Famed hacker group Fail0verflow have published a new blog article yesterday, in which they describe a novel way to gain code execution on the PS4. Developer ps4_enthusiast, who is behind the writeup, states the exploit is a way to “gain EMC code exec on any hardware revision.” (EMC is part of the PS4 Southbridge, see below).
As often, the post is in-depth enough that people motivated to reproduce Fail0verflow’s steps should be able to do so, but complicated enough that for the end user, this will not instantly be useful. At all, except for hope as mentioned above.
The exploit involves feeding bogus data to the HDMI port of the console (by exploiting bugs in the CEC interface on the PS4 – CEC is the bit of HDMI protocol magic that lets you turn your TV instantly when you switch the PS4 on, and vice versa) in order to trigger a bug that will let you overwrite data in the PS4’s Southbridge (known as Aeolia or Belize depending on the hardware revision) and get code execution from there.
Sounds complicated? That’s because it probably is, and the overall process currently seems to involve lots of software and hardware hacks. (Picture below is part of the actual setup used by Fail0verflow).
Whether motivated hackers will be able to parse all the necessary information from the article, and turn it into an actual modchip for the PS4 is up for discussion at this point. But I wouldn’t be surprised if we heard good news in the weeks or months to come.