Toggle sidebar

Hacking Did flow just release?

  • Thread starter Thread starter Deleted User
  • Start date Start date
  • Views Views 13,270
  • Replies Replies 46
susi91 said:
Seems that guy got about 75k in total from sony :wtf:

https://hackerone.com/oct0xor
Click to expand...

He had three vulnerabilities (1 high & 2 medium) out of his bluray talk, when he was invited to the bug bounty.
The $40,000 one was in the first three & the other two were lower amounts, so I'm going to say that is probably from that.

I look forward to more talks. The $25,000 one 4 months ago sounds like it might be kinda fun.
 
Last edited by smf,
  • Like
Reactions: susi91
The 40k one had to have led to a full blown JB.
Got a feeling that this xploit might have been 1 of a few and may still have an xploit that can be taken over to the PS5.
 
dannyb1 said:
The 40k one had to have led to a full blown JB.
Got a feeling that this xploit might have been 1 of a few and may still have an xploit that can be taken over to the PS5.
Click to expand...

The high value exploit, that he was invited to the bug bounty around that time for, led to code execution on the ps3 & ps4 bluray drive, probably ps5 too. While optical discs are so 20 years ago, I'm sure if you could mod a ps5 drive and burn discs then it would cause sony a lot of problems.

If those first three are not then not only did they omit adding the three from the video, but he had another high value one up his sleeve.
 
Last edited by smf,
  • Like
Reactions: dannyb1
can someone enlighten me to what that bounty thing exactly is?
Does sony offer money to hackers to hand them over bugs they've found ?

what for is that, so that the hackers that found the bugs don't release it to the public etc.?
 
leonmagnus99 said:
can someone enlighten me to what that bounty thing exactly is?
Does sony offer money to hackers to hand them over bugs they've found ?

what for is that, so that the hackers that found the bugs don't release it to the public etc.?
Click to expand...
Yes, roughly. In this case, for example, Sony paid theflow to tell them the bug first, rather than release it to the public before Sony knew about it. This way it's fixed in current firmware versions, so its usefulness is limited to a significantly smaller number of consoles, rather than being made available to every PS4, and Sony then pushing out a fixed firmware and hoping most people will update rather than stay on the vulnerable version for piracy lols.
 
  • Like
Reactions: leonmagnus99
hippy dave said:
Yes, roughly. In this case, for example, Sony paid theflow to tell them the bug first, rather than release it to the public before Sony knew about it. This way it's fixed in current firmware versions, so its usefulness is limited to a significantly smaller number of consoles, rather than being made available to every PS4, and Sony then pushing out a fixed firmware and hoping most people will update rather than stay on the vulnerable version for piracy lols.
Click to expand...
damn, hmm i think if pirates had made 'theflow' an offer of 20k we would have had it up to the latest huh? xD
 

Site & Scene News

Go to forum More news

Popular threads in this forum

PS4 JB 13.50

Misc  Is there any way to restore the original (pre FW 4.0) PS4 Default Theme?

ROM Hack  Resident Evil 3-1.05 update request

Storage of PS4 controllers?

Gaming  Far Cry 3 Classic Edition PS4

Primary and secondary address 5.05