PS4 1.76 Webkit ROP POC

[nitr8]

It would be good to know what's the expected output when running these scripts, because everything I get is "not enough free system memory" while testing this on a PS4 with firmware 1.52 installed. I know that this is made for firmware 1.76 but shouldn't it work on lower firmwares as well? What output should I get after clicking "Start"?

Thanks in advance

Advertising

[nas]

It would be good to know what's the expected output when running these scripts, because everything I get is "not enough free system memory" while testing this on a PS4 with firmware 1.52 installed. I know that this is made for firmware 1.76 but shouldn't it work on lower firmwares as well? What output should I get after clicking "Start"?

Thanks in advance

On any other fw then 1.76 it should cause this mem error, because of different offsets. On 1.76 the rop html should make your browser hang and the dump htmls should list the modules including links to the dump php script.

Advertising

[anhell28]

i get modules 0 to about 19 listed with addresses when using dump.html and dump2.html

and when i use rop2.html it does indeed hang

so is this confirmation that my PS4 is vulnerable and the PS4 webkit works?

[Senaxx]

I can confirm that the dumper PoC works. I got around 653 dumps then running all 19 modules. And as you said @nas the rop2.html hangs the PS4 browser.

[D3NN15]

Since this has been rumored to be patched in 2.0, should I update or should I wait or get another ps4 and keep it on 1.76 for a couple months while devs work on an exploit? If there are more vulnerabilities in 2.0> is it worth updating to?

[HarmfulMushroom]

Since this has been rumored to be patched in 2.0, should I update or should I wait or get another ps4 and keep it on 1.76 for a couple months while devs work on an exploit? If there are more vulnerabilities in 2.0> is it worth updating to?

It's not a rumor it's a fact; it will be patched at 2.00. And I'd say it's a safe assumption it's going to be longer than just a couple months before anything big is found, so your call on what you want to do.

[YoshiInAVoid]

Great work! I just tested it on my 1.76 PS4, and it's vulnerable! Definitely not updating!

[hudavendigar]

Do proxies work with PS4 to access PSN? I really hope I can download GTAV.

[Berlin]

Since this has been rumored to be patched in 2.0, should I update or should I wait or get another ps4 and keep it on 1.76 for a couple months while devs work on an exploit? If there are more vulnerabilities in 2.0> is it worth updating to?

It's not a rumor it's a fact; it will be patched at 2.00. And I'd say it's a safe assumption it's going to be longer than just a couple months before anything big is found, so your call on what you want to do.

I bet you $100 i can get this running on 2.0... Id say its fairly safe to update to be honest. Make of that what you will and update at your own risk, im %99 sure we will be able to port this to 2.0 one way or another.

[anhell28]

i really do want the new features coming with fw 2.0 but i will most likely purchase another PS4 to keep 1 vulnerable and 1 legit for my online gaming.

i was thinking that the Xbox one would be hacked 1st and then awhile later the PS4.....

glad i purchased a PS4 instead of an xb1 even though i've always had an xbox360 in my home which i have jtag'd and flashed the drive with LT3.0 for online