Underground PS4 discussions
Forum rules: Forum rule Nº 15 is strictly enforced in this subforum.
#368563 by nas
Thu Oct 23, 2014 7:49 pm
hi,
i finally got around to do some cleanup and...
here you are: https://www.sendspace.com/file/mdunzp

this package contains:
  • ROP POC
  • Module Dumpers
  • helper script for creating rop chains
  • other stuff :P

thanks a lot to Proxima for helping me!
Advertising
#368565 by Belmondo
Thu Oct 23, 2014 8:31 pm
thanks nas! nice work mate! :)
Advertising
#368580 by anhell28
Thu Oct 23, 2014 10:59 pm
so i take it that this is a port of the vita webkit but for PS4.

is it safe to say i should NOT update my PS4's fw to 2.00 when it is released?

just looking forward to some cool homebrew and hacks for my psvita and PS4.
#368585 by josh_axey
Thu Oct 23, 2014 11:41 pm
anhell28 wrote:so i take it that this is a port of the vita webkit but for PS4.

I don't believe so, no. This was done in tandem, separately.

We're referring to the same bug in WebKit itself that is being used by different people in different ways.
#368587 by Proxima
Fri Oct 24, 2014 12:11 am
The 64bit version is a bit different. It is the same heap corruption via the sort() bug, but from there its different. On 32bit you can set the Uint32Array to 0x40000000 size and access any memory. On 64bit, you have to carefully change the base address since the 0x40000000 trick doesn't work for a 64bit address space.
#368594 by josh_axey
Fri Oct 24, 2014 1:26 am
Proxima wrote:The 64bit version is a bit different. It is the same heap corruption via the sort() bug, but from there its different. On 32bit you can set the Uint32Array to 0x40000000 size and access any memory. On 64bit, you have to carefully change the base address since the 0x40000000 trick doesn't work for a 64bit address space.

Yeah, I noticed that when having a look through. Nice, by the way.

Who is online

Users browsing this forum: No registered users and 1 guest