the new PS4 jailbreak is sort of hilarious
543,822
Published 2024-05-17
Exploit: github.com/TheOfficialFloW/PPPwn
Writeup: hackerone.com/reports/2177925
🏫 COURSES 🏫 Learn to code in C at lowlevel.academy/
👕 MERCH 👕 Like the shirt? lowlevel.store/
📰 NEWSLETTER 📰 Sign up for our newsletter at mailchi.mp/lowlevel/the-low-down
🛒 GREAT BOOKS FOR THE LOWEST LEVEL🛒
Blue Fox: Arm Assembly Internals and Reverse Engineering: amzn.to/4394t87
Practical Reverse Engineering: x86, x64, ARM, Windows Kernel, Reversing Tools, and Obfuscation : amzn.to/3C1z4sk
Practical Malware Analysis: The Hands-On Guide to Dissecting Malicious Software : amzn.to/3C1daFy
The Ghidra Book: The Definitive Guide: amzn.to/3WC2Vkg
🔥🔥🔥 SOCIALS 🔥🔥🔥
Low Level Merch!: lowlevel.store/
Follow me on Twitter: twitter.com/LowLevelTweets
Follow me on Twitch: twitch.tv/lowlevellearning
Join me on Discord!: discord.gg/gZhRXDdBYY
All Comments (21)
-
wanna get good at programming? check out lowlevel.academy/ and use code THREADS20 for 20% off lifetime access. or dont. im not a cop
-
This is more normal than what it took to hack the Wii. Which was a figurative and literal, pair of tweezers
-
People who wrote code like that in 2006 had likely been coding since the 80s, or were heavily influenced by those who had been. I've also been writing code since the 80s, though, so I can tell you that by 2006, single letter variable names were frowned upon, but abbreviations like "buff" were still common place.
-
You talk about 2006 like it was a long time ago! Oh no...
-
“You can tell this is from ‘07 because of the variable names” The Go team in complete shambles 😂
-
Dang, now people who bought devices can run their own code on them
-
I'm a little disappointed we didn't get to watch you jailbreak your own ps4/5 with this
-
Please don't give Me a heart attack and call 2006 "20 years ago." It was only 18 years ago.
-
Can't believe the Xbox one ended up being the most impenetrable home console ever created.
-
Wow this entire exploit is like an overview of my reverse engineering course I just took. Everything from creating shellcode, identifying and exploring buffer overflows, creating ropchains, defeating protections like ASLR, and heap exploitation. The only thing that is missing that would make this exploit and entire course overview is fuzzing and creating scripts in binja/ghidra
-
Honestly the most surprising thing to me about this is that they have a low level device object for the notification UI. I would think that would be handled by some higher-level API, but I guess not.
-
"P comes out of H+1" Man...that is not what 4chan told me.
-
That's some nice work, but I spent most of the time here being flabbergasted that a PS4 has a PPPoE client at all.
-
Thanks for NOT dumbing this down.
-
bug reported: 2006 PS4 release: 2013 PS4 FW 11 release: 2023 FW 11.02 (Dec 2023) may have fixed it? Unsure. This bug was known about 7 years before the PS4 existed and it's still been in there for nearly its entire lifespan. Crazy.
-
As note, it was released on 2013, so probably it was coded between 2010-2012, so its not far away from 2006. So it has been jailbroked after 11 years. PS3 was jailbroked after 3-4 years only.
-
A few of us cared about good naming conventions 20 years ago. A very few of us cared 40 years ago. It's good to have more allies today. My favorite software joke: The two hardest problems in software engineering are naming, concurrency, and off-by-one errors. 🙂
-
This is why memory safe languages like rust are bad for user freedom.
-
You can't just to round 17 years to 20, Aubrey
-
The author of the exploit seems to be TheFlow which has been in the console hacking scene forever (PSP, PSVITA). Thanks for the code breakdown!