Most custom hardware is seriously locked down these days, with many corporations viewing any tinkering with their machines as unacceptable at best, illegal at worst.
When people free computing hardware – so-called jailbreaking – it can be used for almost any purpose. The famous Cydia, for example, created a whole alternative iOS app store, one free of the constraints of Apple.
Of course, jailbreaking has also become synonymous with breaking fundamental copy protection, allowing pirated software to run on a range of devices from cellphones to today’s cutting-edge games consoles. The flip side of that coin is that people are also able to run so-called ‘homebrew’ code, programs developed by hobbyists for purposes that do not breach copyright law.
This ‘dual use’ situation means that two separate sets of communities get excited when exploits are found for key hardware. That’s been the case for some time now with two sets of developers – Team Fail0verflow and Specter – revealing work on a kernel exploit for firmware 4.05 on Playstation 4.
In November, Wololo published an interview with Specter and two days ago received direct confirmation that the exploit would be published soon. That moment has now arrived.
Hope everyone had a Merry Christmas! Here’s the 4.05 kernel exploit, fully implemented. Enjoy! Write-up coming soon! https://t.co/MQR0lzCu9Y
— Specter (@SpecterDev) December 27, 2017
As noted in Specter’s tweet, the release is available on Github, where the developer provides more details.
“In this project you will find a full implementation of the ‘namedobj’ kernel exploit for the PlayStation 4 on 4.05,” Specter writes.
“It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system.”
The news that the exploit can enable a jailbreak is huge news for fans of the scene, who will be eagerly standing by for the next piece of the puzzle which is likely to be just around the corner.
Exploit Works ✓
WebKit Stable ✓
Games Launch ✓— Specter (@SpecterDev) December 27, 2017
Still, Specter is wisely exercising caution when it comes to the more risky side of his exploit – the potential for running homebrew and, of course, pirate games. He doesn’t personally include code for directly helping either.
“This release however, does not contain any code related to defeating anti-piracy mechanisms or running homebrew,” he notes.
That being said, the exploit clearly has potential and Specter has opened up a direct channel for those wishing to take things to the next level. He reveals that the exploit contains a loader that listens for a payload and once it receives it, executes it automatically.
“I’ve also uploaded a test payload you can use after the kernel exploit runs that jailbreaks and patches the kernel to allow access to debug settings, just needs to be netcatted to the loader via port 9020,” he concludes.
That’s likely to prove very attractive to those with a penchant for tinkering. Let’s see which direction this goes.