New hack for PS4 and maybe PS5?

raxadian

raxadian

Well-Known Member
OP
Member
Level 14
Joined
Nov 10, 2018
Messages
4,380
Trophies
1
Age
41
XP
4,586
Country
Argentina
"Longtime console hacker CTurt has blasted what he calls an "essentially unpatchable" hole in the security of the PS4 and PS5, detailing a proof-of-concept method that should allow for the installation of arbitrary homebrew applications on the consoles.

CTurt says he disclosed his exploit, dubbed Mast1c0re, to Sony via a bug bounty program a year ago without any sign of a public fix. The method exploits errors in the just-in-time (JIT) compilation used by the emulator that runs certain PS2 games on the PS4 (and PS5). That compilation gives the emulator special permissions to continually write PS4-ready code (based on the original PS2 code) just before the application layer itself executes that code.
Advertisement

By gaining control of both sides of that process, a hacker can write privileged code that the system treats as legitimate and secure. "Since we're using the JIT system calls for their intended purpose, it's not really an exploit, just a neat trick," CTurt said of a since-patched JIT exploit on the PS4's web browser."
source: https://arstechnica.com/gaming/2022...-ps5-exploit-that-is-essentially-unpatchable/
 
V

Viri

Well-Known Member
Member
Level 17
Joined
Sep 13, 2009
Messages
4,226
Trophies
2
XP
6,823
Country
United States
Why do we still get new hacks for PS4/PS5, but none for Switch? I just want to ditch my OG Switch for a hacked OLED, without spending 200 dollars on a mod chip. :(
 
R

remlei

Well-Known Member
Member
Level 5
Joined
Mar 26, 2013
Messages
183
Trophies
1
Age
34
XP
615
Country
raxadian said:
Read the linked article, you need an already hacked PS4 and a disc PS2 to PS4 game.
Click to expand...
no your not. you need to purchase that specific game (OKAGE: Shadow King). as it said, it works on latest firmware.

once you have that, its just a matter of injecting a exploited save file (will probably require save signing, either using a hacked ps4 or ps4 save wizard) to get the hack working.
 
Tomato123

Tomato123

Well-Known Member
Member
Level 11
Joined
Feb 8, 2020
Messages
734
Trophies
1
Location
England
XP
2,518
Country
United Kingdom
remlei said:
no your not. you need to purchase that specific game (OKAGE: Shadow King). as it said, it works on latest firmware.

once you have that, its just a matter of injecting a exploited save file (will probably require save signing, either using a hacked ps4 or ps4 save wizard) to get the hack working.
Click to expand...
The important thing is that this exploit is in the PS2 emulator, not the specific game. A lot of known exploits exist for PS2 games which this could work with. OKAGE is simply the game used as an example since it has a fairly simple save game buffer overflow exploit which is perfect for this purpose.
 
  • Like
Reactions: raxadian
raxadian

raxadian

Well-Known Member
OP
Member
Level 14
Joined
Nov 10, 2018
Messages
4,380
Trophies
1
Age
41
XP
4,586
Country
Argentina
Tomato123 said:
The important thing is that this exploit is in the PS2 emulator, not the specific game. A lot of known exploits exist for PS2 games which this could work with. OKAGE is simply the game used as an example since it has a fairly simple save game buffer overflow exploit which is perfect for this purpose.
Click to expand...

Basically any PS2 to PS4 game disc whose PS2 version has a know exploit could work and technically any PS2 to PS4 game whose save can be hacked on a hacked PS4 could work, but that would take more effort.
 
Tomato123

Tomato123

Well-Known Member
Member
Level 11
Joined
Feb 8, 2020
Messages
734
Trophies
1
Location
England
XP
2,518
Country
United Kingdom
raxadian said:
Basically any PS2 to PS4 game disc whose PS2 version has a know exploit could work and technically any PS2 to PS4 game whose save can be hacked on a hacked PS4 could work, but that would take more effort.
Click to expand...
It's not that any PS2 game on the PS4/5 can. Those save systems must have some sort of programming error in them that allows loading in more data than the buffer set aside for it in memory. But security in stuff like this wasn't exactly too high so there's always a chance there is something in a game on a disc that runs in this emulator which would allow permenant access to a userland exploit. There are also more entry points than the save files, but save files are easy to work with so they're preferred.
 
  • Like
Reactions: raxadian and hausa51

Site & Scene News

Go to forum More news

Popular threads in this forum

Homebrew game  Amazing trainers for Assassins Creed Valhalla and WWE 2k23.. Check out the videos!

Hacking  ps4 firmware 7.0 no bd how to use the exploit???

Ps4 phat HDD not detected

Feedback  I can't transfer saves to USB

Early Build of Mortal Kombat Returns ported to PS4

My DS4 does not blink orange when plugged into my laptop.

Need a config for Simpsons Road Rage on PS2-FPKG

Beat 'Em & Eat 'Em: RediXXX - A PS4 remake of the 1982 Atari 2600 Classic

General chit-chat
Help Users
  • K3Nv2 @ K3Nv2:
    How do you know if the night will be good when you're asleep
  • BakerMan @ BakerMan:
    because i didn't say i was asleep
  • BakerMan @ BakerMan:
    i said i was sleeping...
  • BakerMan @ BakerMan:
    sleeping with uremum
  • K3Nv2 @ K3Nv2:
    Even my mum slept on that uremum
  • TwoSpikedHands @ TwoSpikedHands:
    yall im torn... ive been hacking away at tales of phantasia GBA (the USA version) and have so many documents of reverse engineering i've done
  • TwoSpikedHands @ TwoSpikedHands:
    I just found out that the EU version is better in literally every way, better sound quality, better lighting, and there's even a patch someone made to make the text look nicer
  • TwoSpikedHands @ TwoSpikedHands:
    Do I restart now using what i've learned on the EU version since it's a better overall experience? or do I continue with the US version since that is what ive been using, and if someone decides to play my hack, it would most likely be that version?
  • Sicklyboy @ Sicklyboy:
    @TwoSpikedHands, I'll preface this with the fact that I know nothing about the game, but, I think it depends on what your goals are. Are you trying to make a definitive version of the game? You may want to refocus your efforts on the EU version then. Or, are you trying to make a better US version? In which case, the only way to make a better US version is to keep on plugging away at that one ;)
  • Sicklyboy @ Sicklyboy:
    I'm not familiar with the technicalities of the differences between the two versions, but I'm wondering if at least some of those differences are things that you could port over to the US version in your patch without having to include copyrighted assets from the EU version
  • TwoSpikedHands @ TwoSpikedHands:
    @Sicklyboy I am wanting to fully change the game and bend it to my will lol. I would like to eventually have the ability to add more characters, enemies, even have a completely different story if i wanted. I already have the ability to change the tilemaps in the US version, so I can basically make my own map and warp to it in game - so I'm pretty far into it!
  • TwoSpikedHands @ TwoSpikedHands:
    I really would like to make a hack that I would enjoy playing, and maybe other people would too. swapping to the EU version would also mean my US friends could not legally play it
  • TwoSpikedHands @ TwoSpikedHands:
    I am definitely considering porting over some of the EU features without using the actual ROM itself, tbh that would probably be the best way to go about it... but i'm sad that the voice acting is so.... not good on the US version. May not be a way around that though
  • TwoSpikedHands @ TwoSpikedHands:
    I appreciate the insight!
  • The Real Jdbye @ The Real Jdbye:
    @TwoSpikedHands just switch, all the knowledge you learned still applies and most of the code and assets should be the same anyway
  • The Real Jdbye @ The Real Jdbye:
    and realistically they wouldn't

    be able to play it legally anyway since they need a ROM and they probably don't have the means to dump it themselves
  • The Real Jdbye @ The Real Jdbye:
    why the shit does the shitbox randomly insert newlines in my messages
  • Veho @ Veho:
    It does that when I edit a post.
  • Veho @ Veho:
    It inserts a newline in a random spot.
  • The Real Jdbye @ The Real Jdbye:
    never had that i don't think
  • Karma177 @ Karma177:
    do y'all think having an sd card that has a write speed of 700kb/s is a bad idea?
    trying to restore emunand rn but it's taking ages... (also when I finished the first time hekate decided to delete all my fucking files :wacko:)
  • The Real Jdbye @ The Real Jdbye:
    @Karma177 that sd card is 100% faulty so yes, its a bad idea
  • The Real Jdbye @ The Real Jdbye:
    even the slowest non-sdhc sd cards are a few MB/s
  • Psionic Roshambo @ Psionic Roshambo:
    https://www.youtube.com/watch?v=SjCivnt5t50
  • Karma177 @ Karma177:
    @The Real Jdbye it hasn't given me any error trying to write things on it so I don't really think it's faulty (pasted 40/50gb+ folders and no write errors)
    Karma177 @ Karma177: @The Real Jdbye it hasn't given me any error trying to write things on it so I don't really...