PS4 Webkit Bad_Hoist 6.72 dumps

[viggen66]

Dear all,

Does anyone of you has the dumps of the webkit and respective libs from firmware 6.72, there was a link with those dumps but unfortunately the link is dead

https://www.sendspace.com/file/zun94b

Thanks

 

[KiiWii]

@viggen66 I’ve asked on discord for you, I’m sure someone has it archived somewhere

 

[viggen66]

@viggen66 I’ve asked on discord for you, I’m sure someone has it archived somewhere

Thanks, hopefully someone has it on a backup hdd stored there forgotten hehe

 

[godreborn]

I just asked as well on discord.

 

[viggen66]

Thanks u all

 

[godreborn]

I think libkernel and libc are part of openorbis iirc. they're a header file though, so I think it's libkernel.h and libc.h:

 

[viggen66]

Hopefully these files, which were included on dumps_672.7z

gadgets.txt
libc.bin
libc.elf
libc-gadgets.txt
libkernel.bin
libkernel.elf
syscalls.txt
webkit-gadgets.txt
webkit.bin
webkit.elf

 

[godreborn]

unfortunately, I can't try to compile it with the source code, since no source code is actually provided. I know of this: https://github.com/ChendoChap/ps4-ipv6-uaf/tree/6.70-6.72

it has the files before .bin, but no source code. the source code supplied is just the same files.

 

[viggen66]

I was looking for dumps of WebKit, libc & libkernel from fw 6.72

 

[godreborn]

I got a message from alazif:

if they are doing something with it just have them dump it themselves
[2:36 PM]
or have one of their testers dump it

godreborn — Today at 2:37 PM
I'm not sure how to do that. uart?

AlAzif — Today at 2:37 PM
dump via webkit
[2:38 PM]
using the exploit

godreborn — Today at 2:38 PM
is there a payload that does that or what should I be using? I'm assuming he's on 6.72.

AlAzif — Today at 2:40 PM
like you gotta dump memory with the 6.72 webkit exploit
[2:40 PM]
or just ftp and dump libc, libkernel_web, and libscewebkit2
[2:40 PM]
and that'll get you the bins at least
[2:40 PM]
decrypted, not dumped though

godreborn — Today at 2:41 PM
I think he wants the webkit.bin specifically.

AlAzif — Today at 2:41 PM
I'm actually unsure why there are both bins/elfs (edited)
[2:41 PM]
what are they trying to do?

godreborn — Today at 2:41 PM
not sure. they didn't specify

AlAzif — Today at 2:41 PM
may be a huge shortcut that no one is pointing out
[2:41 PM]
because no one knows what the goal is

 

[godreborn]

she wants to know what the end goal is to help better.

 

[godreborn]

yep, they're here, and they should be decrypted when you ftp them. the names won't change, but if you lump the files into a hex editor, you'll see there's no header, just elf:

 

[godreborn]

okay, I got a bit more info. the elf is the header. that's how you know it's decrypted (should show elf first). here's what an encrypted file looks like, LM calls it "file magic:"

 

[godreborn]

https://en.m.wikipedia.org/wiki/Magic_number_(programming)

 

[viggen66]

These files are need to compile jb.js, want to keep them

 

[godreborn]

These files are need to compile jb.js, want to keep them

 

[viggen66]

Where can I find this discord channel you use?

 

[godreborn]

Where can I find this discord channel you use?

I'm not at my pc atm.

 

[KiiWii]

@viggen66 did you get what you need?

If not let me know.

 

[viggen66]

Yesterday asked the original author control_execute to upload again the files, he was so pleasant and send me two links, which Im so grateful, but it was not dumps of the files, I think it was ftp of files which are decrypted.

Already tried to run sleirsgoevy bad_hosts on a Linux environment, connected to a 6.72 machine, it says I have to connect via port 8080 to the IP of the computer alright direct lan connect

As direct connect you have to have a static IP

Linux 192.168.1.101
Subnet 255.255.255.0

Ps4 192.168.0. 100
Subnet 255.255.255.0

Both default getaway 192.168.1.1

Configured custom dns on ps4 to go to 192.168.1.100,

And the Linux pc can't recognize the network, also after run badhost script it says you have to go to the pc IP to port 8080

Went to ps4 webkit 192.168.1.100:8080

Doesnt work, but somehow after some time and randomly I get a CE-36329-3 error on PS4, which is a software error related to the ps4 operating system.