PS Vita system software update 3.18 coming soon, improves system software stability during use of some features.
Also, despite Sony trying to plug PS Vita homebrew exploits in Firmware update 3.18 it appears they are still be discovered for this latest revision as evidenced by this Z.H.P. Usermode Exploit for PS Vita 3.18 Firmware.
PlayStation Vita developer Qwikrazor87announced a VHBL release incoming for PS Vita 3.18 Firmware for those interested.
Sigh another ps vita system update sony just dont know when to quit all because of a little video showing an exploit running on the latest software... until the ps vita is fully exploited is the day i shall smile brightly.
PS Vita Native WebKit Exploit Released and Updated for Firmware 3.18
Following up on Sony's PS Vita 3.18 Firmware Update and the Z.H.P. Usermode Exploit, today a native PlayStation Vita exploit (via WebKit) for PS Vita System Software v2.60 has been released by Davee for which was since updated by BrianBTB / CodeLion for PS Vita Firmware v3.18 and PS Vita TV v3.20 with details below.
To quote: Vita hack: Proof of concept code updated to support up to firmare 3.18, and credits
Earlier this week, Davee released a proof of concept Native exploit within Webkit for the Playstation Vita. The code would only work on firmware 2.60, but with the implicit promise that firmwares up to 3.18 included are vulnerable.
Given the fire that propagated through the scene within minutes of us mentioning this release (see below), hackers left and right were quick to contact me about giving proper credit for the exploits; Davee also got busy upgrading the exploit with BBalling (CodeLion) to make it work for all supported firmwares.
That is, all firmwares up to 3.18 included (no, as we said several times over the past few weeks, this specific Webkit exploit does not work on 3.30, and if you upgraded, you made the decision intentionally).
It is also now confirmed that this is the same exploit that was mentioned by Acid_snake and CodeLion in this article (wololo.net/2014/09/22/native-vita-hacking-whats-the-situation-so-far-part-2/): Native Vita Hacking: What’s the situation so far? (Part 2)
In a short blog post, Davee stated that the driving force behind this exploit is CodeLion. Josh_Axey and Archaemic have also leveraged this exploit in their own ongoing experiments.
He also updated the exploit, after CodeLion posted (twitter.com/BBalling1/status/523662765303795712) his own 3.18 compatible version. Davee’s version ends up being more self contained for the end user, so that’s the one I’m showing below (CodeLion’s code needs netcat to run on the server, which can be extremely useful for debugging purposes, devs might want to give it a look).
Test on your PS Vita
You can test if your vita is vulnerable with the link below. Vulnerable vitas should see something like this (screenshot thanks to WAFLNeo):
Non vulnerable vitas will see an error code, most likely, something similar to the screenshot below.
So, is your vita vulnerable? Did you avoid the temptation of updating to 3.30?
It's also compatible with PS Vita TV v3.20 as confirmed by Davee (via twitter.com/DaveeFTW/status/523927722008256513)
Vita hack: Davee releases a Vita Native exploit through Webkit (but there might be a catch)
To quote (via wololo.net/2014/10/19/vita-hack-davee-releases-a-vita-native-exploit-through-webkit-but-there-might-be-a-catch/):
It’s been long awaited, teased a few times recently, and it might finally be here: a native vita hack.
Famous ex-psp hacker Davee released yesterday a proof of concept exploit for the PS Vita, running through the webkit browser. (and yes, you get to try it, hold on!)
Davee came back to life a few weeks ago, releasing a framework to help with the development of exploits on ARM CPUs, through RO programming based hacks. It wasn’t long before he announced this exploit.
Now here’s the catch: in its current form, the exploit only runs on Vita firmware 2.60. Davee stated that it should be easy enough to port to other firmwares (there are a few entry point addresses to update, it seems), but it is extremely likely that it is patched in firmware 3.30.
I have no full confirmation of that (although I did test), but my gut feeling tells me Davee would not release “just” a proof of concept if there was a possibility this could still be used on the latest Vita firmware. Yifan Lu stated that this might actually be the same exploit found by other people independently, that had been confirmed to be patched after firmware 3.18.
From Wololo: is it safe to assume this is patched in the latest firmware though?
From Yifan: will know for sure, but it's my understanding that the same exploit was found independently by other parties and patched
If you're a Vita hacker, two FW of interest: 1.69 is the last version before KASLR 2.06 is the last version before NID poisoning.
This confirms once again that people waiting for an exploit should stay on lower fiwmares as much as possible (says the guy who just updated to 3.30 yesterday...).
Give it a try
On firmware 3.30, unless I messed up some of my copy/paste, the hack fails at the very first step, which isn’t firmware specific. This indicates that the exploit is indeed patched on 3.30. Feel free to give it a try in particular if you are on firmwares 3.18 or lower. We’ll have more details on the exploit very soon!
Try the exploit on your PS Vita: wololo.net/v/260.htm
Update: Many people are asking what the exploit should look like when it is “working”. The “full” proof of concept only works on 2.60, but on other firmwares, anything else than an error code is a good sign. For example, people on 3.18 and 3.20 report that the page stays there for a few seconds then reloads: this is a good sign.