More details surface on the PS4/PS5 Blu-ray exploits

15 Responses

  1. Gabe says:

    What does TheFlow mean by these 2 things he said?

    1.) “With these vulnerabilities, it is possible to ship pirated games on bluray discs. That is possible even without a kernel exploit as we have JIT capabilities.”
    2.) “Without a kernel exploit, you won’t be able to run any pirated games”

    I don’t understand the difference? He said kernel is not needed and then the next he says its needed?

    • wololo says:

      I think with 1) he implied that was theoretically possible, and with 2) he means that in practice a kernel exploit is actually needed as running pirated games through JIT is too impractical (or maybe he thought about other limitations he hadn’t thought through initially).
      The other possibility is that he did achieve to run pirated games, through an additional exploit, that he forgot he was running at the time he made the statement.

    • Natfigger says:

      I’ve got 6 launch ps5s sitting in my garage ill sell for 1k each anyone interested?

  2. lekizwta says:

    I think you almost got it right, there’s still some chances on ps5 4.03 because the flow stated without a kex and only ps4 disc games but he did not say anithing about outside BD-J meaning it could potentially lead to a ps5 4.03 debug settings not to forget that hackerone report was sent on octuber 25th 2021 getting paid $20k by son on november 12th the flow posted debug settings screenshot on november 7th,

    so this could still lead to a ps5 4.03 full chain exploit another hint would be the picture at the conference from the exploit it clearly states
    Kernel r/w primitives obtained that was probably ran on the PS5

    so let us wait what the developers have to say about this exploit and mitigations but the ps5 4.03 posibility it’s still there ….

  3. Stoopid says:

    Im on ps5 should I update to 4.50?

  4. Lena says:

    Isn’t he selling any useful hacks to Sony through the bounty program?

  5. Disapp says:

    it’s a shame he is working for sony for free while also fcking over the community. I do similar work as a RevEng (but tbh not quite this complex) and i earn 680k€/an. With his skills he could earn so much more money but instead he is selling exploits for peanuts. We mostly work for Google and Microsoft and for an exploit of this level we would charge 4-6 Mio.

    • more grateful says:

      This dude single handedly did work that the entire community will benefit from massively and did it right giving proper disclosure and everything, and this is the response you think is warranted? The “community” is only going to benefit from his findings that he’s having disclosed here. He could have not pressed the issue at all and let sony keep it undisclosed giving us nothing. The news for you is that no one is obligated to give you or the community ANYTHING. Is it really necessary to be so sanctimonious about it?

    • c says:

      There’s a difference though. If he were to demand more that could be seen as extortion, and since reverse engineering can be argued in a court of law as circumventing copyright, there’s a fine line between being able to pursue his hobby of exploit digging and getting paid something vs. putting a bullseye on his back for litigation, case in point, George Hotz. It’s pretty obvious to me which side of that line Andy prefers to be on.

  1. June 14, 2022

    […] PS4 or the PS5, but the scene has obviously become excited by TheFloW‘s recent disclosure, of a Blu-Ray attack that impacts both consoles. It’s the right time to remind everyone to stay calm and not jump the […]