What can we do ?

Discussion in 'PS4 - Hacking & Homebrew' started by Ohad1th, Apr 1, 2016.

  1. Ohad1th

    Ohad1th GBAtemp Regular

    Jul 23, 2015
    So I was just scrolling gbatemp and I saw this PS4 Hacking forum
    What can we actually do as of now ?
    probebly not download games lol but are there anything good we can do ? any good hacker to follow ?
    new here any development on anything ? I'm currently on the latest version on my PS4
    Margarine67 likes this.
  2. mech

    mech ♥️♥️♥️♥️♥️♥️♥️♥️

    Oct 26, 2014
    1.76 has private-ish kernel and web exploits
    3.15 has web exploit.

    Few in between also have web exploits.
  3. azoreseuropa

    azoreseuropa GBAtemp Guru

    Nov 6, 2002
    Proud to be Portuguese but I am in USA.
    Yes, mech is correct. By the way, for the more information following at:

    The trust is: wololo, psx-scene, ps4hax, and ps3hax. Google those. I used them for a long time. Enjoy!
    Last edited by azoreseuropa, Apr 1, 2016
  4. CTurt

    CTurt Advanced Member

    May 3, 2015
    Publicly for 1.76 there is a WebKit exploit in the browser and 2 kernel exploits. The kernel exploits work a few versions above 1.76 but there is no public WebKit exploit to use them with.

    If you are on 1.76 you can boot Linux right now without needing to compile or host anything yourself; it's as simple as placing 2 files on a FAT32 USB and visiting the live demo of PS4-playground.

    No developers that I've ever spoken to have shown interest in running pirated games, so I wouldn't expect this to happen for a fairly long time.

    For later firmwares there is little you can do unless you are a developer. You can run ROP chains in web apps which are statically compiled to outdated versions of WebKit, which is enough to test whether they are vulnerable to most kernel exploits, and you can do a few other things. These apps don't have permission to use the JIT system calls so they can't be used for full code execution unless you want to trigger a full kernel exploit with just ROP which is pretty hardcore (very difficult to do multi threading for example).

    There are plenty of WebKit bugs which could be used to exploit the browser on the latest firmware for arbitrary code execution (http://webkitgtk.org/security/WSA-2016-0002.html http://webkitgtk.org/security/WSA-2016-0003.html) however the WebKit team won't publicly publish the details of these bugs, but they could be found by manually going through thousands of WebKit commits if you wanted.

    Generally I wouldn't expect anything for latest firmware to be released until it has been patched though.

    In terms of developers to follow, there's myself (http://twitter.com/CTurtE), who was first to publicly announce both kernel exploits, and I've published articles documenting them on my site (http://cturt.github.io/ps4-3.html and http://cturt.github.io/dlclose-overflow.html). But I don't have much interest in the PS4 at the moment. There's also kR105 (http://twitter.com/kr105rlz) who wrote most of the public Linux boot loader. Most other developers tend to prefer to work privately, so I won't add them here, but I've found wololo.net to be by far the most accurate site for PS4 hacking news which you should follow if you don't want to miss anything.

    I hope this answered all of your questions.
    Last edited by CTurt, Apr 3, 2016
  5. brickmii82

    brickmii82 GBAtemp Advanced Fan

    Feb 21, 2015
    United States
    Anyone else think this should be stickied FFR, til further progress is made?

    @CTurt nice work sir.
  6. ShinyGengar001

    ShinyGengar001 Member

    Mar 1, 2016
    Hey guys,

    Quick question instead of updating my ps4 to go on the ps store. Can i use the app on my phone to trigger the download then go on my console for it to finish without updating. ( of course i know some games require higher ofw to play )

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice