wraggster
January 19th, 2020, 14:27
This WebKit exploit, which is based upon a JavaScript vulnerability found as part of Project Zero in 2018 (https://t.co/l7TNuk6ceF), works on Firmwares 6.00-6.72 with Fire30 noting that Sony patched it in Firmware 7.00 meaning that the latest firmware isn’t vulnerable to it.
What does a WebKit exploit mean?http://cdn-0.wololo.net/wagic/wp-content/uploads/2020/01/specterdev_ps4_webkit_exploit_firmware_620-300x104.png (http://wololo.net/wagic/wp-content/uploads/2020/01/specterdev_ps4_webkit_exploit_firmware_620.png)Whi le FW 6.20 has had a public WebKit exploit for a while, a public kernel exploit is needed for a full hacking solution
While the release of a WebKit is exploit, it’s important to keep in mind the following:
WebKit exploits don’t equate to anything tangible like a full/partial hacking solution to the end-user
However, they are useful to developers as entry points in the initial steps of an exploit chain
A kernel exploit is required in order to get the things currently available on FW 5.05/7 or lower
It’s important to note that FW 6.00-6.20 have had a public WebKit exploit, by SpecterDev, since March (http://wololo.net/2019/03/14/ps4-specterdev-releases-webkit-exploit-for-firmware-6-20-a-ray-of-hope-for-6-xx-owners/) and not much came out of that when it comes to end-user functionality
As a result, it’s important to keep in mind that this exploit will not suffice for a full hacking solution but it does give some hope for future PlayStation 4 hacking developments as some interest is still there.
http://wololo.net/2020/01/01/news-fire30-releases-webkit-exploit-for-ps4-fw-6-xx/
What does a WebKit exploit mean?http://cdn-0.wololo.net/wagic/wp-content/uploads/2020/01/specterdev_ps4_webkit_exploit_firmware_620-300x104.png (http://wololo.net/wagic/wp-content/uploads/2020/01/specterdev_ps4_webkit_exploit_firmware_620.png)Whi le FW 6.20 has had a public WebKit exploit for a while, a public kernel exploit is needed for a full hacking solution
While the release of a WebKit is exploit, it’s important to keep in mind the following:
WebKit exploits don’t equate to anything tangible like a full/partial hacking solution to the end-user
However, they are useful to developers as entry points in the initial steps of an exploit chain
A kernel exploit is required in order to get the things currently available on FW 5.05/7 or lower
It’s important to note that FW 6.00-6.20 have had a public WebKit exploit, by SpecterDev, since March (http://wololo.net/2019/03/14/ps4-specterdev-releases-webkit-exploit-for-firmware-6-20-a-ray-of-hope-for-6-xx-owners/) and not much came out of that when it comes to end-user functionality
As a result, it’s important to keep in mind that this exploit will not suffice for a full hacking solution but it does give some hope for future PlayStation 4 hacking developments as some interest is still there.
http://wololo.net/2020/01/01/news-fire30-releases-webkit-exploit-for-ps4-fw-6-xx/