HENkaku: xyz explains the PS Vita 3.60 / PS4 3.55 Webkit exploit in details
The first step of the HENkaku hack is a webkit exploit, based on a proof of concept acquired by Team molecule from an undisclosed source. The exploit was not a known bug in Webkit, at least not publicly.
In the writeup, xyz explains how the exploit is initially triggered, how it unlocks arbitrary Read/Write in memory while defeating ASLR, Stack pivot protection, and other security measures put in place on the Vita to prevent arbitrary code execution. Xyz also explains how the Webkit part of the hack was patched in firmware 3.61.
The Webkit exploit itself is only the first step of the HENkaku hack. Some people have already partially explained some of the HENkaku hack (also see here), but obviously the explanation from one of the authors of the hack brings lots of additional details.
Yifanlu has challenged people from the security community to reverse engineer the HENkaku exploit, in an attempt to bring more interest to the Vita hacking scene. Xyz, as one of the hackers behind HENkaku, is not participating in the challenge but promised to bring full explanations after other people unravel more layers of the exploit by themselves.
You can read the full writeup on xyz’s blog here.