New Webkit Exploit found for Vita and maybe Playstation 4
Today, we got some interesting news about a new vulnerability on Webkit of Vita and possibly Playstation 4. Unfortunately it is patched on Vita 3.50 firmware but it is still good news for people on 3.3x firmwares.
It is not unlikely to have code execution from the Webkit exploits on game consoles. There is already several code execution methods through Webkit on 3DS and there is an announced kernel exploit for Wii-U again through Webkit. Of course every handheld/console has a different architecture but Webkit seems to have a great potential for exploiting current generation handhelds/consoles.
It has been about 6 months since we first heard about a webkit exploit for Vita. After that we have seen several applications of it, like the Pong and the Package Installer for webkit. Also there is a lot of progress through Vitasploit. Unfortunately, this webkit vulnerability was patched on 3.30 Vita firmware and 2.00 Playstation 4 firmware.
This new vulnerability works on Vita 3.3x firmwares and possibly on Playstation 4 firmwares up to 2.50, though this exploit on Playstation 4 has not yet been confirmed. Its CVE ID is CVE-2014-1303. Initially discovered by Liang Chen of Keen Team, the exploit has been ported to the Vita by hacker xyz. It is great that now 3.3x Vita firmware users will have a chance too if a native Vita hack arises from Webkit exploits.
DOWNLOAD
Here is the Vitasploit ported to this vulnerability for 3.36 firmwares. Expect to see it added to the official repo soon. It will probably be ported to other 3.3x firmwares too.
Source xyz on /talk you’ll find more info and can say thanks directly to the man.
Webkit exploit on 3.3x 😀
Please give credits where credit is due. xyz did this all by himself and got ROP working on 3.36.
Apologies for the huge oversight here. I’ve updated the article and hopefully the cache should pick up within an hour or so
Great 🙂
Only 3.36 ?
What about 3.18?
3.18’s had one for months dumb@ss
Here bro http://wololo.net/2015/04/10/package-installer-and-signup-app-launcher-via-webkit/
If it works on 3.36, then it will most likely work on 3.18 too.
Good news… almost want to update my pstv to the newest firmware
Team Rebug will be the first to release the cfw!
I think you’re skipping about a million steps there bud. Go read up about all that was posted back when the 3.18’s webkit exploit was released.
Good news! Hey The Zett, I know that u reply comment here often so I will try my luck: I know that exploits for PS1 emulator has been patched after 3.18 or 3.20. Is it possible, that another exploits for another games will be released, just like regular ninja release for VHBL? Or that way of exploiting for PS1 emu is gone and there is no way back to use this exploit on higher firmwares? Im on 3.36 now.
I’m not Zett. But I’ll explain your options.
You can load PS1 games from TN-V.
A. If you have an exploit game already accessible on your Vita:
You can use said exploit to launch TN-V with the exception of Arcade Darts & Patapon 2. (Also World of Pool / Hotbrain are not completely compatible right now). You can also make a custom bubble to launch TN-V
B. If you don’t have an exploit game on the Vita:
You’ll need a ps3 that can access PSN and buy yourself an exploit game (Ape Escape is probably the best bet, but you can check the list @ Zload.net)
If you dont already have an exploit game available to you on the Vita, or a PS3 to get online and download one, unfortunately you wont be loading PS1 games outside what you purchased on PSN.
won’t ps1 emu work on TN-v for 3.36 numblast/ pool/ape quest ?
Thanks for reply guys. I do have Vita on 3.36 with Numblast exploit TN-V11. I know that it can emulate PS1 games, but I heard its sound emulation is not that perfect as that PS1 emulator I mentioned about in previous post. Is it true?
True,
I played five games, two of them had some minor sound issues (stuttering for some sound effects for example). You can however adjust sound settings in the recovery menu, that fixed the problem for the two games.
I will check it, thanks @jensma!
Oh *** yes. Got a Vita slightly too late for the 3.18 stuff, glad to see that I’m not SOL on 3.36.
Does xyz have a donation link? I feel he deserves at least a few bucks for getting the exploit working on the Vita.
“It is not unlikely” why not say “it is likely” screw double negatives.
My guess is that it’s because a lot of people would see “it’s likely” and somehow come to believe that it read “we will definitely be able to pirate PS4 games within a week, so please send us a billion complaints when that doesn’t magically happen”.
they are talking about a webkit exploit, not piracy. So if anyone miss understood, they should wear glasses or take English courses.
yup, that is true. I gotta choose my words carefully for not giving false hopes.
Sometimes the phrasing of double negatives sounds better.
As long as they dont do the double negative and still think it is negative, of course. That is stupid.
YESSSSSSS!
i knew it!
I predicted they had a new vurnability and i was right!
good i stayed at 3.36 now.
In case someone wants to update from 3.18 to 3.36, you’re welcome:
http://wololo.net/talk/viewtopic.php?f=65&t=23013
Thank you sir. Don’t need it now but I’m sure I will at some point.
why would someone update to 3.36 ? the vitaupdateblocker doesnt work any more on 3.36 and its not that there are many new features from 3.18 to 3.36…
Can i Install Netflix yet when yes.. how?
how i can open the package installer with the webkit?
Good to know, although I’ll keep waiting until something useful actually comes out of the Webkit exploit in case 3.18 would allow you to do more than 3.36. Anyway, this is nice since it allows us to play some of the new games that won’t work on 3.18 🙂
For the Moment i will stay on 3.18 on my second Vita. See there no need for 3.36 right now (have a PS3 too for Store Downloads). But it is good to see I could use a higher Firmware now. ^^
Sony loves all of you. Like staff they don’t need to pay.
What? You do realize that the folks doing this generally tend to enjoy the challenge right? And that the community gets something out of it themselves (specifically, code execution)?
If they were doing it for Sony’s benefit, no one would hear about these exploits. Sony would shut these folks down if they had any legal way to do so.
So does this mean 3.36 is now the FW of choice, or does 3.18 still have some advantages? (I know TN-V was ported to up to 3.50, but what about TN-X?)
just in time for REVELATIONS 2
I hope this let’s us install themes I all.most updates to 3.50 for themes. That ks for your efforts xyz
How do you set up the files
works on 3.35?
Some one on 3.36 pls try web exploit from my web site link – http://psvsploit.ucoz.com/index.html
Does’nt work for me 3.35.
Log on ps vita looks like:
attempt#1
attempt#2
attempt#3
attempt#4
Succes.
And then refresh… :'(
First time it went attempt #1 thru #4 then success and after that it was just loading forever. Second time it refreshed after attempt #11. Third try was the same as the first.
Anyway look at Hykem’s post in the /talk thread.
Viewing the link psvita restarts with firmware 3:18
This is such great news for us pirates who love to download and pirate. Can’t wait till they find a way for us all to get free vita games.
From your “name” there, I can tell you’re probably one of those hardcore anti-piracy folks. That’s fine. What’s not fine, is jumping in here and acting like everyone else in the universe loves to pirate everything for the sake of being huge jerks, and that everything they do is in service of accomplishing that goal. You’re massively jumping to conclusions, and that’s not going to convince anyone that you have a reasonable position.
Personally, I’m always going to be in favor of being able to try things (fully and completely) without buying them. I have rather picky tastes, and the smallest things about characters/endings/plot can make me hate a game/book/movie/whatever. Buying them first isn’t just a case of me having less money, it’s a case of my money having now supported a thing that I loathe.
If I can’t try the full thing first, and have even the slightest indication that it might not be 100% to my taste, then I don’t buy it. Too many things have turned to absolute *** at the halfway point (or the end) for me to take the risk, even things which were absolutely fantastic before then.
This can have positive consequences though, contrary to popular belief. The reason I own a PS3 and a Vita (and thus, the reason I own any games for them too) is that I was able to try a specific game on the PSP (Disgaea: Afternoon of Darkness). Because of that, I went on to get it’s PSP sequel, the sequel on PS3, eventually a PS3 to play it, and now a Vita for the remakes of 3 and 4. If I hadn’t been able to try the game, I never would have gotten it, or a PS3, Vita, or any games for them.
Like everything about human behavior, piracy is a nuanced subject, and taking a hard line stance that everyone who does it is obviously the spawn of Satan, does not help solve anything.
I don’t expect to convince you of this, as you appear to have already set your opinion in stone, but I felt some response was needed, and maybe someone else will find it worth reading.
Ban I guess.
You know what would rock? If the PSTV could have the ability to read firmware as if it was a Vita… then you wouldn’t need to whitelist/update apps… I wish the PKG installer could upsign the Vita OFW and run on pSTV…
” on Playstation 4 firmwares up to 2.50″ why only up to 50 and not 51? did 51 change anything with webkit?
Since PS Vita firmware 3.50 has a fix for the vulnerability, it is safe to assume ps4 2.51 does too. The same pattern applied for the previous webkit exploit
Can anyone point me to a good place to start learning about using this? Can this WebKit be used to install emulators? I’m not really sure what its used for and I’m still at 3.36 but I just bought GTA vice city stories and I’d like to try it…. But I can’t download that without updating PSN…
Problem is of love to emulate some Nintendo games someday…
I’d love to**
How do I transfer the download of PS Vita to open the exploit on ps vita 3:36?
It’s actually a great and helpful piece of info. I am satisfied that you just shared this helpful information with us. Please stay us informed like this. Thank you for sharing.