PS Vita: Did F00D get hacked? (and should you care?)
Team molecule member and hacker xyz (also known as pomfpomfpomf3) posted a screenshot on twitter that seems to imply he has managed to find an exploit in the F00D processor.
PS Vita – What is F00D?
F00D is considered to be the “level 0” of the PS Vita security chain. Security checks on FOOD happen before other systems are even accessed.
It is believed that exploiting F00D could lead to a permanent hack, that possibly couldn’t be patched without a hardware upgrade of the PS Vita. Update: that last sentence has been confirmed to be incorrect. Specifically, Yifanlu said: The stuff people want: 3.63 psn spoofing, 3.61+ game decryption/running, permanent henkaku hack, hacks for 3.63, etc is orthogonal to hacking f00d. It is much “easier” to do though other means like finding a kernel exploit or porting an existing WebKit exploit. We (molecule) have retired from all that stuff so it’s up to other people to pick it up. See here for details.
YifanLu, one of the hackers behind the HENkaku Vita hack, has stated recently that he would focus his reverse engineering efforts on F00D moving forward. Team molecule are apparently all focused on hacking this “level 0” right now.
Was a F00D vulnerability found?
Xyz’s message in itself is just a screenshot showing some hexa code, some of which saying : “Congratulations! At last you get the plaintext of the PS Vita secure kernel !”, to which Yifan Lu ironically replied “you completed the CTF challenge, congrats”. Yifan Lu also replied with an hexa string accompanied by a timestamp:
2837f4aea2b4957f0a151f48d0295c428a88e879a189e3d785c76ef556ada6d9 2017-02-17T04:16UTC
Several hackers have retweeted xyz’s screenshot, and congratulated him on the work.
— nowhere everywhere (@pomfpomfpomf3) February 18, 2017
However, I for one, am a bit confused by the mixed signals we are getting from some hackers on this tweet, and from xyz in particular on his work with F00D. The last time he published a tool related to F00D, he stated this was a “hack”, which as I explained in a former article was definitely a stretch (or potentially a trolling attempt ?).
This time again, xyz has updated the Vita dev wiki stating a vulnerability in F00D, that he nicknamed the octopus exploit, is yet to be disclosed.
PS Vita F00d Exploit – What does it give the end user?
Whether the exploit is real or just some hackers having a little bit of fun, there’s honestly not much difference at this point or even in the foreseeable future for the end user. Although hacking level 0 of the PS Vita security could mean a more permanent hack than HENkaku, the only visible difference would be that users on 3.60 do not have to launch HENkaku again every time they reboot their console.
Update: that last sentence has been confirmed to be incorrect. Specifically, Yifanlu said: The stuff people want: 3.63 psn spoofing, 3.61+ game decryption/running, permanent henkaku hack, hacks for 3.63, etc is orthogonal to hacking f00d. It is much “easier” to do though other means like finding a kernel exploit or porting an existing WebKit exploit. We (molecule) have retired from all that stuff so it’s up to other people to pick it up. See here for details.
At this point, a 3.63 hack would be much more welcome, and I fail to see how a F00D hack would help with that. It would still be an awesome achievement, but people shouldn’t be over excited about it.
From the hackers’ perspective, F00D is the ultimate level of security, the holy grail of PS Vita’s protections, but from your typical user, there will be little to no direct benefits in getting F00D hacked.
One can only hope that if the Octopus exploit is real, and if somehow it gets coupled with a HENkaku release, team molecule name it takoyaki.
Source: xyz on twitter
Pretty sure Yifan confirmed that this is legit
He also stated on reddit that xyz sometimes trolls, at least this is how I interpret it when Yifan says: “Written by the same guy who declared https://github.com/xyzz/f00d to be “actually first public f00d hack, enjoy”.
So there’s too much stuff between the lines for me to understand what’s real or not. Also last time I asked Yifan for some clarifications he made it clear he would not answer.
Fair enough
I downloaded files from (https://github.com/xyzz/f00d) now where do I place them? in the R00t dir, or?
“It is believed that exploiting F00D could lead to a permanent hack, that possibly couldn’t be patched without a hardware upgrade of the PS Vita.”
In other words, maybe we can safely upgrade to 3.63 and keep the hack?
That’s honestly unclear to me and I have heard both “yes” and “no” to this question from trusted people
But why think that? On PS3 and PSP sony was able to patch lv0. Why they shouldent do that with the Vita?
not true because its still hackt 🙂 but the newer models got a modified Hardware so it wasn’t possible to hack that YET
They didn’t patch lv0 on the PS3… Which is why everytime there’s a new ofw, there’s a new cfw within days.
Yes but u can only install it from fw 3.55 and downgrade only possible with a flasher so it dosent really help if you are on newer fw
On PSP they needed a new hardware revision (the PSP 2000) to fix lots of the deeper flaws. The Vita is already a device of the past and will not get new hardware revisions
Wouldn’t it also allow us to boot things like Linux and Android on the Vita? If so, that would be incredibly neat and worth getting excited over!
VITA run android ? Will be a ruine cause hardware of PS VITA is defased and can’t run decently an Android 5 cause PS VITA had only 512MB RAM CPU is less 2GHZ then don’t wait this.
If it truly would take a new hardware revision of the Vita to patch this then my money’s on the f00d hack/exploit being applicable to all updates once installed. There’s not much they can do to patch it software wise if the security is compromised already.
First
Octopus and FOOD processors….man I’m hungry.
I hope so, I think the Vita scene needs this hack to be real.
Accurate
FOOD hack means the POSSIBILITY to reverse any past, present and future firmware update; fill out the blanks yourself.
Hi guys, anyone here to help me about my 3.63 console?…its possible to install ark bubble?….
its possible, ask other people with fw 3.63 to backup their ark on your psn account
I wouldn’t discount how great a permanent hack would be. Personally I’d be more excited about that than just another entry point on 3.63.
why no one work on ps4 hack 🙁
the hacker did great job with vita ;
plz put some time on ps4
Different CPU/GPU components. The PS-Vita uses an ARM based set up based on Free BSD-ARM. Last I checked, PS4 is an i386 x64 bit based free-bsd. So you have two different CPU instruction set based architectures; with different hardware compatible features; using Webkit. Yes, Webkit is multiplatform but you can’t add hardware platform compatibility natively (easier to port).
Note I mentioned Webkit due to past Vita and PS4 based exploits… No idea what this may be using, tbh… Don’t care.
Interesting… so does that mean the PS4 would be more capable of running Windows OS?
I’d say this is big news for everyone who was wise enough to stay on 3.60. Not having to run a program every time you start up the console would be AMAZING.
I actually don’t mind going through a 10 mins long process everytime I boot if it allows me to play 3.61+ games.
This is only tangential, but what did Yifan mean by ‘CTF challenge’? Does it stand for something other than ‘Capture the Flag’, similar to how designing the first of a kind of exploit (e.g. the first dump tool) is often referred to as a ‘King of the Hill’ (KotH) challenge?
Hmm, not sure. Now that you mention it, I mistook it for their KoTH challenge, so he probably meant something else, similar to what you mention here.
No, f00d did not got ‘hacked’.
Its just an hardware component who runs code based on the input he gets from real processor and returns a result. The only way to ‘hack it’ is to send so called inputs(packets) which right now its not fully decompiled/documented to even try some basic stuff like validate/signing packages/updates or whatever.
I’m hoping this leads to a viable entry point on 3.63 (my vita was bought used and had 3.63 already). At the least it seems unlikely that F00d would have been altered much between 3.60 and 3.63 since there wasn’t a known exploit for Sony to target.
What about Henkaku on older firmwares that would be awesome?
Or you can just manually update to 3.60 if you have an older firmware. I think there really is no point staying in firmwares below 3.60 right now if you just want hacks and homebrews.
So could i play DANGANRONPA V3 soon?
(shrugs) More ludicrous nonsense, that nobody cares about.
Plus, I’d hardly consider this newsworthy.
What a useless Competition uhmm im not talking about the FoodHack im pointing someone else but since this post is updated i have to post here XDDD just update it already…..!!!!
It’s too risky at the moment to even try to edit the waves because of a permanent brick. hopefully someday we will have a custom firmware on the vita to have custom waves like the psp and ps3
I’m going to make a video about this subject
I’ll be happy with whatever leads to plugins without having to rip games.