One of the PlayStation scene's most notable figures, TheFlow (Andy Nguyen), is back at it again. He's discovered a major exploit that affects not just one PlayStation console, but three. A hackerone report by TheFlow sheds light on five vulnerabilities that range in effectiveness, allowing users to load payloads that can be used to exploit the PlayStation 3, PlayStation 4, and even the PlayStation 5. The exploit is referred to as bd-jb, or the Blu-ray Disc Java Sandbox Escape, and was featured during a panel at this year's hardwear.io security conference.

Below are 5 vulnerabilities chained together that allows an attacker to gain JIT capabilities and execute arbitrary payloads. The provided payload triggers a buffer overflow that causes a kernel panic. Please consider each of the vulnerabilities individually. AFAIK, this is the first exploit chain that is being submitted to you

According to Nguyen's report, a UDF driver can cause an overflow on both the PS4 and the PS5. An exploit chain, aka bd-jb, can then be loaded as the payload as a burned Blu-ray disc. The hack, in summary, will allow users to burn physical discs of game backups, and then play them on their consoles. This affects PlayStation 4 consoles below OFW 9.50, and PlayStation 5 systems that are below OFW 5.0.

With these vulnerabilities, it is possible to ship pirated games on bluray discs. That is possible even without a kernel exploit as we have JIT capabilities.

bd-jb: Blu-ray Disc Java Sandbox Escape affecting PS3, PS4, PS5. My talk at @hardwear_io will be uploaded in a few weeks. #hardwear_io https://t.co/gVs03Ie46q

— Andy Nguyen (@theflow0) June 10, 2022

TheFlow's panel that discusses the exploit in detail will be uploaded in "a few weeks". The full hackerone report and all of its technical details can be read about below.

Following the initial report, TheFlow made an update to his claims.

I wanted to clarify: Without a kernel exploit, you won't be able to run any pirated games (which would have worked on the PS4 only anyways), because we don't have enough RAM in the bd-j process and there are some other constraints. It was only a theoretical impact.

— Andy Nguyen (@theflow0) June 11, 2022

Source

 

[UnderJinx]

Nice..

 

[Kaein]

Pretty nice news

 

[tommasi]

Question is why did you use BD-RE? Did you test with BD-R?

 

[nikeymikey]

I wonder what FW my PS5 is on. I've had it for months and never taken it out of the box yet. Haha.

Yep, me too

And me!!

If he releases the exploit. The scene will be back on fire. Backup disks market will be alive again in a lot of countries!!

Exploit is already released, just no proof of concept.

 

[Purple_Shyguy]

Holy shit

 

[leon315]

BUYING A PS5 ASAP

From voltures.

 

[Colossus90]

Damn, he did it again.

 

[raxadian]

So this means I can hack my unhackable PS3 slim?

 

[chocoboss]

So this means I can hack my unhackable PS3 slim?

This mean we will probably able to launch backup directly ( from blu-ray) or launch cfw from blu-ray

Time to buy a super-slim

 

[K3Nv2]

yeah still impossible to find a PS5 right now in singapore for example

I'm sure scalpers are still willing to work with people.

 

[mathew77]

PS5 cracked.. So nice, so good.

 

[MasterJ360]

I swear I love this man. Hes a hero to the scene regardless what ppl think or say.

 

[PatrickD85]

Well that was kinda unexpected, but cool .. let's monitor this development and see what comes from it.

 

[codezer0]

So this works for bd games on PS3 as well?

Also, considering it's still impossible to even source a PS5, I fully expect Sony to block this exploit on those as quickly (and sneakily) as possible.

 

[Esdeath]

Wow, going back to burned game discs, classy. Ngl, this is hella nostalgic

 

[AngryCinnabon]

I had to update my PS5 because my family uses it (which I respect because they helped buy it.) But this is still really awesome!

 

[Marc_LFD]

I wonder what FW my PS5 is on. I've had it for months and never taken it out of the box yet. Haha.

It's not connected to the internet so you're safe it didn't automatically update.

Most sellers selling their PS4 or PS5 think having the latest firmware is a good idea. It actually devalues if a buyer is looking for a specific FW.

 

[Marc_LFD]

If he releases the exploit. The scene will be back on fire. Backup disks market will be alive again in a lot of countries!!

I guess people will be selling backup copies of PS5 games now. Good to be back to the PS1 and PS2 days.

You fellas not thinking they'll sell on eBay, right? Because those listings would be taken down due to being piracy.

Welp Blue ray drives are either 25gb or 50gb(super expensive). What games will fit there?

PS5 may use a mix of BD25/BD50 (number indicates the amount of GBs), but it's advertised as using UHD discs which are like 100GB.

good luck finding one that isn't a scalper

Back to burning games on expensive discs and having to buy an expensive UHD Disc Burner? I wouldn't.

 

[Valwinz]

cant wait for them not to release it

 

[MikaDubbz]

cant wait for them not to release it

Man this guy is always such a bummer. Even if your outcome is true, why not let people just be excited for a minute.