Post: [3.55] PS4 Playground Released (Open-Source)
Options
08-09-2016, 02:47 AM
#1
Specter
Pro Memer
So as most of you who read this section probably know, the other day Fire30 ported the PSVita exploit from HENKaku (originally developed by xyz), and I decided to build a project around this exploit. Where the original POC made you setup a python server on your PC and such, with PS4 Playground, everything works straight through your PS4's Web Browser. It was a bit of an annoyance to make everything work, especially when the exploit would crash the webkit process as soon as it was finished executing, however with some magic I made it work.
I stabilized and cleaned up the exploit a bit, and designed the site, however the credit for the exploit goes to Fire30 and xyz, and the original idea for PS4 Playground as well as the JuSt-ROP project all goes to CTurt. If you have anything to contribute, please feel free to fork the repository and submit a pull request.
Requirements
You will need FakeDNS to spoof manuals.playstation.net, you will also need XAMPP to run an apache host for PS4 Playground to run on. To quote the readme;
Originally posted by another user
You will need fakedns. You also need to edit the dns.conf to point to the ip address of your PC (can be found in cmd/terminal by typing ipconfig/ifconfig), and modify your consoles' DNS settings to point to your PC's address. Then type the following in your terminal;
python fakedns.py -c dns.conf
You will also need to setup xampp on your computer and run Apache on port 80. For the easiest method, in /htdocs, create the '/document/en/ps4' directory and place the files from this repo in there.
When your fake dns is running and you've setup your localhost server in xampp, you can navigate to PS4 -> Settings -> User Guide. It should then show PS4 Playground.
python fakedns.py -c dns.conf
You will also need to setup xampp on your computer and run Apache on port 80. For the easiest method, in /htdocs, create the '/document/en/ps4' directory and place the files from this repo in there.
When your fake dns is running and you've setup your localhost server in xampp, you can navigate to PS4 -> Settings -> User Guide. It should then show PS4 Playground.
Notes
The exploit will not run correctly all of the time. Sometimes it will stick at stage 4 or webkit will crash before the script is finished. If it doesn't work at first, keep trying until it does, it shouldn't take long.
Refreshing the page after a successful attempt or going to another page will crash webkit. Just hit OK and it will resume to the next action you wanted to perform.
The project isn't 100% complete, it's an on-going work-in-progress.
Preview Images
Acknowledgements
Fire30 - The porting of the WebKit Exploit to PS4
Xerpi - Functions in his POC edit that I ported over (these functions made things way easier and more efficient)
XYZ - The original exploit for the PSVita
CTurt - JuSt-ROP, the original PS4 Playground, as well as his work with 1.76.
Red-EyeX32 - Assistance in development
Links
You must login or register to view this content. - You must login or register to view this content.
While the exploit and PS4 Playground aren't incredibly useful at the moment, if and when a kernel exploit is found, things will get a lot more interesting
Last edited by
Specter ; 08-11-2016 at 07:16 PM.
The following 39 users say thank you to Specter for this useful post:
/SneakerStreet/, 2much4u, ackendo, ANONY420, anonymous style, Red-EyeX32, BurnMoDzHQ, Creepzoid 0___0, DeezShinyNutz, DMAAR-7777, DMoney750, Dog88Christian, DrZepto, EdiTzZ, EvilDevilReX, Gryphus, Frosty, Geo, Im_YouViolateMe, itzyourboiidann, Joel, Kryptus, LaughTracks, lucasaf01, MOD-RuLeZ, MODZ4FUN420, Mr.Peanut, Nana, 
Darth Saul, seb5594, Kronos, Jon Snow, STVBDKD, User343234, Vondy Supreme, Xx-GIPPI-xX, xxmcvapourxx, yan88
Darth Saul, seb5594, Kronos, Jon Snow, STVBDKD, User343234, Vondy Supreme, Xx-GIPPI-xX, xxmcvapourxx, yan88
08-09-2016, 07:31 PM
#20
Specter
Pro Memer
Originally posted by JATOCH
Shame on you copying fire30 poc and adding only sysinfo
The sysinfo the vtable adressen etc comes straight from the poc.
Well done @redeye how do you feel about this.
Wonder how long it takes to get a filebrowser with the userland exploit!
2 years like the trophy decryption .
Better implent a php info page in the playground lmao
Whats next adding a JS game emulator to the playground?
The sysinfo the vtable adressen etc comes straight from the poc.
Well done @redeye how do you feel about this.
Wonder how long it takes to get a filebrowser with the userland exploit!
2 years like the trophy decryption .
Better implent a php info page in the playground lmao
Whats next adding a JS game emulator to the playground?
I mean, I gave Fire30 complete credit for the exploit, it's not like I claimed I coded the whole POC and didn't give credit. All I did was modified it, made it a bit more stable and made it work with a web implementation rather than having to run the Python server, I never claimed to have done more than that. You can also have a filebrowser, it just would be sandboxed. Also fail to see why I'd implement a PHP info page.
But yeah, shame on me for giving credit where credit is due and making something interesting so you can just see everything and run the exploit straight through the browser. Shame on me for innovating, shame on me! How dare I.
The following 3 users say thank you to Specter for this useful post:
08-09-2016, 08:58 PM
#21
ANONY420
NextGenUpdate Elite
Originally posted by Specter
Introduction
So as most of you who read this section probably know, the other day Fire30 ported the PSVita exploit from HENKaku (originally developed by xyz), and I decided to build a project around this exploit. Where the original POC made you setup a python server on your PC and such, with PS4 Playground, everything works straight through your PS4's Web Browser. It was a bit of an annoyance to make everything work, especially when the exploit would crash the webkit process as soon as it was finished executing, however with some magic I made it work.
I stabilized and cleaned up the exploit a bit, and designed the site, however the credit for the exploit goes to Fire30 and xyz, and the original idea for PS4 Playground as well as the JuSt-ROP project all goes to CTurt. If you have anything to contribute, please feel free to fork the repository and submit a pull request.
Requirements
You will need FakeDNS to spoof manuals.playstation.net, you will also need XAMPP to run an apache host for PS4 Playground to run on. To quote the readme;
Notes
The exploit will not run correctly all of the time. Sometimes it will stick at stage 4 or webkit will crash before the script is finished. If it doesn't work at first, keep trying until it does, it shouldn't take long.
Refreshing the page after a successful attempt or going to another page will crash webkit. Just hit OK and it will resume to the next action you wanted to perform.
The project isn't 100% complete, and ROP doesn't seem to work without breaking the entire script yet. This is being worked on.
Preview Images
Acknowledgements
Fire30 - The porting of the WebKit Exploit to PS4
XYZ - The original exploit for the PSVita
CTurt - JuSt-ROP, the original PS4 Playground, as well as his work with 1.76.
Red-EyeX32 - Assistance in development
Links
You must login or register to view this content. - You must login or register to view this content.
While the exploit and PS4 Playground aren't incredibly useful at the moment, if and when a kernel exploit is found, things will get a lot more interesting
So as most of you who read this section probably know, the other day Fire30 ported the PSVita exploit from HENKaku (originally developed by xyz), and I decided to build a project around this exploit. Where the original POC made you setup a python server on your PC and such, with PS4 Playground, everything works straight through your PS4's Web Browser. It was a bit of an annoyance to make everything work, especially when the exploit would crash the webkit process as soon as it was finished executing, however with some magic I made it work.
I stabilized and cleaned up the exploit a bit, and designed the site, however the credit for the exploit goes to Fire30 and xyz, and the original idea for PS4 Playground as well as the JuSt-ROP project all goes to CTurt. If you have anything to contribute, please feel free to fork the repository and submit a pull request.
Requirements
You will need FakeDNS to spoof manuals.playstation.net, you will also need XAMPP to run an apache host for PS4 Playground to run on. To quote the readme;
Notes
The exploit will not run correctly all of the time. Sometimes it will stick at stage 4 or webkit will crash before the script is finished. If it doesn't work at first, keep trying until it does, it shouldn't take long.
Refreshing the page after a successful attempt or going to another page will crash webkit. Just hit OK and it will resume to the next action you wanted to perform.
The project isn't 100% complete, and ROP doesn't seem to work without breaking the entire script yet. This is being worked on.
Preview Images
Acknowledgements
Fire30 - The porting of the WebKit Exploit to PS4
XYZ - The original exploit for the PSVita
CTurt - JuSt-ROP, the original PS4 Playground, as well as his work with 1.76.
Red-EyeX32 - Assistance in development
Links
You must login or register to view this content. - You must login or register to view this content.
While the exploit and PS4 Playground aren't incredibly useful at the moment, if and when a kernel exploit is found, things will get a lot more interesting
Would this work for 2.xx up to 3.50 or just 3.55
The following user thanked ANONY420 for this useful post:
The following user thanked TehMike for this useful post:
08-09-2016, 10:34 PM
#26
BiggestNoob
Gobble
Can Someone Make A Video showing how to setup? I'm not really good at stuff like this...
Last edited by
BiggestNoob ; 08-09-2016 at 11:49 PM.
Copyright © 2024, NextGenUpdate.
All Rights Reserved.
