Hacking Another way to access browser

W

WayneWayne10

Member
OP
Newcomer
Level 2
Joined
Dec 1, 2017
Messages
17
Trophies
0
Age
32
XP
217
Country
United States
Not sure if this is already covered here but I remember people stating you could get to a web browser through a wifi sign in page but you can also get to the browser if you go through the new user setup and click on Facebook or Twitter. I just sent a link to Google through Facebook messages and used that to navigate. I was playing around with .TIFF file formats due to the PSP years ago utilizing executable code through .TIFF images and the first one I tried to load through FB messages gave me:
Error code: 2168-0002

This was also on firmware 4.0.1.
 
  • Like
Reactions: Yoni Arousement, BlastedGuy9905, PotatisKnug and 2 others
blinkzane

blinkzane

Panic at your moms house
Member
Level 9
Joined
Jul 24, 2012
Messages
944
Trophies
1
Location
Florida
XP
1,640
Country
United States
Good start, don't think I've heard of that one. Something tells me I tenet exploit will happen eventually, just might be a long time
 
D

Deleted User

Guest
WayneWayne10 said:
Not sure if this is already covered here but I remember people stating you could get to a web browser through a wifi sign in page but you can also get to the browser if you go through the new user setup and click on Facebook or Twitter. I just sent a link to Google through Facebook messages and used that to navigate. I was playing around with .TIFF file formats due to the PSP years ago utilizing executable code through .TIFF images and the first one I tried to load through FB messages gave me:
Error code: 2168-0002

This was also on firmware 4.0.1.
Click to expand...
Those Tiffs were used to exploit a specific bug in the tiff library of the PSP. The TIFF file has 0 x 0 dimensions, but the bug involved still allocated memory, loaded the image, and attempted to display the image. Upon attempting to display, a buffer overflow occurs and was used (on the PSP 2.0 firmware I believe) to achieve ACE.

The reason the error is occurring isn't because it's almost working or anything like that, it's simply displaying an error code due to what the browser sees as an invalid image trying to be viewed. Even if by some magic, the TIFF actually did cause some kind of exploitable interaction (which it doesn't), the payload embedded in the TIFF file is for an entirely different architecture.

Believe me, if it were as easy as just loading up 10+ year old TIFF exploits (which was antiquated even at that time), someone would have figured it out by now.
 
  • Like
Reactions: WayneWayne10, MeowMeowMeow and PotatisKnug
W

WayneWayne10

Member
OP
Newcomer
Level 2
Joined
Dec 1, 2017
Messages
17
Trophies
0
Age
32
XP
217
Country
United States
UnsureSherlock said:
Those Tiffs were used to exploit a specific bug in the tiff library of the PSP. The TIFF file has 0 x 0 dimensions, but the bug involved still allocated memory, loaded the image, and attempted to display the image. Upon attempting to display, a buffer overflow occurs and was used (on the PSP 2.0 firmware I believe) to achieve ACE.

The reason the error is occurring isn't because it's almost working or anything like that, it's simply displaying an error code due to what the browser sees as an invalid image trying to be viewed. Even if by some magic, the TIFF actually did cause some kind of exploitable interaction (which it doesn't), the payload embedded in the TIFF file is for an entirely different architecture.

Believe me, if it were as easy as just loading up 10+ year old TIFF exploits (which was antiquated even at that time), someone would have figured it out by now.
Click to expand...

Yeah no worries. I'm not super savy with this stuff beyond jailbreaking following a tutorial. The only reason I posted this is because it forced me to restart my system when it happened. And mostly because getting to the browser this was was insanely easier. Cheers and thanks for the info on how the TIFF exploit worked.
 
BlastedGuy9905

BlastedGuy9905

where's the updated autopsy report
Member
Level 14
Joined
Apr 13, 2017
Messages
2,334
Trophies
1
Age
33
Location
under your desk
XP
4,043
Country
United States
Ptrk25 said:
From Switchbrew:
Click to expand...
Interesting.

--------------------- MERGED ---------------------------

WayneWayne10 said:
Not sure if this is already covered here but I remember people stating you could get to a web browser through a wifi sign in page but you can also get to the browser if you go through the new user setup and click on Facebook or Twitter. I just sent a link to Google through Facebook messages and used that to navigate. I was playing around with .TIFF file formats due to the PSP years ago utilizing executable code through .TIFF images and the first one I tried to load through FB messages gave me:
Error code: 2168-0002

This was also on firmware 4.0.1.
Click to expand...
This is how you make a thread. Research your stuff, people!
 
Polopop123

Polopop123

Banned!
Banned
Level 4
Joined
Aug 21, 2017
Messages
271
Trophies
0
XP
367
Country
Ireland
Haven’t tested this but it’s be pretty cool if someone did it
1) Have Rocket League
2) Go into the game and click on the window to the right of it where it had all the e sports etc
3) You’ll be directed to a forum
4) Go on you PC/ laptop etc and log into the forum and post on a status google.com
5) Search for that status and click on the hyperlink
The only way I don’t see this working is if you can’t click on hyperlinks posted by members but it’d be a worth as shot but it’s definitely not at all practical
 
Last edited by Polopop123,

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Misc  Getting the MIG Switch to load an XCI dump without its original Initial Data

DBI language error

Emulation Homebrew  duckstation for Switch

Can you trade in a banned switch for an unbanned one?

Why is Atmosphere so dominant?

Last switch firmware blocking MIG SWITCH?

Crosscode Hacking thread

Hacking  Loader.kip for AMS 1.7.0 with FW 17.0.1 - sys-clk error ??

General chit-chat
Help Users
  • No one is chatting at the moment.
  • K3Nv2 @ K3Nv2:
    It must be the 1st already
  • BakerMan @ BakerMan:
    1st of what?
  • BakerMan @ BakerMan:
    may?
  • K3Nv2 @ K3Nv2:
    Oh yeah it's in September
  • Xdqwerty @ Xdqwerty:
    @BakerMan, yea i think its different
  • BakerMan @ BakerMan:
    ok, because here it's in september, right before the fuckin school year starts
  • Xdqwerty @ Xdqwerty:
  • K3Nv2 @ K3Nv2:
    https://youtu.be/_sJ79aDQTeQ?si=dCPYbyGhZ8OFK8nb
  • Psionic Roshambo @ Psionic Roshambo:
    https://www.youtube.com/watch?v=HlxH_Th3-LI
  • Xdqwerty @ Xdqwerty:
    good night
  • BakerMan @ BakerMan:
    as to you
  • K3Nv2 @ K3Nv2:
    How do you know if the night will be good when you're asleep
  • BakerMan @ BakerMan:
    because i didn't say i was asleep
  • BakerMan @ BakerMan:
    i said i was sleeping...
  • BakerMan @ BakerMan:
    sleeping with uremum
  • K3Nv2 @ K3Nv2:
    Even my mum slept on that uremum
  • TwoSpikedHands @ TwoSpikedHands:
    yall im torn... ive been hacking away at tales of phantasia GBA (the USA version) and have so many documents of reverse engineering i've done
  • TwoSpikedHands @ TwoSpikedHands:
    I just found out that the EU version is better in literally every way, better sound quality, better lighting, and there's even a patch someone made to make the text look nicer
  • TwoSpikedHands @ TwoSpikedHands:
    Do I restart now using what i've learned on the EU version since it's a better overall experience? or do I continue with the US version since that is what ive been using, and if someone decides to play my hack, it would most likely be that version?
  • Sicklyboy @ Sicklyboy:
    @TwoSpikedHands, I'll preface this with the fact that I know nothing about the game, but, I think it depends on what your goals are. Are you trying to make a definitive version of the game? You may want to refocus your efforts on the EU version then. Or, are you trying to make a better US version? In which case, the only way to make a better US version is to keep on plugging away at that one ;)
  • Sicklyboy @ Sicklyboy:
    I'm not familiar with the technicalities of the differences between the two versions, but I'm wondering if at least some of those differences are things that you could port over to the US version in your patch without having to include copyrighted assets from the EU version
  • TwoSpikedHands @ TwoSpikedHands:
    @Sicklyboy I am wanting to fully change the game and bend it to my will lol. I would like to eventually have the ability to add more characters, enemies, even have a completely different story if i wanted. I already have the ability to change the tilemaps in the US version, so I can basically make my own map and warp to it in game - so I'm pretty far into it!
  • TwoSpikedHands @ TwoSpikedHands:
    I really would like to make a hack that I would enjoy playing, and maybe other people would too. swapping to the EU version would also mean my US friends could not legally play it
  • TwoSpikedHands @ TwoSpikedHands:
    I am definitely considering porting over some of the EU features without using the actual ROM itself, tbh that would probably be the best way to go about it... but i'm sad that the voice acting is so.... not good on the US version. May not be a way around that though
  • TwoSpikedHands @ TwoSpikedHands:
    I appreciate the insight!
    TwoSpikedHands @ TwoSpikedHands: I appreciate the insight!