PS4 Exploit: 5.05 Webkit exploit released, 4.55 functional Jailbreak probably only a matter of days
Developer AlexZzZ just released a proof of concept exploit for PS4 Firmware 5.01. The exploit has been independently confirmed by mathieulh to also work on firmware 5.05. Combined with Qwertyoruiop’s release of a Kernel exploit for 4.55 earlier today, this means PS4 Firmware 4.55 should now be fully exploitable.
According to the Readme, this exploit relies on a fairly recent Webkit vulnerability, CVE-2017-7005, which was already used on the Nintendo Switch by Team Reswitched. (It is likely the PS4 exploit was ported from the Switch)
A lot happened in the past 24h in the PS4 scene, and we need a bit of a recap:
Typically, in order to get a functional Jailbreak of the console, one needs two exploits: a usermode exploit which gives you limited code execution control within a specific process (a favorite target is Webkit), followed by some privilege escalation to get full access to the system (the kernel exploit).
Qwertyoruiop‘s kernel exploit is compatible up to firmware 4.55 included. However, he did not provide a usermode exploit to go with it (except he had in the past already released a webkit exploit compatible up to 4.07).
With Alexzzz’s release of a webkit exploit up to firmware 5.05, we now theoretically get full access up to firmware 4.55.
I’m on firmware 5.0x, does it mean I get a Jailbreak too?
No. Firmwares 5.00, 5.01, and 5.05 now get usermode access, which is cool, but historically has not proven to be very useful. You’ll have to wait for a new kernel exploit to be released for your firmware, which might take a while.
What about the ongoing beta firmware, PS4 5.50? Is it exploitable?
It is unclear at this point if the Webkit exploit works on PS4 Beta firmware 5.50. We’ve heard both sides of the story, with some people claiming it works, while others say it’s been patched in 5.50 (or will be patched by the time the Beta is over), and no clear confirmation so far.
PS4 4.55 Jailbreak, what’s next?
What it takes at this point is for a developer to combine the webkit exploit and the kernel exploit in a fully weaponized jailbreak. I’ve been wrong before doing similar statements, but I assume it’s a matter of days before a full PS4 Jailbreak is released for firmware 4.55.
Stay tuned as major scene websites including wololo.net will keep you up to date on a functional release.
Download PS4 5.05 Webkit Exploit Proof of Concept
You can download the files for the PS4 5.05 Webkit Exploit PoC on the developer’ github here.
Source: via Mathieulh