libxml2 vulnerability, a new hack vector for Vita and PS4?


We are constantly looking for guest bloggers at If you like to write, and have a strong interest in the console hacking scene, contact me either with a comment here, or in a PM on /talk!

29 Responses

  1. Brandon Brown

    Are we finally going to get some love on the PS-Vita?

  2. Fimo

    “For the PS4, CTurt has confirmed to me that FreeBSD has had Stack Protector baked in since FreeBSD 8.0”
    Cturt on twitter 4 days ago:
    “Just finished a new FreeBSD kernel exploit! I chained together a heap overflow with a stack overflow and a stack protector bypass.”
    Stack Protection or not ? 🙂

    • Relys

      He already has code execution in this case. This won’t help. We’ll probably need an read primitive from an WebKit infoleak to chain this together with the libxml2 stack overflow.

  3. Relys

    Due to the stack protection cookie we would also need an information disclosure (a read primitive which would allow us to view that value on the stack). Time to start fuzzing libxml2? Is it part of the web browser process (would make our target bigger while hunting for a read primitive).

  4. Franky

    So we might be able to revive the Vita from the dead?

  5. D

    Maximum hype for a Vita exploit! CMON!

  6. John

    On trying it as psp2-updatelist.xml, it just gave the error: C3-12077-7

  7. Amy

    Wonder if this could be paired with the Webkit exploit for Vita on 3.18 and lower…

  8. Darthsternie

    So I tried the XML file (I hope I got the right one) and gave it to my Vita. Used the system settings update option to feed it the XML via proxy and it gave me: An error has occurred (C3-12077-7) so I’m not sure if its because it doesn’t find the update xml file or if it’s because of the modified xml. I’m guessing the first one so not really getting my hopes up here.

  9. Salar

    Yes 😀 i always knew that something might pop up for vita after PS4 , because in implemention they are really similar 😀

    • Darthsternie

      Actually, they aren’t that similar and the Vita is a heck of a lot more secure

  10. zefalump

    If no one has commented on the thread it is because there are people who know more than he claims to know .

    Untasted already know whether or not at PsVita .

  11. 173210

    It’s probably useless for PS Vita. I don’t think it’s capable to bypass ASLR. WebKit and Mono exploitation were possible because they can dump RAM and deal with the dump using JavaScript or Mono program.
    Anyway, I think it’s a good point to start exploiting. XML is used In everywhere, and potentially privileged. If you can manage to run malformed XSLT (programming language in XML), that’s can be breakthrough.

  12. NoPatience

    exploit for vita…………yeah, right……..when me S.H.I.T turns purple and starts to smell like rainbow sherbet :p

  13. Stanislav

    Hacker,i you love only love!!Hacker,good luck to hack PS4 PS Vita!

  14. Wut

    I don’t know why people are expecting a vita hack, that’s like bombarding its current kind of dead but still a bit alive economy of games in Japan and localizations so it can finally turn into a dust or worse, a particle.

  15. Knarf

    Im just looking for better SNES emulation on a handheld. I dont care much for Vita games…

    • kairi033

      why not use your smartphone?

    • Penny

      The New 3DS (804 Mhz) is the best so far for SNES-Emulation WITH buttons. But you still only get like ~70-80% accuracys since its 804 Mhz (a bit lesser than a typical todays smartphone). PS Vita only has 333-400 Mhz and is much slower than New 3DS when doing SNES-Emulation. So yeah, New 3DS is much better suited for it, which is why Nintendo gave it official SNES-emulated games.

      The WiiU uses a 1 Ghz ARM for that, so its nearly perfect. But you cannot carry it around with you 😉

      • Zederia

        the PSP is 333, the vita has not yet been disclosed. also the vita has multiple cores, where the PSP only had 2