Hacker Sleirsgoevy has now presented the code for TheFlow’s Blu-Ray hack. However, jailbreaking is not possible without a Kernal exploit.
It wasn’t long after the presentation of TheFlow slides at the hardwear.io conference that someone came up with the appropriate proof of concept code for worked out the vulnerabilities presented there for a jailbreak. Andy Nguyen uses the technical architecture of the Blu-Ray drives of the PS3, PS4 and PS5 as a target for attack. As he participates in Sony’s BugBounty program and gets paid, he couldn’t put the complete source code online for the Jailbreaker community.
Code for experiments but not for jailbreak appropriate
Sleirsgoevy has incorporated three of the five new bugs into its source code. Since there is no kernel exploit, this is not a full jailbreak yet. If you are familiar with the subject well enough, you can now carry out your experiments with the hardware using the source code. For the rest of the users, this publication has no practical nutritional value yet. The code can be downloaded from Sleirsgoevy’s Github page here. For those who are interested, the programmer also offers an ISO image for public download.
Project Zero: Bug discovered in the substructure of Safari
The browser used on Sony’s game consoles is based on the same code as Apple’s Safari web browser. Members of Google Project Zero have now published a Webkit vulnerability but not a complete jailbreak, which should therefore also run on the PS4 and PS5. The gap was only closed in February 2022. All firmware versions before that should therefore be vulnerable to the gap. To 100% this is not sure yet.
To what extent the now known bug can really be exploited remains to be seen. And the same applies here: Without a working kernel exploit in combination, there is no jailbreak. Because without a kernel exploit, the devices cannot be cracked on their own. The webkit exploit of the browser is only half the battle for a full access to the PS4 or PS5 including homebrew and black copies.
For all interested parties it is important never to update the firmware. If you do that, you can no longer exploit the bugs that the manufacturer has already fixed. Whether and which bugs will come in the future remains to be seen.
Lars Sobiraj started in 2000 to work as a career changer for various computer magazines. 2006 numerous other online magazines were added in addition to gulli.com. He is the founder of Tarnkappe.info. In addition, Ghandy, as he calls himself in the scene, has been teaching participants at various universities and training institutions how the Internet works since 2006. .
3132 3132 3132 3132