Advertising (This ad goes away for registered users. You can Login or Register)

PSVita Webkit exploit for 2.60 PoC

Open discussions on programming specifically for the PS Vita.
Forum rules
Forum rule Nº 15 is strictly enforced in this subforum.
yifanlu
Guru
Posts: 760
Joined: Sun Mar 11, 2012 6:42 am
Contact:

Re: PSVita Webkit exploit for 2.60 PoC

Post by yifanlu »

npt wrote:/me crawls out from under a rock and updates from 1.80 fw, to 2.60 I do believe. first to irc.

:D
Noooo! Please no more of this. Nid poisoning was introduced in 2.10. (Last safe version is 2.06) This makes trying to find a kernel hack thousand times harder.
Advertising
Last edited by yifanlu on Sun Oct 19, 2014 4:38 pm, edited 1 time in total.
Zdzich981
Posts: 62
Joined: Sat May 07, 2011 2:18 pm

Re: PSVita Webkit exploit for 2.60 PoC

Post by Zdzich981 »

When I hit the start button I get a popup that displays “Found webkit at :819fff68″ If click ok and wait a bit I get the Congrats , this vita is vulnerable.
Advertising
Ruben_Wolfe
Posts: 158
Joined: Sat Aug 09, 2014 9:33 pm

Re: PSVita Webkit exploit for 2.60 PoC

Post by Ruben_Wolfe »

yifanlu wrote:
npt wrote:/me crawls out from under a rock and updates from 1.80 fw, to 2.60 I do believe. first to irc.

:D
Noooo! Please no more of this. Nid poisoning was introduced in 2.06. This makes trying to find a kernel hack thousand times harder.
Care to explain what Nid poisoning is? :?
yifanlu
Guru
Posts: 760
Joined: Sun Mar 11, 2012 6:42 am
Contact:

Re: PSVita Webkit exploit for 2.60 PoC

Post by yifanlu »

Ruben_Wolfe wrote:
yifanlu wrote:
npt wrote:/me crawls out from under a rock and updates from 1.80 fw, to 2.60 I do believe. first to irc.

:D
Noooo! Please no more of this. Nid poisoning was introduced in 2.06. This makes trying to find a kernel hack thousand times harder.
Care to explain what Nid poisoning is? :?
The short version is that syscalls are randomized and you have no idea what syscall is what function.
npt
VIP
Posts: 154
Joined: Wed Oct 27, 2010 3:32 pm

Re: PSVita Webkit exploit for 2.60 PoC

Post by npt »

yifanlu wrote:
npt wrote:/me crawls out from under a rock and updates from 1.80 fw, to 2.60 I do believe. first to irc.

:D
Noooo! Please no more of this. Nid poisoning was introduced in 2.10. (Last safe version is 2.06) This makes trying to find a kernel hack thousand times harder.
That's right. I do believe someone mentioned this a while back. Gonna stick with the 1.80 and just get a 2nd or 3rd unit.

It's time. Time to trade ps3 dex etc or phone stuff for a 2nd and 3rd vita. Maybe a vita tv.

npt
hoinzy
Posts: 16
Joined: Mon Jul 09, 2012 1:49 pm

Re: PSVita Webkit exploit for 2.60 PoC

Post by hoinzy »

Ok this is a little Off-Topic, but obviously related: I quickly tried the PoC on my PS4, and it runs until Error 3 switch, because the array size did not in- or decrease. The u32[] data says : [0,0,0,0,0,0,0,0,undefined,undefined,undefined,undefined,undefined,undefined,undefined,undefined]
But still, as the Webkit version is 536.26, there is hope. I'm still struggeling with the comments, and would really appreciate some more elaboration. Maybe some illustrations for memory layout?
Takezo
Posts: 14
Joined: Mon Oct 20, 2014 7:05 am

Re: PSVita Webkit exploit for 2.60 PoC

Post by Takezo »

-> viewtopic.php?f=63&t=39331&p=368261#p368261
@hoinzy,You will not get the psvita webkit exploit work in ps4, because ps4 use amd 64bit and psvita 32 bits (= IOS32bit exploit).
Otherwise, you can adapt macos 64bits version -> ps4:
http://packetstormsecurity.com/files/123088/
Acid_Snake
Retired Mod
Posts: 3100
Joined: Tue May 01, 2012 11:32 am
Location: Behind you!

Re: PSVita Webkit exploit for 2.60 PoC

Post by Acid_Snake »

npt wrote:
yifanlu wrote:
npt wrote:/me crawls out from under a rock and updates from 1.80 fw, to 2.60 I do believe. first to irc.

:D
Noooo! Please no more of this. Nid poisoning was introduced in 2.10. (Last safe version is 2.06) This makes trying to find a kernel hack thousand times harder.
That's right. I do believe someone mentioned this a while back. Gonna stick with the 1.80 and just get a 2nd or 3rd unit.

It's time. Time to trade ps3 dex etc or phone stuff for a 2nd and 3rd vita. Maybe a vita tv.

npt
have you thought about donating your low firmware vita to devs that will make real good use of it? or trading it at least.
Tikiko99
Posts: 155
Joined: Mon Feb 21, 2011 6:45 pm
Location: Somewhere in this planet called Earth

Re: PSVita Webkit exploit for 2.60 PoC

Post by Tikiko99 »

Acid_Snake wrote: have you thought about donating your low firmware vita to devs that will make real good use of it? or trading it at least.
Acid you're really rude ya'know you're assuming npt doesn't make any good use of it -.-'
My Systems:

PSP GO OFW 6.60
PS Vita PCH-1004 : 3.60
PS Vita PCH-1101 : 1.50

PS3 OFW 4.25(dead)
Hobb
Posts: 1
Joined: Sat Sep 13, 2014 8:17 pm

Re: PSVita Webkit exploit for 2.60 PoC

Post by Hobb »

yifanlu wrote: The short version is that syscalls are randomized and you have no idea what syscall is what function.
Eeemmm... Perhaps someone should put this bit of news very visible somewhere in the webpage or the forum to stop the update craze that is happening right now, I almost inadvertedly updated my 1.80 to 2.60 thinking the potential for homebrew was the same for all the firmwares from 2.0 to 3.18.

Something like a warning saying "DO NOT UPDATE... YET"
Locked

Return to “Programming and Security”