in the case of the same exploit for the Vita revealed last week, will not be extremely useful to the end user, except to confirm that their PS4 is indeed exploitable. It does however seem to provide some basic tools for developers who want to explore its functionality, and, more importantly, it is the first public entry point into PS4 hacking ever, which is a massive breakthrough.
This piece of news comes just as Sony have announced upcoming firmware 2.00, which will be released next week. It goes without saying that if you have expectations to use the hack that just got released, it might be wise to not update your PS4.
Where to test this?
I have uploaded the proof of concept pages here, you can point your PS4 to these urls, and report:
- http://wololo.net/v/176/ps4_dump.html
- http://wololo.net/v/176/ps4_dump2.html
- http://wololo.net/v/176/ps4_rop2.html
Of course as soon as I have the possibility, I’ll be testing those myself.
Download
The full files, sources, etc.. from nas and proxima for this PS4 1.76 webkit exploit can be downloaded here.
You can discuss this more at the source: nas on /talk
Oh my GOOOOOOOOOOOOOOOOOOOOOOOOOD
Oh my GOOOOOOOOOOOOOOOOOOOOOOOOOD
Oh my GOOOOOOOOOOOOOOOOOOOOOOOOOD
oh my goooooooooooooooooooooooooooooood 😀
Oh my GOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOD
Oh my GOOOOOOOOOOOOOOOOOOOOOOOOOD
oh my GOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOD
oh my GOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOOD
OOOOOOMYGOOOD
There are no god, but yeah… This is awesome!
Hmm. I commented on an old…old news. my bad.
Gonna read up on the new ps4 hack now.
so
i got a ps4
the question is
will it autopupdate or not !?
and one more question
if this works on ps4
is there then a ps3 version in the makings ?
and the last question
will we ever see all the psx demos samples and more
ported from psx cue bin with icedthea to psp
then ported to ps3 psp via uno tnv … then ported to gaikai ps4 ?
backports ?
and oh yeah
OMG!!!!!!!
I will begin porting it. The ps3 does use web kit and the firmware was ripped apart before. So we know the ins and outs.
the big question is what level of exploit is this, will it allow us to get keys or allow us to further develop better exploits.
Its not like their key is going to be easily guessable/simple….oh wait
4
Wow nice work guys, now we just need a memory reader/dumper, and a SDK for other developers to utilize that to port homebrew, emulators, etc, do you think at first it will be “go to this website to run SNES emulator, and this Website to run NES emulator, then have the actual files and ROMs on a USB flash drive to read from? Or do you think we’d actually be able to write files to the HDD?
That’s nice. Hopefully there is a work around that lets us play MP games and access PSN even with hax. I can see that being a problem for casuals that want to “jailbreak” our devices.
I try it and some work this is crazy but I think this should have been Kept quiet until the new firmware came out.
The new firmware patches the exploit, most likely. This was released *because* of that
a HUGE thank you to all the DEV’s involved in both webkits, psvita and ps4.
Jailbreak and exploits going crazy this week! From iphone ios8 to vita to ps4.
@wololo Is there a chance the ps4 scene witch may attract more developers help the psvita hack progression ? Is there any technical relation between those two devices ?
Looks like MasaMune is gonna cleave our webkit access in twain =(
so is ther allso poc for x86 and ppc ?
great work xD
Could the PS3 possibly have this type of expolit also?
now i dont know what to do. i just got my PS4 and got destiny and PS+. so i get free games and i need internets to get my DLC.
Si what really is achievable with this exploit at a large scale? Could this lead to load homebrew? Or we can get to the limits and say backups in future?
What I’d like to know is if this exploit will lead us straight to the master key, or get us significantly closer to its discovery!
Meh. I just downloaded the full 1.76 firmware and if this comes to anything I’ll just buy a second PS4 and update it that way. Nothing significant will probably come to the PS4 for at least a year or two, so I’d rather just use the one I have now to keep playing online
Don’t count on that, the next ps4 firmware is really big and impressive cause finally we get media support and also external HDD support and themere support too so…webkit meh I think I can wait cause probably devs are experimenting with this exploits, we’re gonna see something big in a few months, I dunno maybe at that time they can exploit the next webkit of course I have a ps vita and I’m waiting on 3.18 but with the ps4 I think things are different
yea and share play! we´ll never need to buy games anymore, cause we can play them all from others
lol No, its only for like an hour of play for each game to tempt people into buying the game, unless you could use multiple accounts, but I doubt it like activation/mac address. I think I’ll stick with updating PS4 anyway as there will no doubt be a PSN battle for online and possibly a ban like PS3 but your ID which can be even trickier to get around and have to wait.
really no simple “reconnect” possible? bummer 😀
Unless this guy is wrong, you can launch a new session after one hour:
http://blog.us.playstation.com/2014/10/24/check-out-share-play-in-action-on-ps4/comment-page-1/#comment-1032046
It doesn’t seem to be any usage limits.
Just to clearify, you probably have to start the game all over again though, so its not like you can play coop for one hour, then simply reconnect and continue at the exact same spot that you disconnected from, at least i don’t think so.
Of course you will have to buy games! Unless that person has no job or life and is willing to hand his controller over to you every hour and watch you play for hours and hours then sure! On the other hand, if you want to play it co-operatively or online, you’ll still need a PS+ subscription regardless.
I can’t help but LOL at all the people saying they can play games for free now lol.
*hand his controller “virtually” over to you
A 2 hit combo VS. $ony… Waiting for a confirmation for the PS3 and it will be Perfect!!!
Or maybe it will be ULTRAaaaaa!! :p
Will looks like it’s time to buy another ps4.
workin on my bros ps4 choice he will update tho tisk tisk
If this works on the PS3 that would be amazing
its in the making
one thread running netcat listening on said port
shellscript to update log.php with settings
and ropproxy as proxyserver to know what the vita is doing
and ofc a webserver on a said port
maybe a gui to enable disable one said rop
with cowsayx for windows
and maybe the magician
and a roptool to feed it rop
but where the heck do i find all those headers and -L !? lol
and the proxy must be a logging proxy
thus based on the only logging proxy ….
ps3 proxyserver gui .net redistributable
but called
ropproxyserver .gui .net redistributable (vita/ps4/ps3/psp)
allthough i would like the very same in binbashi ash or terminal
just for cowsayx to feed mounths
or the magician
cheers
if u would use the magician instead of the cow …….
then an appropriate name would be
HOUDINI
as in
who him not
or
hoe die ni
or the late nighteen century magician who magicly
dissapeared
What can we do with this
Yeah, what will be possible with this exploit? I know, that this question is currently hard to answer, but it would be nice, if we would know this. If it will be possible to get PS4 Games for free by this exploit, i will buy a new PS4 console, so that I can still play online. (:
Pirating games is a big no no my friend. The PS4 is still getting off the ground and we don’t want piracy to hurt the PS4 software sales. More games for the system is better than hardly any for the system at all..
Judging by that answer I’m guessing this exploit is useless then
An exploit that allowed pirated games would be useless. The way I see it, this exploit can be seen as an entry point to the PS4. It’ll allow devs to see further into the workings of the PS4/Vita than they could have seen before, and could potentially allow us to run homebrew/emulators on the consoles. So this is a exploit that can’t and wont hurt the systems, while providing insight into them and possibly eventually will provide the ability to run homebrew/emulators on the consoles.
Guys if you pay attention and READ you’ll see that this WebKit exploit is NOT helpful to the end user. This exploit only helps devs because it dumps file locations and RAM and other important files so they CAN develop an exploit to run unsigned code. Unless you know how to do hardware modding and software nodding, know programming, and can sniff/poke at stuff in your systems then this WebKit exploit is useless(in it’s current form) to you as an end user
Thank you Captain Obvious
to the enduser this is very viable.
if u can run rops to dump offsets or nids
then in theory u can allso run rops for cen64 or r14
or any brew u make rops from
like wagic for example
Thanks for the article Wololo! I’m still going to update my ps4 to the latest firmware because I want to play online and I can’t afford to shell out another $400.00 for a second one.If they are able to run homebrew and emulators with this exploit it would be cool, but at the same time I can just use my computer for that stuff.
Since the links above are no longer working, here is just the PS4_dump.html file hosted elsewhere:
http://daxhordes.org/ps4_176/ps4_dump.html
I….wish…I HAD A PLAYSTATION 4!!!! ARGHHHH. I just don’t have the darn money and I’m on a low budget right now.. oh wells… still have my vita and ps3 still rocking though. So meh, got to resist the urges of getting a PS4 and be glad of what systems and games I got now!! NO MORE X_X Technology these days man! The next system after the next so fast….
nvm if u dont want to understand.
neither do i.
becuz i preordered gta5 for ps4 a month ago …
so this means i will have to update ….
if i ever findout howto webkit update lol
I’d prefer if PS4 hacking was left alone until it got a couple of years old first. I wish I understood any of this so that i could attempt it on ps3.
//is this a rop or a gadget do the test tutorial
var printf = function(pin){
console.log(pin);
};
//Remember to set your condition outside the loop!
var loop = function(){
var count = 0;
while(count < 3){
//Your code goes here!
printf("I'm looping!");
count++;
}
};
loop();
idk but i get the feeling Sony gonna rip out browser from their console.
Well they better not I’m still loving Plex on it
They will just patch it, not remove it.
So should people who are expecting homebrew buy a PS4 now and hope for the future?
I’d like to see how Linux would be on PS4 though fully utilized or even possible to install another OS like windows if similar to PC architecture and custom drivers.
I hope it goes well but I think I’m going to update so good luck to people who decide to wait because I don’t mind paying for games and the custom stuff can be too much anyway and useless after awhile or mutual with updates and as I said would probably be more interested in another OS to use but can anyway on PC.
I’ll stick with Vita though 3.18 and wait hehe!
Good news ican’t wait for this new firmwar thanks god i still have 1.76 ps4 sonfirmware