New Webkit Exploit Found for Vita/Ps4 ...

Discussion in 'PS Vita - Hacking & Homebrew' started by Xplic1T, Apr 22, 2015.

  1. Xplic1T
    OP

    Xplic1T GBAtemp Regular

    Member
    173
    55
    May 26, 2006
    ... you can see where I'm going with this.

    Credit goes to Wololo.net but maybe this can aid some with Wii U hacking.

    http://wololo.net/2015/04/22/new-webkit-exploit-found-vita-maybe-playstation-4/

    "Today, we got some interesting news about a new vulnerability on Webkit of Vita and possibly Playstation 4. Unfortunately it is patched on Vita 3.50 firmware but it is still good news for people on 3.3x firmwares.
    It is not unlikely to have code execution from the Webkit exploits on game consoles. There is already several code execution methods through Webkit on 3DS and there is an announced kernel exploit for Wii-U again through Webkit. Of course every handheld/console has a different architecture but Webkit seems to have a great potential for exploiting current generation handhelds/consoles.
    It has been about 6 months since we first heard about awebkit exploit for Vita. After that we have seen several applications of it, like the Pong and the Package Installer for webkit. Also there is a lot of progress through Vitasploit. Unfortunately, this webkit vulnerability was patched on 3.30 Vita firmware and 2.00 Playstation 4 firmware.
    [​IMG]
    This new vulnerability works on Vita 3.3x firmwares and possibly on Playstation 4 firmwares up to 2.50, though this exploit on Playstation 4 has not yet been confirmed. Its CVE ID is CVE-2014-1303. Initially discovered by Liang Chen of Keen Team, the exploit has been ported to the Vita by hackerxyz. It is great that now 3.3x Vita firmware users will have a chance too if a native Vita hack arises from Webkit exploits.
    DOWNLOAD
    Here is the Vitasploit ported to this vulnerability for 3.36 firmwares. Expect to see it added to the official repo soon. It will probably be ported to other 3.3x firmwares too.
    Source xyz on /talk you’ll find more info and can say thanks directly to the man."
     

    Attached Files:

  2. Nathan Drake

    Nathan Drake Obligations fulfilled, now I depart.

    Member
    6,192
    2,150
    Jan 2, 2011
    Oh boy. Another webkit exploit that likely won't go anywhere. Prepare the totally unenthusiastic hype train.
     
  3. TotalInsanity4

    TotalInsanity4 GBAtemp Supreme Overlord

    Member
    7,222
    7,304
    Dec 1, 2014
    United States
    Under a rock
    Eh, it's still good to see and possibly utilize.

    Although, Xplic1T, even though this is public news, this probably should have gone straight to either Marionumber1 or Hykem to control possible hyperbolization
     
    BullyWiiPlaza likes this.
  4. NWPlayer123

    NWPlayer123 GBAtemp Addict

    Member
    2,632
    6,232
    Feb 17, 2012
    United States
    The Everfree Forest
    Hykem's already posted about it himself on Twitter :P
     
    TotalInsanity4 likes this.
  5. TotalInsanity4

    TotalInsanity4 GBAtemp Supreme Overlord

    Member
    7,222
    7,304
    Dec 1, 2014
    United States
    Under a rock
    Oh, ok XD then this didn't need to be shared lol
     
  6. dsionr4

    dsionr4 Gbatemp's Shonen Character

    Member
    374
    261
    Mar 14, 2009
    Netherlands
    Space
    Why post in the wrong section?
     
  7. Xplic1T
    OP

    Xplic1T GBAtemp Regular

    Member
    173
    55
    May 26, 2006
    Just thought it could be useful since Nintendo hasn't done an update on the Wii U since December ... this could/should work under 5.3.2
     
  8. raulpica

    raulpica With your drill, thrust to the sky!

    Supervisor
    11,027
    7,348
    Oct 23, 2007
    Italy
    PowerLevel: 9001
    Put it in the correct section (PS Vita) since the fact that this might lead to some Wii U hack is speculation.
     
    TotalInsanity4 and jammybudga777 like this.
  9. SirByte

    SirByte GBAtemp Fan

    Member
    494
    191
    Dec 30, 2012
    Canada
    True... but that is probably more likely than it leading to a full native VITA hack (i.e. outside of the browser space).