Thread: PS5 thread
View Single Post
Old 29-07-2022, 00:57   #257
Qtx
CF's Worst Nightmare
 
Join Date: May 2012
Location: Probably outside the M25
Services: Sky Fibre Unlimited 40/10
Posts: 3,473
Qtx has a bronzed appealQtx has a bronzed appeal
Qtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appealQtx has a bronzed appeal
Re: PS5 thread

Quote:
Originally Posted by SnoopZ View Post
What does the exploit allow you to do?
A full kernel exploit basically gives you full control of the system so you can do anything you want as you have bypassed all the protection. Run any code you want that isn't cryptographically signed. On the PS4 it has opened up loading up linux on it, people have coded all sorts of tools, built in cheats menus you can bring up in games for extra ammo and stuff in singleplayer games, a homebrew media player which plays most video files direct from the hard drive, the ability to play 'backup' games and some lan networking stuff has been done too if I remember correctly.

A guy has shown a full exploit chain with kernel exploit on the PS5 and told Sony via Hackerone/a bug bounty so has got paid for showing them the vulnerability but has not made it public. So others are now trying to reproduce it themselves with the little knowledge they have on it, so its just a matter of time.

He also showed a vulnerability for a userland exploit with sandbox escape which is the first part before the full kernel exploit. Instead of it being a webkit/web browser exploit like most before, it uses the Java implementation used in bluray players for menus and interactive dvd/bluray games of which the PS3/PS4/PS5 all support and are vulnerable. That has already been reversed and is being used to dump files and information from the PS5, so things are moving along nicely. But these exploits won't work after 4.03 firmware.

The Bluray java exploit just needs a specially burnt bluray disk. The PS4 also has an exploit for firmware 9 which uses a specially formatted USB. Its great seeing these new novel attack methods. The PS5 is a lot harder to get a working exploit due to the security at level. Again its a matter of time in a similar way to how windows introduced things like memory address randomisation so exploits couldn't predicts where usable code was in memory to use but exploit writers have different ways to get around those.

Technical details of exploits here: https://hackerone.com/reports/1379975

Apologies for the nerd out...these things interest me and I probably have more fun fiddling with things than playing games :P

Last edited by Qtx; 29-07-2022 at 01:16.
Qtx is offline   Reply With Quote