Post: CTurt has allegedly jailbroken on the Playstation 4
Options
12-12-2015, 08:46 PM
#1
Specter
Pro Memer
Please refer to You must login or register to view this content. for more on this subject
------------------------------------------------------------------------------------------------------------------
In advance, thanks to Red-EyeX32 for pointing this out in a Skype conversation. I'd also like to clarify that since PS4 was built off FreeBSD, the sandboxes are called "jails", so jailbreaking is the correct term.
At about 9:28AM EST, CTurt has claimed that he has managed to break the webkit process out of a FreeBSD "jail" (or sandbox). For those who don't know, jailbreaking was coined as you were "breaking out of a jail" or sandbox that an application is in, as if an application is sandboxed and you gain remote code execution, the damage is contained within that jail (very similar to sandboxie which is used here to check programs for Remote Access Trojans).
Now this hasn't been confirmed however CTurt is a known, trusted source of information and has already released some tools such as the PS4 Playground Tools and his open source PS4 SDK. He's also stated within the last hour or so that he has managed to dump RAM from process such as "SceShellUI". This is a huge step forward towards the possibility of custom firmware for the Playstation 4. Below are snapshots of the tweets of his announcement of the You must login or register to view this content. as well as the You must login or register to view this content..
You must login or register to view this content. You must login or register to view this content.
Now there's still much to be done, including lots of reversing and other exploring to do, however as I've said it's a big step. This only works on firmwares 1.76 or lower, but that doesn't mean indefinitely that there won't be more exploits in the coming future for higher firmwares.
Last edited by
Frosty ; 02-16-2016 at 09:31 PM.
The following 56 users say thank you to Specter for this useful post:
Jiggy, /SneakerStreet/, 1291-_-MoDz, 2much4u, AlexNGU, amjed, Andyiglesias1, Basic_Code, Red-EyeX32, Chop, chuck54321, Dan Dactyl, DawidB, dawoodk786, Devious, DexTeamFTW, DMAAR-7777, DPO23, EncepT, Frosty, Grezinn, H-A-X-O, Tears, Helping-Hand, InfinityPlanets, Jimmy, Johan0131, Kam, kareltjie, Kryptus, LaughTracks, LostSoulSiskel, Meega HD, Monster-Energy, NickBeHaxing, Not Rage, 
Darth Saul, .EXE, Adrian, RF0oDxM0Dz, Kronos, Jon Snow, TEXAS24_ReStEr, upgradetoday, vicious_results, Vondy Supreme, wajdi9, xDebugKiller, XM7MD_VX, Xx-GIPPI-xX, XxBlud23xX, xXx-.-Moder, zAutoAiiM_
Darth Saul, .EXE, Adrian, RF0oDxM0Dz, Kronos, Jon Snow, TEXAS24_ReStEr, upgradetoday, vicious_results, Vondy Supreme, wajdi9, xDebugKiller, XM7MD_VX, Xx-GIPPI-xX, XxBlud23xX, xXx-.-Moder, zAutoAiiM_
01-17-2016, 01:32 AM
#83
AirSoftModz
Haxor!
01-22-2016, 09:35 PM
#84
dawoodk786
Little One
02-16-2016, 09:31 PM
#86
Frosty
error
Originally posted by Specter
Update:
Please refer to You must login or register to view this content. for more on this subject
------------------------------------------------------------------------------------------------------------------
In advance, thanks to Red-EyeX32 for pointing this out in a Skype conversation. I'd also like to clarify that since PS4 was built off FreeBSD, the sandboxes are called "jails", so jailbreaking is the correct term.
At about 9:28AM EST, CTurt has claimed that he has managed to break the webkit process out of a FreeBSD "jail" (or sandbox). For those who don't know, jailbreaking was coined as you were "breaking out of a jail" or sandbox that an application is in, as if an application is sandboxed and you gain remote code execution, the damage is contained within that jail (very similar to sandboxie which is used here to check programs for Remote Access Trojans).
Now this hasn't been confirmed however CTurt is a known, trusted source of information and has already released some tools such as the PS4 Playground Tools and his open source PS4 SDK. He's also stated within the last hour or so that he has managed to dump RAM from process such as "SceShellUI". This is a huge step forward towards the possibility of custom firmware for the Playstation 4. Below are snapshots of the tweets of his announcement of the You must login or register to view this content. as well as the You must login or register to view this content..
You must login or register to view this content. You must login or register to view this content.
Now there's still much to be done, including lots of reversing and other exploring to do, however as I've said it's a big step. This only works on firmwares 1.76 or lower, but that doesn't mean indefinitely that there won't be more exploits in the coming future for higher firmwares.
Please refer to You must login or register to view this content. for more on this subject
------------------------------------------------------------------------------------------------------------------
In advance, thanks to Red-EyeX32 for pointing this out in a Skype conversation. I'd also like to clarify that since PS4 was built off FreeBSD, the sandboxes are called "jails", so jailbreaking is the correct term.
At about 9:28AM EST, CTurt has claimed that he has managed to break the webkit process out of a FreeBSD "jail" (or sandbox). For those who don't know, jailbreaking was coined as you were "breaking out of a jail" or sandbox that an application is in, as if an application is sandboxed and you gain remote code execution, the damage is contained within that jail (very similar to sandboxie which is used here to check programs for Remote Access Trojans).
Now this hasn't been confirmed however CTurt is a known, trusted source of information and has already released some tools such as the PS4 Playground Tools and his open source PS4 SDK. He's also stated within the last hour or so that he has managed to dump RAM from process such as "SceShellUI". This is a huge step forward towards the possibility of custom firmware for the Playstation 4. Below are snapshots of the tweets of his announcement of the You must login or register to view this content. as well as the You must login or register to view this content..
You must login or register to view this content. You must login or register to view this content.
Now there's still much to be done, including lots of reversing and other exploring to do, however as I've said it's a big step. This only works on firmwares 1.76 or lower, but that doesn't mean indefinitely that there won't be more exploits in the coming future for higher firmwares.
Updated thread with cturt's github.
02-19-2016, 05:31 PM
#87
brewing up
Can’t trickshot me!
The following user thanked brewing up for this useful post:
02-19-2016, 10:23 PM
#90
Frosty
error
Originally posted by mgflava00
i love for ps4 to atleast get bruteforce first wouldnt that be easier
I believe that save resigning would come first, if nothing else. Perhaps there will be an exploit like with the PS3 backup on 4.65 and lower where we can dump certain files from the PS4. (So I can retrieve my PS4 trophy folders
) If PS4 save resigner was released to certain, private people, they could make a good amount of money off it with trophy shops.
The following user thanked Frosty for this useful post:
Copyright © 2024, NextGenUpdate.
All Rights Reserved.
