Advertising (This ad goes away for registered users. You can Login or Register)

WebKit 3.30-3.36

Open discussions on programming specifically for the PS Vita.
Forum rules
Forum rule Nº 15 is strictly enforced in this subforum.
xyz
Posts: 61
Joined: Thu Jan 20, 2011 7:06 pm

WebKit 3.30-3.36

Post by xyz »

Since this was patched by Sony in 3.50 there's probably no reason to hold onto it anymore.

The vulnerability used is CVE-2014-1303 which was discovered by Liang Chen of Keen Team. You can read about it more here:
https://www.blackhat.com/docs/eu-14/mat ... Not-WP.pdf
https://www.blackhat.com/docs/eu-14/mat ... Or-Not.PDF

The archive contains vitasploit ported to 3.36. Other firmwares will not work. The exploit itself works on all PS Vita systems with firmware versions 3.30-3.36.

Mirror: http://a.pomf.se/genwgz.zip
vitasploit-33x.zip
(62.67 KiB) Downloaded 5230 times
Advertising
yeeeeeeee
Posts: 21
Joined: Thu Nov 21, 2013 10:21 am

Re: WebKit 3.30-3.36

Post by yeeeeeeee »

This is great to hear! Made the mistake to update from 3.18 for I don't know what reason...
Advertising
Hykem
Guru
Posts: 75
Joined: Sat Jan 15, 2011 8:11 pm

Re: WebKit 3.30-3.36

Post by Hykem »

We've been holding on to this exploit for a while now and I was hoping Sony would let it slip in 3.50. Still, it's a very interesting exploit and it's likely that it works on other devices (PS4 before 2.50, of course).
I'm going to add xyz's port for 3.36 to the vitasploit repository, which will now have two separate exploit methods. If anyone has a 3.30 or 3.35 unit and would like to mess around with WebKit, just let me know so I can port it to those firmware versions as well.

By the way, in addition to the PDF from blackhat that xyz linked to, there's also this:
https://cansecwest.com/slides/2015/Lian ... st2015.pdf

Those are the slides from Keen Team's Liang Chen's presentation at CanSecWest. Three different vulnerabilities are described in detail and it's definitely a good read.
JaxxBlaxx
Posts: 27
Joined: Sun Jan 25, 2015 3:04 pm

Re: WebKit 3.30-3.36

Post by JaxxBlaxx »

Wow, I was not expecting this... Thanks and good job to everyone who helped port this!
wololo
Site Admin
Posts: 3621
Joined: Wed Oct 15, 2008 12:42 am
Location: Japan

Re: WebKit 3.30-3.36

Post by wololo »

Nice work
If you need US PSN Codes, this technique is what I recommend.

Looking for guest bloggers and news hunters here at wololo.net, PM me!
The Z
VIP
Posts: 5505
Joined: Thu Jan 27, 2011 4:26 pm
Location: Deutschland
Contact:

Re: WebKit 3.30-3.36

Post by The Z »

Sweet. So 3.36 is the new "best FW" :P
White PSV TV - 32GB - 3.65 CFW
White PSV 1000 - 32GB - 3.65 CFW
2x PSV 2000 - 32/64GB - 3.65 CFW
PSP Fat 1000 - TA-081 - 6.61 ME-2.3
PSP Slim 2000 - TA-085¹ - 6.61 ME-2.3
4x PSPgo & 1x PSP 3kº⁴ᶢ - 6.61 LME-2.3∞
yifanlu
Guru
Posts: 760
Joined: Sun Mar 11, 2012 6:42 am
Contact:

Re: WebKit 3.30-3.36

Post by yifanlu »

Yeah nice work! Now get on it with 3.50 ;)
9600pro
Posts: 27
Joined: Sun Jan 18, 2015 9:24 am

Re: WebKit 3.30-3.36

Post by 9600pro »

This is a very good news! Keep up the good work guys! ;)
torrey187
Posts: 5
Joined: Sun Dec 09, 2012 8:22 am

Re: WebKit 3.30-3.36

Post by torrey187 »

I think 3.18 is still > 3.36 which is the fw im stuck on because renaming EBOOTS and putting it into the game folder is a pain in the ****
R0ME0
Posts: 29
Joined: Fri Mar 27, 2015 4:35 pm

Re: WebKit 3.30-3.36

Post by R0ME0 »

Excellent! Thank you for the dedication to advancing the scene.
Locked

Return to “Programming and Security”