Advertising (This ad goes away for registered users. You can Login or Register)

WebKit 3.30-3.36

Open discussions on programming specifically for the PS Vita.
Forum rules
Forum rule Nº 15 is strictly enforced in this subforum.
xyz
Posts: 61
Joined: Thu Jan 20, 2011 7:06 pm

WebKit 3.30-3.36

Post by xyz » Wed Apr 22, 2015 2:57 pm

Since this was patched by Sony in 3.50 there's probably no reason to hold onto it anymore.

The vulnerability used is CVE-2014-1303 which was discovered by Liang Chen of Keen Team. You can read about it more here:
https://www.blackhat.com/docs/eu-14/mat ... Not-WP.pdf
https://www.blackhat.com/docs/eu-14/mat ... Or-Not.PDF

The archive contains vitasploit ported to 3.36. Other firmwares will not work. The exploit itself works on all PS Vita systems with firmware versions 3.30-3.36.

Mirror: http://a.pomf.se/genwgz.zip
vitasploit-33x.zip
(62.67 KiB) Downloaded 4433 times
Advertising

yeeeeeeee
Posts: 21
Joined: Thu Nov 21, 2013 10:21 am

Re: WebKit 3.30-3.36

Post by yeeeeeeee » Wed Apr 22, 2015 3:22 pm

This is great to hear! Made the mistake to update from 3.18 for I don't know what reason...
Advertising

Hykem
Guru
Posts: 75
Joined: Sat Jan 15, 2011 8:11 pm

Re: WebKit 3.30-3.36

Post by Hykem » Wed Apr 22, 2015 3:31 pm

We've been holding on to this exploit for a while now and I was hoping Sony would let it slip in 3.50. Still, it's a very interesting exploit and it's likely that it works on other devices (PS4 before 2.50, of course).
I'm going to add xyz's port for 3.36 to the vitasploit repository, which will now have two separate exploit methods. If anyone has a 3.30 or 3.35 unit and would like to mess around with WebKit, just let me know so I can port it to those firmware versions as well.

By the way, in addition to the PDF from blackhat that xyz linked to, there's also this:
https://cansecwest.com/slides/2015/Lian ... st2015.pdf

Those are the slides from Keen Team's Liang Chen's presentation at CanSecWest. Three different vulnerabilities are described in detail and it's definitely a good read.

JaxxBlaxx
Posts: 27
Joined: Sun Jan 25, 2015 3:04 pm

Re: WebKit 3.30-3.36

Post by JaxxBlaxx » Wed Apr 22, 2015 3:41 pm

Wow, I was not expecting this... Thanks and good job to everyone who helped port this!

wololo
Site Admin
Posts: 3616
Joined: Wed Oct 15, 2008 12:42 am
Location: Japan

Re: WebKit 3.30-3.36

Post by wololo » Wed Apr 22, 2015 4:27 pm

Nice work
If you need US PSN Codes, this technique is what I recommend.

Looking for guest bloggers and news hunters here at wololo.net, PM me!

User avatar
The Z
VIP
Posts: 5556
Joined: Thu Jan 27, 2011 4:26 pm
Location: PREUẞEN, DEUTSCHLAND
Contact:

Re: WebKit 3.30-3.36

Post by The Z » Wed Apr 22, 2015 4:31 pm

Sweet. So 3.36 is the new "best FW" :P
White PSV TV - 32GB - 3.60 CFW
White PSV 1000 - 32GB - 3.65 CFW
2x PSV 2000 - 32/64GB - 3.65 CFW
PSP Fat 1000 - TA-081 - 6.61 ME-2.3
PSP Slim 2000 - TA-085¹ - 6.61 ME-2.3
4x PSPgo & 1x PSP 3kº⁴ᶢ - 6.61 LME-2.3∞

yifanlu
Guru
Posts: 760
Joined: Sun Mar 11, 2012 6:42 am
Contact:

Re: WebKit 3.30-3.36

Post by yifanlu » Wed Apr 22, 2015 4:34 pm

Yeah nice work! Now get on it with 3.50 ;)

9600pro
Posts: 27
Joined: Sun Jan 18, 2015 9:24 am

Re: WebKit 3.30-3.36

Post by 9600pro » Wed Apr 22, 2015 5:01 pm

This is a very good news! Keep up the good work guys! ;)

torrey187
Posts: 5
Joined: Sun Dec 09, 2012 8:22 am

Re: WebKit 3.30-3.36

Post by torrey187 » Wed Apr 22, 2015 5:29 pm

I think 3.18 is still > 3.36 which is the fw im stuck on because renaming EBOOTS and putting it into the game folder is a pain in the ****

User avatar
haxxey
Big Beholder
Posts: 567
Joined: Sat Jul 21, 2012 10:52 am
Location: Lurking /talk

Re: WebKit 3.30-3.36

Post by haxxey » Wed Apr 22, 2015 5:36 pm

Great, thanks.
We are such stuff as dreams are made on, and our little life is rounded with a sleep.

Post Reply

Return to “Programming and Security”