Editing Avcontent.db. Arbitrary Delete.

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
== Introduction ==
== Introduction ==
This is a disclosure of an vulnerability "Li" discovered back in 2019.
This is a disclosure of an vulnerability i (SilicaAndPina) discovered back in 2019.


The PlayStation Vita has a few apps for displaying various media formats.
The PlayStation Vita has a few apps for displaying various media formats.
Line 9: Line 9:


== Arbitrary Delete ==  
== Arbitrary Delete ==  
using this you can delete any file from any *writable* partition on the PSVita.  
using this trick you can delete any file from any *writable* partition on the PSVita.  
 
By editing the tbl_VPContent inside avcontent.db you can change the path of any media contents to be whatever path you want
By editing the tbl_VPContent inside avcontent.db you can change the "content_path" and "content_path_extension" columns to be whatever path you want to delete. . .
if you then delete it inside the app, it will not only delete the entry from the database, but it will delete that underlying file as well.
 
if you then delete it inside the corresponding media app, it will not only delete the entry from the database,  
but it will delete that underlying file as well.


== Arbitrary Read ==  
== Arbitrary Read ==  
By editing the tbl_VPContent inside avcontent.db you can change the "content_path" and "content_path_extension" columns
Using the videos app i was able to read arbitrary files by changing the path in the avcontent.db,                     
to the path you want to read . . .
 
Using the photo app i was able to read arbitrary files by changing the path in the avcontent.db,                     
and then copying it with CMA, however this only worked with files inside ux0:               
and then copying it with CMA, however this only worked with files inside ux0:               
files outside there would not work.                           
files outside there would not work.                           
                  
                  
other stuff i tried:          
other stuff i tried:                
     
- doing it on a photo, and trying to "Upload" it to a website, but the web browser is sandboxed so this did not work.                   
- doing it on a photo, and trying to "Upload" it to a website, but the web browser is sandboxed so this did not work.                   
- Attaching a injected photo to an email and sending it, didnt seem to work, just 0bytes possibly [[FailMail]] lead to this being fixed??
- Attaching a injected photo to an email and sending it, didnt seem to work, just 0bytes possibly [[FailMail]] lead to this being fixed??


Please note that all contributions to Vita Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see Vita Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)
Retrieved from "http://www.psdevwiki.com/vita/Avcontent.db._Arbitrary_Delete."