Advertising (This ad goes away for registered users. You can Login or Register)

PS4 1.76 Webkit ROP POC

Underground PS4 discussions
Forum rules
Forum rule Nº 15 is strictly enforced in this subforum.
nitr8
Posts: 13
Joined: Thu Jan 23, 2014 3:34 pm

Re: PS4 1.76 Webkit ROP POC

Post by nitr8 » Fri Oct 24, 2014 5:39 am

It would be good to know what's the expected output when running these scripts, because everything I get is "not enough free system memory" while testing this on a PS4 with firmware 1.52 installed. I know that this is made for firmware 1.76 but shouldn't it work on lower firmwares as well? What output should I get after clicking "Start"?

Thanks in advance
Advertising

nas
Posts: 10
Joined: Thu Aug 14, 2014 6:35 am

Re: PS4 1.76 Webkit ROP POC

Post by nas » Fri Oct 24, 2014 5:47 am

nitr8 wrote:It would be good to know what's the expected output when running these scripts, because everything I get is "not enough free system memory" while testing this on a PS4 with firmware 1.52 installed. I know that this is made for firmware 1.76 but shouldn't it work on lower firmwares as well? What output should I get after clicking "Start"?

Thanks in advance
On any other fw then 1.76 it should cause this mem error, because of different offsets. On 1.76 the rop html should make your browser hang and the dump htmls should list the modules including links to the dump php script.
Advertising

anhell28
Posts: 33
Joined: Mon Apr 16, 2012 2:07 am

Re: PS4 1.76 Webkit ROP POC

Post by anhell28 » Fri Oct 24, 2014 6:26 am

i get modules 0 to about 19 listed with addresses when using dump.html and dump2.html

and when i use rop2.html it does indeed hang

so is this confirmation that my PS4 is vulnerable and the PS4 webkit works?

Senaxx
Posts: 1
Joined: Fri Oct 24, 2014 3:58 pm

Re: PS4 1.76 Webkit ROP POC

Post by Senaxx » Fri Oct 24, 2014 4:00 pm

I can confirm that the dumper PoC works. I got around 653 dumps then running all 19 modules. And as you said @nas the rop2.html hangs the PS4 browser.

D3NN15
Posts: 4
Joined: Fri Nov 08, 2013 4:55 am

Re: PS4 1.76 Webkit ROP POC

Post by D3NN15 » Fri Oct 24, 2014 8:39 pm

Since this has been rumored to be patched in 2.0, should I update or should I wait or get another ps4 and keep it on 1.76 for a couple months while devs work on an exploit? If there are more vulnerabilities in 2.0> is it worth updating to?

User avatar
HarmfulMushroom
Posts: 752
Joined: Wed Dec 25, 2013 10:02 pm

Re: PS4 1.76 Webkit ROP POC

Post by HarmfulMushroom » Fri Oct 24, 2014 8:51 pm

D3NN15 wrote:Since this has been rumored to be patched in 2.0, should I update or should I wait or get another ps4 and keep it on 1.76 for a couple months while devs work on an exploit? If there are more vulnerabilities in 2.0> is it worth updating to?
It's not a rumor it's a fact; it will be patched at 2.00. And I'd say it's a safe assumption it's going to be longer than just a couple months before anything big is found, so your call on what you want to do.

YoshiInAVoid
Posts: 8
Joined: Thu Feb 20, 2014 1:23 pm

Re: PS4 1.76 Webkit ROP POC

Post by YoshiInAVoid » Fri Oct 24, 2014 8:55 pm

Great work! I just tested it on my 1.76 PS4, and it's vulnerable! Definitely not updating!

hudavendigar
Posts: 68
Joined: Fri Oct 26, 2012 9:13 pm

Re: PS4 1.76 Webkit ROP POC

Post by hudavendigar » Sat Oct 25, 2014 12:53 am

Do proxies work with PS4 to access PSN? I really hope I can download GTAV.

Berlin
Posts: 3
Joined: Sat Oct 25, 2014 10:43 pm

Re: PS4 1.76 Webkit ROP POC

Post by Berlin » Sat Oct 25, 2014 10:53 pm

HarmfulMushroom wrote:
D3NN15 wrote:Since this has been rumored to be patched in 2.0, should I update or should I wait or get another ps4 and keep it on 1.76 for a couple months while devs work on an exploit? If there are more vulnerabilities in 2.0> is it worth updating to?
It's not a rumor it's a fact; it will be patched at 2.00. And I'd say it's a safe assumption it's going to be longer than just a couple months before anything big is found, so your call on what you want to do.
I bet you $100 i can get this running on 2.0... Id say its fairly safe to update to be honest. Make of that what you will and update at your own risk, im %99 sure we will be able to port this to 2.0 one way or another.

anhell28
Posts: 33
Joined: Mon Apr 16, 2012 2:07 am

Re: PS4 1.76 Webkit ROP POC

Post by anhell28 » Sat Oct 25, 2014 11:23 pm

i really do want the new features coming with fw 2.0 but i will most likely purchase another PS4 to keep 1 vulnerable and 1 legit for my online gaming.

i was thinking that the Xbox one would be hacked 1st and then awhile later the PS4.....

glad i purchased a PS4 instead of an xb1 even though i've always had an xbox360 in my home which i have jtag'd and flashed the drive with LT3.0 for online

Post Reply

Return to “Programming and Security”