Editing Vulnerabilities
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 27: | Line 27: | ||
== WebKit exploits == | == WebKit exploits == | ||
WebKit exploits are harder to make and do not even give arbitrary RW because of PS5 memory protections. | |||
=== Modal Browser HTTPS Bypass === | === Modal Browser HTTPS Bypass === | ||
* It is possible to bypass HTTPS in the modal browser, if you reply to the HTTPS CONNECT with a standard HTTP 1.1 response, instead of attempting to create a tunnel. The | * It is possible to bypass HTTPS in the modal browser, if you reply to the HTTPS CONNECT with a standard HTTP 1.1 response, instead of attempting to create a tunnel. The browser will just display that response. The downside to this is you have no idea what the contents of even the HTTP REQUEST would have been, but it is useful for directing the web browser to any website you want. | ||
==== Patched ==== | ==== Patched ==== |