PT-2026-45816

Name of the Vulnerable Software and Affected Versions PlayStation 4 firmware versions 13.00 through 13.02 Description A privilege escalation issue allows the BD-J Blu-ray Disc Java sandbox to be escaped via a malformed JAR file. Recommendations At the moment, there is no information about a newer...

Sony Playstation 4 Use-After-Free

A use-after-free vulnerability exists in Sony Playstation 4. Successful exploitation of this vulnerability could allow a remote attacker to execute arbitrary code on the affected system...

Sony Playstation 4 (PS4) < 6.72 - 'ValidationMessage::buildBubbleTree()' Use-After-Free WebKit Code Execution (PoC)

const OFFSETELEMENTREFCOUNT = 0x10; const OFFSETJSABVIEWVECTOR = 0x10; const OFFSETJSABVIEWLENGTH = 0x18; const OFFSETLENGTHSTRINGIMPL = 0x04; const OFFSETHTMLELEMENTREFCOUNT = 0x14; const LENGTHARRAYBUFFER = 0x8; const LENGTHSTRINGIMPL = 0x14; const LENGTHJSVIEW = 0x20; const...

CMAF... This is the Way

Optimize your streaming content catalog The debate is over. Common Media Application Format CMAF has delivered on its promise: one package to serve them all. Two of the highest profile direct-to-consumer DTC streaming service launches recently made the leap, validating that the time has come for...

Sony Playstation 4 (PS4) < 7.02 / FreeBSD 9 / FreeBSD 12 - Kernel Local Privilege Escalation

Sony Playstation 4 PS4 include include include include include include include define KERNEL include undef KERNEL define WANTFILE include include include include include define WANTSOCKET include include define WANTINPCB include include include // define FBSD12 define ELFMAGIC 0x464c457f define...

Sony Playstation 4 (PS4) &lt; 7.02 / FreeBSD 9 / FreeBSD 12 - &#039;ip6_setpktopt&#039; Kernel Local Privilege Escalation (PoC)

/ FreeBSD 12.0-RELEASE x64 Kernel Exploit Usage: $ clang -o exploit exploit.c -lpthread $ ./exploit / include include include include include include include include define KERNEL include undef KERNEL define WANTFILE include include include include include define WANTSOCKET include include define...

Sony Playstation 4 Webkit Code Execution

/ badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older firmware versions, but I am not sure. Bug was fixed in firmware 7.00. EDB Note Download:...

Sony Playstation 4 (PS4) < 6.72 - WebKit Code Execution Exploit

Exploit for hardware platform in category web applications / Sony Playstation 4 PS4 6.72 - WebKit Code Execution Exploit badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older...

Sony Playstation 4 (PS4) &lt; 6.72 - WebKit Code Execution (PoC)

/ badhoist ============ Exploit implementation of CVE-2018-4386. Obtains addrof/fakeobj and arbitrary read/write primitives. Supports PS4 consoles on 6.XX. May also work on older firmware versions, but I am not sure. Bug was fixed in firmware 7.00. EDB Note Download:...

Hacking microcontroller firmware through a USB

In this article, I want to demonstrate extracting the firmware from a secure USB device running on the Cortex M0. Who hacks video game consoles? The manufacture of counterfeit and unlicensed products is widespread in the world of video game consoles. It's a multi-billion dollar industry in which...

SonyPlaystation 4 (PS4) < 6.20 - WebKit Code Execution Exploit

Exploit for hardware platform in category local exploits...

Sony Playstation 4 (PS4) 6.20 - WebKit Code Execution (PoC)

Sony Playstation 4 PS4 6.20 - WebKit Code Execution PoC PS4 6.20 WebKit Code Execution PoC ============== This repo contains a proof-of-concept PoC RCE exploit targeting the PlayStation 4 on firmware 6.20 leveraging CVE-2018-4441. The exploit first establishes an arbitrary read/write primitive as...

Sony Playstation 4 (PS4) &lt; 6.20 - WebKit Code Execution (PoC)

PS4 6.20 WebKit Code Execution PoC ============== This repo contains a proof-of-concept PoC RCE exploit targeting the PlayStation 4 on firmware 6.20 leveraging CVE-2018-4441. The exploit first establishes an arbitrary read/write primitive as well as an arbitrary object address leak in wkexploit.j...

You can now run Windows 95 on your Mac, Linux and Windows 10 devices

By Carolina The maximum RAM that Windows 95 consumes within Windows 10 is just 200 MB. We have seen hackers doing wonders like hacking PlayStation 4 to run PS2 emulation or homebrew software, hacking Android-compatible Google Daydream VR Controller to run on iOS or run Linux OS on Nintendo Switch...

SonyPlaystation 4 ( #PS4 ) 5.07 - #Jailbreak #WebKit / bpf v2 Kernel Loader Exploit

Exploit for hardware platform in category local exploits PS4 5.05 Kernel Exploit --- Summary In this project you will find a full implementation of the second "bpf" kernel exploit for the PlayStation 4 on 5.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking and...

Sony Playstation 4 (PS4) 5.1 - Kernel (PoC)

Sony Playstation 4 PS4 5.1 - Kernel PoC log"--- trying kernel exploit --"; function mallocsz var backing = new Uint8Array0x10000+sz; window.nogc.pushbacking; var ptr = p.read8p.leakvalbacking.add320x10; ptr.backing = backing; return ptr; function malloc32sz var backing = new Uint8Array0x10000+sz4...

Sony Playstation 4 (PS4) 5.07 - Jailbreak WebKit bpf v2 Kernel Loader

Sony Playstation 4 PS4 5.07 - Jailbreak WebKit bpf v2 Kernel Loader PS4 5.05 Kernel Exploit --- Summary In this project you will find a full implementation of the second "bpf" kernel exploit for the PlayStation 4 on 5.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking an...

Sony Playstation 4 (PS4) 5.1 - Kernel (PoC)

log"--- trying kernel exploit --"; function mallocsz var backing = new Uint8Array0x10000+sz; window.nogc.pushbacking; var ptr = p.read8p.leakvalbacking.add320x10; ptr.backing = backing; return ptr; function malloc32sz var backing = new Uint8Array0x10000+sz4; window.nogc.pushbacking; var ptr =...

Sony Playstation 4 (PS4) 5.07 - &#039;Jailbreak&#039; WebKit / &#039;bpf v2&#039; Kernel Loader

PS4 5.05 Kernel Exploit --- Summary In this project you will find a full implementation of the second "bpf" kernel exploit for the PlayStation 4 on 5.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This exploit also contai...

Sony Playstation 4 (PS4) 4.55 < 5.50 - WebKit Code Execution (PoC) Exploit

Exploit for hardware platform in category local exploits window.didload = 0; window.didpost = 0; window.onload = function window.didload = 1; if window.didpost == 1 window.stage2; window.postExpl = function window.didpost = 1; if window.didload == 1 window.stage2; function makeid var text = ""; v...