PS Vita Exploit via Webkit
-
I don’t know if any of you are still up to date with the PlayStation handheld hacking but very recently the Vita has had a proof of concept hack released. The native exploit is within Webkit that is used by the Vita.
Earlier this week, Davee released a proof of concept Native exploit within Webkit for the Playstation Vita. The code would only work on firmware 2.60, but with the implicit promise that firmwares up to 3.18 included are vulnerable.
I’m not entirely clued up on the PS Vita hacking scene but I do read bits and bobs from various tweets and websites. There has been a half byte loader out for a while but that was run on the PSP emulation side of things.
If you do have a Vita and want to know if it is vulnerable or not you can test it by visiting these links:
http://www.lolhax.org/vita.htm
http://wololo.net/v/webkit/vita.htmUnfortunately if you have upgraded to 3.30 then your vita will not be vulnerable to this exploit.
For more information - http://wololo.net/2014/10/19/vita-hack-proof-of-concept-code-updated-to-support-up-to-firmare-3-18-and-credits/
-
Modern hacking is crazy shit.
You have to piece together your exploits from bits of code that already exist on the system. And on top of that, most of those bits of code will move around between successive runs of your apps/games/programs (Kind of like DMA, but harder to track).
The reason this works is because the web browser has special exceptions to have static addresses (i.e. ASLR is turned off)
On another note. Davee also released a ROP tool to help other hackers find the bits of code to use to write more exploits.
Pretty cool stuff if you ask me.
-
There is also a webkit exploit for the PS4!
Some crazy hacking going down.Time to get a PS4?
-
A blog post on using the exploit for arbitrary code exec.
-
Nice update.
Looks like this exploit may work out to be something good.
