Linux PS4 (Work in progress) RILASCIATO!!!

[Debugbrain]

La notte scorsa il team fail0verflow ha rilasciato la sua versione di Linux per PS4,
praticamente si tratta del codice sorgente del kernel di Linus Torvalds modificato dal team fail0verflow per renderlo compatibile con la PS4

[url]https://github.com/fail0verflow/ps4-linux[/url]

fonte: fail0verflow su twittwer e Playstationhax.it

Sempre in queste ore ci sono stati anche degli interessanti aggiornamenti alla repository della scena PS4 con l'aggiunta di strumenti per i devs aggiornati.
Ovviamente si tratta di materiale inutile per i più ma la cosa interessante è che tutto ciò dimostra che i lavori sull'hack della PS4 sono in corso.

[url]https://github.com/ps4dev[/url]

[url]https://github.com/psxdev/ps4link[/url]

Fonte: cfwprophet su twitter


Ed ancora....

PS4-SDK/examples/jit/source/main.c:

#include "ps4.h"

int sock;

#define printf(format, ...)\
do {\
char buffer[512];\
int size = sprintf(buffer, format, ##__VA_ARGS__);\
sceNetSend(sock, buffer, size, 0);\
} while(0)

int _main(void) {
initKernel();

initLibc();
initNetwork();
initJIT();


struct sockaddr_in server;

server.sin_len = sizeof(server);
server.sin_family = AF_INET;
server.sin_addr.s_addr = IP(192, 168, 0, 4);
server.sin_port = sceNetHtons(9023);
memset(server.sin_zero, 0, sizeof(server.sin_zero));

sock = sceNetSocket("debug", AF_INET, SOCK_STREAM, 0);
sceNetConnect(sock, (struct sockaddr *)&server, sizeof(server));


void *executableAddress = NULL;
void *writableAddress = NULL;
void *dataAddress = NULL;

allocateJIT(PAGE_SIZE, &executableAddress, &writableAddress);
dataAddress = malloc(PAGE_SIZE);

printf("Executable address: %p\n", executableAddress);
printf("Writable address: %p\n", writableAddress);
printf("Data address: %p\n", dataAddress);

sceNetSocketClose(sock);


// writableAddress and executableAddress are 2 different virtual mappings, with different protections, but which point to the same physical memory


//unsigned char ret[] = { 0xc3 };
unsigned char loop[] = { 0xeb, 0xfe };
memcpy(writableAddress, loop, sizeof(loop));

((void (*)())executableAddress)();


return 0;
}

Questa è la parte più interessante:

allocateJIT(PAGE_SIZE, &executableAddress, &writableAddress);


ed ecco la spiegazione in inglese fatta da cfwprophet su playstationhax

...will do the magic here. What this is and what it can do ? That is the part of the WebKit exploit where you can run your own executeables and where previous was sayed "If you can allocate some RAM, you will be able to run your own apps". Something like PS4-FTP as example. How does that work ? The WebKit Engine have pre-defined a so called JIT Array which is most the time used by Developers for Debugging Applications. (JIT == Just In Time [Compilation]). I won't go on and explain detailed the JIT Compilation now but if you interested, you can read some more here: [url]https://en.wikipedia.org/wiki/Just-in-time_compilation[/url]
The "PAGE_SIZE" is not really of interest for the user here so i skip that...
The "executableAddress" is the space or Array in RAM where our Code, that is executed, will be loaded to.
The "writeableAddress" -"- -"- -"- -"- -"- -"- where variables are stored, which are not allowed to be executed. Even if some executeable code is placed there it won't run. You can also call or split this writeableAddress into Stack and/or Heap.
Quite a nice base to write some small apps and may do some fun stuff. (depends on how much RAM we can allocate and on what you want to do)







[url]https://github.com/fail0verflow/ps4-radeon-patches[/url]

[Debugbrain]

Kernel initialization:

[url]https://www.freebsd.org/doc/en_US.ISO8859-1/books/arch-handbook/boot-kernel.html[/url]

[samael]

grazie delle info