★Package Installer through WebKit
Do you remember the last time you heard about the WebKit exploit of Vita? Was it the Pong? It seems our good friend SMOKE is baking something.
It has been sometime since the WebKit on Vita has been exploited. This WebKit exploit works up to 3.20 firmware. Even though the progress continues, we rarely hear about it. If you are following SMOKE on twitter, you must have noticed he is into Vita hacking lately. He posted a video where he manages to open Package Installer through WebKit. I can already hear you saying we can run Package Installer through the e-mail application. That is true, but the e-mail application was introduced in Vita Firmware 2.00, and this is confirmed to work on 1.80. Without further ado, i present you the video:
You can contact SMOKE through his twitter account, he says he can share the script if you have a 1.80 Vita.
For more info about the WebKit exploit, visit the thread on /talk or go to the github page of Vitasploit.
Update: Even though the article isn’t wrong, I should make a clarification. The links I gave is for the “Vitasploit”, it works for firmwares “2.02, 2.12, 3.00, 3.01, 3.15 and 3.18″ firmwares. SMOKE uses ROPTool which supports “1.50, 1 .691 and 1.80/1.81″ firmwares. Thanks to Davee and SMOKE for the clarification.
Both use the WebKit vulnerability.
First
Uncle Sam please stop embarassing me on the internet, i had a cool kid reputation until you went and ruined it all ): jk lol
Does this mean we can pirate games soon? fIRSt
NOPE
You can already pirate games “read between the lines” you have been shown how already indirectly
its amazing how it took like 3 years to work out what he acturally meant by that
I gues I have to find a 3rd vita on 3.18 ofw!
things are looking up for my banned 3.01 Vita
I fully support:2die4!!
I would assume that 1.81 is less useful for testing than 1.80?
will it work on 1.81?
No >:(
It might be ported. Contact SMOKE on twitter.
Will it work on fw 2.02?
For people who want to know what this means: It means nothing. You will not get pirated games, You will not get custom firmware. Yes it works on any vita below 3.20.
What are the implications for this? You can run all the vita’s functions directly. However there is no function that can hack the vita that has been found yet.
What should you do about it? wait.
Will this lead to a hack? probably not.
WoW , just wow.
Have u seen the Wii U scene? They got a kernel going already. Through the WebKit.
Mystic_Shadow, The vita and wii u are two completely different systems. Just because they exploited kernel access on the wii u browser hack, does not mean the same can be done on the vita.
But that does mean that it’s possible, which is good enough for many of us. Too little has been done on the native side of Vita hacking, and having anything at all is nice, since we usually just hear about eCFW and that other ***.
Can actually run this without having a Internet Connection through the Email if you have already run it before. Only thing is:
I have a PSM Game that would not let me run it due to apparently there being a PSM Update. I found the PKG for it, and use this to Install it. But now, I apparently need to connect to the Internet to get my System Activated so I can run the PSM Game now. How exactly do I get around this BS??
Can you be kind to share your PSM runtime pkg with us please? Thank you so much
sceAppMgrLaunchAppByName(0x60000, “psgm:open?titleid=NPXS10031”); // SceAppMgrUser, NID: 003C634F
geez, that was hard
The way I read it was that they had just put this on line 49 of test.js
sceCallSupportUri(“open?titleid=NPXS10031”);
from the normal https://github.com/Hykem/vitasploit vitaspolit package. I’d assume it’s not much more than that.
@smoker1: i am also thinking along that same line, i am already downloading pkg of a game using “ares” server (and not the “zeus” one as the forum said due to DRM in it) and will try to use pkg installer to get it installed. I have a ps3 OFW and i use it together with hacked CMA “trick” to be able to activate the vita without the vita going in to update its firmware.
Yeah it is kind of messed up. I already Activated my Vita, and now I have to do it again???? Anyone know of a PSM Runtime PKG that is the very LATEST?
Even though the article isn’t wrong, i should make a clarification. The links i gave is for the “Vitasploit”, it works for firmwares “2.02, 2.12, 3.00, 3.01, 3.15 and 3.18” firmwares. SMOKE uses roptool which supports “1.50, 1 .691 and 1.80/1.81” firmwares. Link to “roptool” https://bitbucket.org/DaveeFTW/roptool. Thanks to Davee and SMOKE for the clarification.
Both use the WebKit vulnerability.
Additionally: It was always possible to open up the PackageInstaller with the WebKit exploit. Any uri calls to be exact..
Cool, i guess noone cared about it then as it is already possible to use e-mail app for PackageInstaller. Though, i still think what SMOKE did is clever, unlocking the PackageInstaller through WebKit where on his case (firmware below 2.00), the other public method (e-mail app) isn’t possible.
Updated from 1.81 to 2.61 lately 🙁
its best to work on earlier firmwares like how people do on the ps3 in order to get a official cfw going. With each update on the vita it just ads more work.
Hi ,
Please, how does it work?
*facepalm*
Here’s my thing… I am very curious to know if this will lead to modifying/removing the whitelist file to make anything playable via Vita TV… Imagine if it could play everything the Vita could… I know some games would be horribly difficult, psp games already support Dualshock 3 controllers, but not all of them are supported as well. the PSTV could actually be what it was meant to be…
That is my number one request if vita is hacked.
Happy to hear about Webkit exploit 🙂
Yaaaawn. The Vita scene is so HOT! 🙂