PS4 firmware 7.55 exploit revealed by TheFlow

ps4-logo-png.216379
An exploit for the PS4's firmware 7.55 was revealed today by hacking scene member TheFlow. However, it was actually reported back in June 2020 and disclosed only today as TheFlow worked with Sony's HackerOne bounty program to patch this vulnerability. The reported exploit was marked as resolved in October. TheFlow also did similar disclosures with previous exploits he found and helped fix.

The HackerOne page notes that this vulnerability can cause a "fully chained remote attack" when used with a WebKit exploit, steal/manipulate user data and even dump and run pirated games. As such, it could be used together with the Webkit exploit from last December to jailbreak PS4 systems on firmware 7.55. However, no relevant files have been made publicly available regarding the FW 7.55 exploit with today's disclosure.

:arrow: SOURCE
 

Jiehfeng

The One
Member
Joined
Aug 15, 2012
Messages
5,436
Trophies
1
Age
20
Location
netti netti.
Website
www.youtube.com
XP
5,991
Country
Sri Lanka
well, he found an exploit, gained some cash by reporting it to Sony and even managed to disclose it (later, but if you didn't update your system beyond that FW, you're still good) and the scene can work with that info

Yeah good point, it still exists so it doesn't matter, hadn't thought of it that way.
 

godreborn

Well-Known Member
Member
Joined
Oct 10, 2009
Messages
24,232
Trophies
1
XP
15,318
Country
United States
not sure if he'll continue to work on the ps4. this exploit was disclosed about three months ago to sony iirc. until yesterday, it didn't mention what the exploit was, but there hasn't been anything ever sense. afaik, theflow can choose to disclose or not to disclose, so I think he's the reason we have this information now. he may have had to wait, because according to the disclosure agreement, so much time has to have elapsed. and, it's been patched, so no real harm to sony.

anyway, theflow said he was leaving the ps4 scene. he left and found a new exploit for the vita called henlo, which no one seems to know exists other than wololo. playstationhax is what pissed him and why he quit. it's due to the admin saying he sold his soul for disclosing this info to sony, but who the hell would turn down the potential for $50,000? if you have the skills, go for it. it's a win win since he can disclose the exploit, just as long as a reasonable amount of time has passed and he still gets the money.
 

SonyUSA

We're all mad here
Editorial Team
Joined
May 12, 2006
Messages
1,637
Trophies
1
XP
4,617
Country
United States
Another potential end-of-life exploit ruined. I hope he enjoyed his good-boy pats on the head from Sony.

You're mad at him because you can't steal software that requires the latest firmware? Homebrew hasn't changed and doesn't require higher firmware versions, and there are tons of available <8.0 consoles out there to buy cheap.
 

CanIHazWarez

Well-Known Member
Member
Joined
Jan 21, 2016
Messages
339
Trophies
0
Age
30
XP
952
Country
United States
You're mad at him because you can't steal software that requires the latest firmware?
I already have an exploitable system (that I paid through the nose for). What I care about are people just getting into the scene who could have gotten any cheap used system or black Friday deal, who now have to scour the Internet in hopes of finding a rare, overpriced system that's under a certain firmware. It greatly increases the barrier to entry.
 
Last edited by CanIHazWarez,

Tom Bombadildo

Dick, With Balls
Editorial Team
Joined
Jul 11, 2009
Messages
14,324
Trophies
1
Age
27
Location
I forgot
Website
POCKET.LIKEITS
XP
17,472
Country
United States
I already have an exploitable system (that I paid through the nose for). What I care about are people just getting into the scene who could have gotten any cheap used system or black Friday deal, who now have to scour the Internet in hopes of finding a rare, overpriced system that's under a certain firmware. It greatly increases the barrier to entry.
So TheFlow should give up $10,000 to give whiny children a better chance at getting free games?

k.
 

godreborn

Well-Known Member
Member
Joined
Oct 10, 2009
Messages
24,232
Trophies
1
XP
15,318
Country
United States
Aye just so happen to have a old ps4 on 7.55 will sale for $1,000 or ps5

I bought my dragon quest metal slime ps4 for around $525 used many years ago. this was before any exploit existed above 1.76. it's currently on 5.05. the only thing missing from this used system was the theme, but a friend found the god link to it, and I made a fix. it's currently installed on my system, and it remains installed even without hen (I found a way to keep them fixed even when changing themes somehow). anyway, that system was marked down from $800, since it's a limited edition, Japanese system. the game voucher still worked which I dumped later on 4.55.
 
  • Like
Reactions: Deleted User

KennieDaMeanie

Village Idiot
Member
Joined
May 26, 2013
Messages
758
Trophies
1
Age
30
XP
1,817
Country
United States
I bought my dragon quest metal slime ps4 for around $525 used many years ago. this was before any exploit existed above 1.76. it's currently on 5.05. the only thing missing from this used system was the theme, but a friend found the god link to it, and I made a fix. it's currently installed on my system, and it remains installed even without hen (I found a way to keep them fixed even when changing themes somehow). anyway, that system was marked down from $800, since it's a limited edition, Japanese system. the game voucher still worked which I dumped later on 4.55.

I could've sworn mine was on an older update at some point but must've upgraded thinking well, looks like we wont see any exploits may as well use it in the living room.
 
General chit-chat
Help Users
    KennieDaMeanie @ KennieDaMeanie: Taste buds are a bitch imagine vomit tasting like the same food you just ate everyone would be...