PS Vita: TheFloW releases new kernel exploit “HENlo” (compatible with 3.74)
Christmas presents don’t seem to stop this year, and today it’s PlayStation hacker TheFloW who brings us a new kernel exploit for the PS Vita, nicknamed “HENlo”.
What is HENlo for the PS Vita ?
Henlo is a WebKit+Kernel exploit chain for all PS Vita firmwares. It uses qwertyoruiop‘s WebKit exploit for FW 4.0x on the PS4 and two kernel bugs found by TheFloW: a heap info leak in sceNetSyscallControl and an integer overflow leading to heap overflow in sceNetSyscallGetIfList.
With additional work, the exploit could be turned into a full-fledged Jailbreak for the PS Vita. Scene veteran Freakler said the Jailbreak based on Henlo exists already, but that work seems to be private at the moment.
it has and you knew! pic.twitter.com/Nsi2P9ceRu
— Freakler (@freakler94) December 27, 2022
Update 1: Hacker SKGleba has released an implementation of the hack which can now be used by end users (links below)
Why was Henlo released now?
From a user’s perspective,
there’s very little benefit to this release now (actually some good benefits from this release, see update 2 below), given that we have perfectly functional ways to install CFW on all existing PS Vita models.
So why releasing this now? Well, the hacker states it’s a 3 year old project he never really completed. considering that Sony have, for all intents and purposes, stopped updating the PS Vita, there’s probably not much risk in making these vulnerabilities public now, and it’s probably better to release this project unfinished, that have it rot on a private repository. As TheFloW says, turning this into a full fledged Jailbreak could be a good learning opportunity for anyone who wants to know more about kernel exploitation.
Update 2: longtime scene member and hacker Steps had the following to reply to our statement that this release has “little benefit to the end user”:
Here are a bunch of benefits, which I doubt are “very little”:
– Users of Phat vita models (1000) on 3.61+ no longer have to buy proprietary Sony memory cards in order to initially hack the device.
– In case PSN or PSN auth ever goes down, this will keep working. CMA-based jailbreaks require you to be authed with a PSN account before files can be transferred.
– This works without a PC and only requires you to open Vita’s webbrowser. It is fast and saves time for both the users and for volunteer helpers
As you can see, directly impacts the end user, assists in longevity of the Vita and even saves money in some cases.
All of these are extremely good points. Our apologies for not seeing that earlier.
Download Henlo – Kernel exploit chain for PS Vita
- You can download the source code on the project’s github here.
- As a reminder, this one is not for end users, but for people who want to investigate a kernel exploit for fun and profit.
- A working beta implementation by SKGleba can be found here: visit https://deploy.psp2.dev/ with the PS vita Browser. Details here
Until these tools get stabilized and the relevant guides get updated, if you’re just trying to hack your 3.74 PS Vita, all you need is our Vita CFW Guide here.