It appears that a vulnerability in the latest Sony console, the PS5, has already been discovered and exploited by hackers!
As it turns out, while it seems to be a quick achievement for them, given how new the latest PlayStation still feels on the market, they have actually been trying to jailbreak it for about a year now!
That being said, the PS5 has reportedly been jailbroken using an already existing kernel-level exploit that was initially discovered on its predecessor, the PS4!
Although it still does not allow access to some types of code, this exploit has reportedly made it possible for at least one person, as far as we know, to run the Silent Hill demo prequel on their PS5.
And this is likely only the beginning; as more and more people will get to explore the jailbreak, more functionality is bound to happen this way, having massive implications.
It has been dubbed as the “PS5 IPV6 Kernel exploit” and was discovered by Andy “TheFloW” Nguyen, also known as the “PlayStation Hacking God,” last month.
That being said, based on fellow hacker SpecterDev’s tweet last week, now there is also a way for it to be implemented!
For those interested in a webkit PS5 kernel exploit implementation, it’s on track to be ready soon – stay on 4.03 🙂
Still wanna do some cleanup and such but a lot of the major work is done. Obv without @theflow0 this wouldn’t be possible :P. 1/2 pic.twitter.com/rqSqJaVcXJ
— Specter (@SpecterDev) October 2, 2022
Apparently, it relies on an already known vulnerability in PS5’s web browser technology Webkit that runs firmware 4.03 on the PlayStation 5 but it’s possible earlier versions are also involved.
As for how it works, the exploit has the console access a web server based on a local computer that features SpecterDev’s hack on it.
At this point, it appears to work only about 30 percent of the time and when it does, it gives users access to the debug mode of the PS5, allowing them to run software outside of Sony’s intended purposes.
Console hacking blog Wololo.net explained in a tweet that “This exploit gives us read and write access, but not execute. This means no possibility to load and to run binaries at the moment, everything’s constrained within the scope of the ROP chain. The current implementation does however enable debug settings.”
Regardless, the exploit was still enough for Dark Souls archeologist Lance McDonald to manage to install the abandoned PS4 micro horror game P.T., which, as you may or may not be aware, is not supposed to be backward compatible with the PS5.
IPV6 webkit exploit has been accessible to hackers for about two years and was discovered by TheFloW on the PS4.
Then, at the very beginning of this year, he found it once more, this time around on the new generation console, and reported it to Sony.
“It seems like their patch got reverted somehow when doing FreeBSD9 to FreeBSD11 migration,” he shared via Motherboard.
Sony then offered the hacker a $10,000 bounty and on September 20, 2021, the vulnerability was disclosed on the website HackerOne.
Since then, many in the PlayStation community have been working hard, trying to find ways to exploit the same vulnerability in order to jailbreak both the all-digital and the disc-based versions of the PS5.
Console developers make it their mission to keep the systems tightly locked in order to keep piracy away from their products.
That being said, this latest jailbreak is sure to be only the beginning for hackers who are trying to break down PlayStation’s security even more.