Vita hacking: TheFlow shares writeup of the trinity exploit
A few weeks ago, hacker TheFlow released Trinity, the ultimate exploit suite for the latest PS Vita firmware 3.70.
Yesterday, the developer shared a writeup of the hack. With an impressive amount of vulnerabilities (6 of them) used to lead up to full access of the Vita system, this is a long and complex read.
The adventure starts with a kernel exploit in the PSP emulator, takes us into looking for Kermit vulnerabilities via a fuzzer, to ultimately defeat ASLR and craft an ARM Kernel exploit on the Vita CPU.
Old timers like me will enjoy the whole part related to controlling and escaping the PSP emulator through a MIPS Kernel exploit, then will appreciate getting totally lost in the deeper layers of the Vita kernel. In any case, for anybody interested in how gaming consoles are exploited, this is a must read!
TheFlow Credits Qwikrazor87 and Team Molecule for some of their work on the PSP emulator and the Vita respectively. I’ll leave you with his conclusion from the writeup, which hopefully you’ll find as inspirational as I did:
This was the coolest exploit chain that I had ever written and certainly also my proudest project. I enjoyed exploring these new attack surfaces and it gave me nostalgia as it combined a decade of knowledge and research by the PSP/PS Vita community. This project also concluded the end of my work for the PS Vita scene and I hope that my write-up would inspire other people to begin with reverse engineering, finding vulnerabilities and exploitation. I believe that I am only here where I am today thanks to these kind of write-ups and I believe you can all achieve the same, if you just want to.
The full writeup here: https://theofficialflow.github.io/2019/06/18/trinity.html
Source: TheFlow
first
The Flow – You are Awesome!
Lol @ Kermit vulnerabilities
calling all devs… calling all devs… please divert your attention to PS4 .
80 Millions users will pray for you.
pay would be cooler xD
TheFlow, you make so proud! Your work takes extreme practice and I thank you for your contribution to the community. I always wished to carry the torch you have, however I am too far from the level of expertise required. I can only root for developers like you here. I hope you read this and receive my gratitude.