Yifanlu explains Stage 3 of the HENkaku exploit, hints at a major upcoming update
After Developers St4rk and Hexkyz have proven they successfully reversed the HENkaku exploit, Yifanlu has (as promised) shared details on the obfuscation techniques he and the rest of Team Molecule have used to protect the HENkaku code.
I got confused for some time as to why the HENkaku code was obfuscated in the first place. Hardware mod teams such as Gateway obfuscate their code in order to protect their shady business and prevent clones from stealing their market. Team molecule had no such incentive. Yifanlu had stated a few times that the KOTH challenge of reversing the HENkaku exploit would bring hackers’ attention to the PS Vita, but I was missing one part of that logic. To me, obfuscating the code was just one additional layer on top of an already fairly difficult challenge. As we’ve seen, it’s not like stages 1 and 2 of the Henkaku exploit were easy to reverse engineer in the first place, so why add clever obfuscation on top of this?
Yifanlu was nice enough to take the time to explain this to me again: The encryption of the Henkaku exploit does not protect hackers from Sony reverse engineering the exploit (Sony have access to the source code of their firmware and to debugging tools, it was probably trivial for them to understand the exploit and how to patch it), and its goal is not directly to prevent other “teams” from reusing the exploit.
What yifanlu explained to me however, is that because of how HENkaku was protected, it required other hackers to find PS Vita kernel exploits in order to reverse engineer HENkaku. by submitting this challenge, Team molecule has ensure that a few hacking groups out there now know enough about the PS Vita that they could contribute to future hacks if needed.
Yifanlus’s explanation can be read on his article here. It’s a great read if you are even remotely interested in console hacking.
Last but not least, Yifanlu indicated in his article that a major update to HENkaku is coming soon (the source code for that will be revealed soon as well):
Molecule has gotten quite lazy since the release of HENkaku and since we underestimated the amount of time it would take for the challenge to be completed, we are only midway through polishing up the source code for release. The participants and I have agreed to not release anything until the end of the month. As a bonus for waiting, the source will not be for HENkaku as you know it today–it will be for the major update we have been working on. Stay tuned for more details!