Hacking PS4 Security Analysis and Question

IndieDeveloper

IndieDeveloper

Active Member
OP
Newcomer
Level 1
Joined
Mar 1, 2020
Messages
25
Trophies
0
Age
34
XP
77
Country
Italy
Hey dudes, questions are being asked about the security of PS4 ( in my mind ). Given that PS4 uses ARM Truszone for memory security, probably key protection too and checking boot-chain after bootrom sets it up.
No one has ever tried to looking what is running on the same security level to see what is possible to do, without go in against hardware security.
With a little research you can see that ARM truszone is also used in IOS systems for kernel r/w.
Ideas ?
 
Last edited by IndieDeveloper,
B

Bergot

Well-Known Member
Member
Level 7
Joined
May 8, 2017
Messages
159
Trophies
0
Age
44
XP
1,153
Country
United States
IndieDeveloper said:
Hey dudes, questions are being asked about the security of PS4 ( in my mind ). Given that PS4 uses ARM Truszone for memory security, probably key protection too and checking boot-chain after bootrom sets it up.
No one has ever tried to looking what is running on the same security level to see what is possible to do, without go in against hardware security.
With a little research you can see that ARM truszone is also used in IOS systems for kernel r/w.
Ideas ?
Click to expand...
Dude, the ps4 scene have the most talented people out there who meddle with exploit..but none of them are willing to release a kexploit to Sony patch it in a few hours or days...wait for the EOL of the console or wait theflow to release a kexploit for a patched firmware ( 6.20..) the current firmware will never have a kex at the moment....
 
Last edited by Bergot,
IndieDeveloper

IndieDeveloper

Active Member
OP
Newcomer
Level 1
Joined
Mar 1, 2020
Messages
25
Trophies
0
Age
34
XP
77
Country
Italy
Bergot said:
Dude, the ps4 scene have the most talented people out there who meddle with exploit..but none of them are willing to release a kexploit to Sony patch it in a few hours or days...wait for the EOL of the console or wait theflow to release a kexploit for a patched firmware ( 6.20..) the current firmware will never have a kex at the moment....
Click to expand...
what does this have to do with my "question/doubt" ? it's a speech about ps4 security, your answer has absolutely nothing to do with ^^
 
IndieDeveloper

IndieDeveloper

Active Member
OP
Newcomer
Level 1
Joined
Mar 1, 2020
Messages
25
Trophies
0
Age
34
XP
77
Country
Italy
Bergot said:
ok..if you think that nobody has thought about what you said..you are being naive..
Click to expand...
no, I'm not naive.
It may be that no one has thought this, since the PS4 scene as an entry point only exploits the webkit (publicly, privately I do not know what and who has uses )
 
M

MostlyUnharmful

Well-Known Member
Member
Level 8
Joined
Feb 8, 2018
Messages
410
Trophies
0
Age
42
XP
1,446
Country
Italy
IndieDeveloper said:
It may be that no one has thought this, since the PS4 scene as an entry point only exploits the webkit (publicly, privately I do not know what and who has uses )
Click to expand...

Two years ago the guys behind fail0verflow posted a PoC on how to achieve permanent(?) code execution on Aeolia and Belize (plus an exploit on the HDMI CEC), so I'm aligning with @Bergot on this one. ^__~

Also attacking the browser is easy because usually is someone else doing the legwork, someone showed another WebKit RCE a few weeks ago IIRC.
 
  • Like
Reactions: Bergot, Mo Poge and IndieDeveloper

Site & Scene News

Go to forum More news

Popular threads in this forum

I have a very simple question

Hacking  Docker PPPwn

Should I buy

Early Build of Mortal Kombat Returns ported to PS4

Beat 'Em & Eat 'Em: RediXXX - A PS4 remake of the 1982 Atari 2600 Classic

Hacking Feedback Gaming Others  Need cheat codes for dragon Ball z kakarot fun PlayStation 4

PS4Pro Jailbreaked 6.72 HD to SSD replace

Hacking Others  il2cppdumper

General chit-chat
Help Users
  • K3Nv2 @ K3Nv2:
    Spent like 5 hours on switch one never touched it again
  • Psionic Roshambo @ Psionic Roshambo:
    Sentinel of the stary skies
  • K3Nv2 @ K3Nv2:
    Ds is 20 years old this year
  • Psionic Roshambo @ Psionic Roshambo:
    So MJ no longer wants to play with it?
  • K3Nv2 @ K3Nv2:
    He put it down when the 3ds came out
  • K3Nv2 @ K3Nv2:
    https://youtube.com/shorts/eTlZ0qcSZf4?si=0vpkdIWplaLMFVqv
  • K3Nv2 @ K3Nv2:
    https://youtu.be/40XQ8L9wsCA?si=GzpPBaHQQLU0plt_ Neat
  • SylverReZ @ SylverReZ:
    @K3Nv2, RIP Felix does great videos on the PS3 yellow-light-of-death.
  • Jayro @ Jayro:
    Eventhough the New 3DS XL is more powerful, I still feel like the DS Lite was a more polished system. It's a real shame that it never got an XL variant keeping the GBA slot. You'd have to go on AliExpress and buy an ML shell to give a DS phat the unofficial "DS Lite" treatment, and that's the best we'll ever get I'm afraid.
     +1
  • Jayro @ Jayro:
    The phat model had amazingly loud speakers tho.
     +1
  • SylverReZ @ SylverReZ:
    @Jayro, I don't see whats so special about the DS ML, its just a DS lite in a phat shell. At least the phat model had louder speakers, whereas the lite has a much better screen.
     +1
  • SylverReZ @ SylverReZ:
    They probably said "Hey, why not we combine the two together and make a 'new' DS to sell".
  • Veho @ Veho:
    It's a DS Lite in a slightly bigger DS Lite shell.
     +1
  • Veho @ Veho:
    It's not a Nintendo / iQue official product, it's a 3rd party custom.
     +1
  • Veho @ Veho:
    Nothing special about it other than it's more comfortable than the Lite
    for people with beefy hands.
     +1
  • Jayro @ Jayro:
    I have yaoi anime hands, very lorge but slender.
  • Jayro @ Jayro:
    I'm Slenderman.
  • Veho @ Veho:
    I have hands.
  • Veho @ Veho:
    king-shark-hand.gif
    +1
  • BakerMan @ BakerMan:
    imagine not having hands, cringe
     +1
  • AncientBoi @ AncientBoi:
    ESPECIALLY for things I do to myself :sad:.. :tpi::rofl2: Or others :shy::blush::evil:
  • The Real Jdbye @ The Real Jdbye:
    @SylverReZ if you could find a v5 DS ML you would have the best of both worlds since the v5 units had the same backlight brightness levels as the DS Lite unlockable with flashme
  • The Real Jdbye @ The Real Jdbye:
    but that's a long shot
  • The Real Jdbye @ The Real Jdbye:
    i think only the red mario kart edition phat was v5
  • BigOnYa @ BigOnYa:
    A woman with no arms and no legs was sitting on a beach. A man comes along and the woman says, "I've never been hugged before." So the man feels bad and hugs her. She says "Well i've also never been kissed before." So he gives her a kiss on the cheek. She says "Well I've also never been fucked before." So the man picks her up, and throws her into the ocean and says "Now you're fucked."
    BigOnYa @ BigOnYa: A woman with no arms and no legs was sitting on a beach. A man comes along and the woman says...