The recent bug brought to the fore by the developer zecoxao seems to be progressing on
PlayStation5 consoles, the vulnerability linked to a FreeBSD kernel bug was highlighted by DebTy via a Concept Test (PoC) that exploits a memory loss in WebKit.
The exploit shows how it is possible to run out of system memory, making the console vulnerable to specific firmware versions.
The bug was reported on August 20 on the HackerOne platform, but it seems that
Sony did not consider it. The PoC is divided into five main phases:
The first phase involves the initialization of the heap, allocating memory in a controlled way. Subsequently, the heap is maintained, manipulating the memory to create empty spaces useful for the exploit.
The third stage involves depleting memory, with continuous allocations and deallocations to exhaust resources. The fourth phase is dedicated to the execution of the payload, which causes the corruption of memory.
Finally, the exploit is performed by following the sequence of steps to activate memory depletion. The code is designed to run on PlayStation 5 console with firmware up to version 9.60.
In recent developments, an Italian hacker known as seregonwar has changed the original code, causing a system error every time the bug is executed.
The change seems to aim to copy a file called payload.bin
. . The altered code is available at this address. This exploit could be the first time Sony sees a vulnerability released for the latest firmware.
Instructions
- Copy and run the code above on a vulnerable PS5 (works up to version 9.60). This may not apply to PS4.
- Remember that it is a Concept Proof (PoC) and must be used exclusively for educational purposes.
- Further testing and analysis is needed to fully understand this vulnerability.
- If necessary, enter the custom payload within the function
payload
. .
Connections
Source: twitter.com