Rumor: PS4 3.50 BD Live vulnerability allows execution of Linux? Not so fast…

wololo

We are constantly looking for guest bloggers at wololo.net. If you like to write, and have a strong interest in the console hacking scene, contact me either with a comment here, or in a PM on /talk!

25 Responses

  1. Mr first!! says:

    Fiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiiirst *crying with joy*

  2. AAKASH170 says:

    wait till ps4 neo

  3. Giovanni says:

    I am German and this is how I understand ths:
    First of all, the publisher is not a coder, he found the “exploit” randomly. The more experienced members of psxtools weren’t able to test the exploit yet. He himself only found the theoretical flaw and concluded that running Lunix could be possible 😉 The only thing he successfully did was to run his own .iso file with a modified blu-ray.

    All members on psxtools hope that someone tests the exploit , so the scene pros should just test it out 🙂

  4. lesnakeur says:

    iam also german, and it actually think this is is just talking ***.
    now he said, that his laptop died because of yesterdays rain… its al wet now and he has do dry, he will try to rescue the HDD later….

    that smells like … u know what 😉

  5. Tony says:

    Wow interesting… i wonder if you can install a .pkg file with this method lol

  6. e✘treme says:

    he don’t say it could boot linux, he say he has booted linux successful with this method. I have asked to make a video, maybe it’s true.

    • Poo Daddy says:

      no, he didn’t say he booted linux. He says he found a way in BDLive to run unsigned, unencryted downloaded code. I don’t think there is something interesting in this, because this guy sounds like a total noob. This was one of his first posts in that forum and even if you could run some unencrypted code in the CDLive VM, this will be a huge sandbox to escape from.

  7. PSLOAD says:

    1st!

    I am German. Some people think its fake because he dont explain how to mount the file and how to boot linux.

  8. Riku says:

    In this comment (https://psxtools.de/index.php/Thread/71421-PS4-Sicherheitsl%C3%BCcke-bei-BluRay-BDLive/?postID=664967#post664967) he claims that he could boot the iso, but he isn’t giving actual instructions how he did it. The moment he said that he could run an unmodified ubuntu on an ps4 he reveiled he’s faking it. It just would not run.

  9. Sounds interesting, have quite a blu-ray collectiom too.
    I’ll wait for more word on it however.

  10. PSLOAD says:

    No comments loading? Oo

  11. Enrico Calrissian says:

    Hey there, I am german and I will translate it for you – also doing some comments on my own:

    “Also großer geht die Sicherheitslücke kaum, es ist unverschlüsselt und der code ist frei erhältlich. Komisch ist das schon, dies auf die 3.50 ist. Damit kann man alles speichern auf der PS4 und ausführen auch !
    Damit kann man sogar Linux booten.”

    This is quite a huge security flaw – also not encrypted and the code is open source / free. Unbelieveable it is also working with 3.50. With this you can possibly save everything on your PS4 and also execute it. You can also boot linux on it.

    //Sounds great, but also without a video or proof of the scene – late april fools?

    “Was braucht man
    1. Windows oder Linux System
    2. charles web debugging proxy oder burpsuite
    3. Ein Film mit BDLive (in meinen Test war es von Universal-Pictures) andere werden sicherlich auch gehen. Könnt Ihr ja selbst testen.
    4. An besten PS4 mit Lan verbinden.”

    What will you need:
    1. Windows or Linux
    2. Charles Proxy or burpsuite
    3. Movie with BDLive
    4. PS4 connected wired to LAN is recommended

    //nothing special – proxy with the ability to redirect web requests and a bluray with this bdlive feature

    “Beschrieben wird es für Charles
    Nun den Film einlegen und starten, kurz warten bei Charles erscheint dann Universal-Pictures nach ca. 1 Minute ein Bootloader file.
    Sieht dann so in etwa aus.”

    Ill explain it with Charles Proxy. Start movie, wait for the Universal Pictures and boot file on Charles after 1 minute.

    // I dont know what BDLive is, but a binary seems to be load from universal pictures (http and not https) regarding to this xml descriptor file

    Part 2 is coming

  12. Enrico Calrissian says:

    “Ganz und gar nicht so nutzlos @ Gamers RS wenn man sich es genau ansieht. Führt die BDLive ja auch einen Code aus. Und dies noch unverschlüsselt wieso auch immer. Und dies erlaubt ein Download einzuleiten und dies speichert die PS4 noch ab.
    Kennst du denn vielleicht ein anderen weg ?”

    It is not useless if you look into it @ …
    You can download whatever unencrypted file you want to your ps4 and run it. Do you know another way?

    // In my opinion – if this is true – he has a point. If you can download and executed (limited) code.
    What I dont understand is the possibilites. Can we run whatever Binary File we want (in usermode) – so we can further trigger a bsd kernel exploit?

  13. Fatman says:

    Hi @ all 🙂

    Yes, the original source is psxtools.de like GregoryRasputin mentioned. It´s an topic on our site (no News! only a topic).

    The user who reported/dicovered this has registered on our site only a few day´s ago – so we don´t know him very well and also we don´t know if this is real. For me, i am very skeptical about this.

    Maybe it´s possible to manipulate the BDLive fonktion and maybe it´s possible to download an linux image to the internal hdd of the PS4 but the point is: how will the image be mounted/started ?! thats the biggest question on that and thats the question this user has not answered right now.

    besta regards
    Fatman from psxtools.de

  14. Mladen says:

    Sounds good i cant wait 😀

  15. Thrawn says:

    @ wololo

    Did you continue reading, at one point that user states, that another line of code is needed for execution and more to this one user asked what that code looked like. That guy only said to look at copy.sh so I guess he meant this https://github.com/copy/v86 (https://copy.sh/v86/). Even if this all is a hoax, it is quite an elaborate one to point onto something like BDlive.

  16. Anthony says:

    Well if this is true. Great how about getting some kAli on thier for more testing?

  1. May 30, 2016

    […] wololo.net […]

  2. July 2, 2016

    […] but keep resurfacing regularly. Not so long ago for example, someone claimed they had found a vulnerability in the BD-Live implementation of the PS4 (that one turned out to be pretty much a hoax, […]