Editing Webbrowser

[[Category:Software]]<noinclude>[[Category:Main]]</noinclude>
== Web Content Guidelines ==
* [http://www.scei.co.jp/guideline/PS_Vita_Web_Content-Guidelines_e.pdf PS Vita Web Content Guidelines v3.00]
* [http://webassetsc.scea.com/pscomauth/groups/public/documents/webasset/web_content-guidelines_3.10-e.pdf PS3 Web Content Guidelines v3.10]
* [http://www.scei.co.jp/guideline/PS4_Web_Content-Guidelines_e.pdf PS4 Web Content Guidelines v1.50]

== Supports ==
* Cookies
* Javascript 1.7
* partial HTML 5
* Partial Video support (added from 2.10 update)
=== Not supported ===
* Flash
* Youtube (no HTML5: video)

== Known Useragents ==

=== YouTube ===

 PlayStation Vita YouTube/1.0 libhttp/1.67 (PS Vita)
 PlayStation Vita YouTube/2.1 libhttp/2.60 (PS Vita)

=== WebBrowser ===
 
Useragent (Vita TV has trailing "Silk/3.2 VTE/2.50" or "Silk/3.2 VTE/3.30" as subidentifier):

Table below indicates known and unknown. "YES" = known vulnerability in use, "NO" = unknown if vulnerability in use.

{| class="wikitable sortable"
|-
! useragent !! version !! vulnerability
|-
| Mozilla/5.0 (PlayStation Vita 1.00) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.000.000_CEX|01.000.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.03) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.030.010_CEX|01.030.010]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.04) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.040.000_CEX|01.040.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.05) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.050.000_CEX|01.050.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.06) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.060.010_CEX|01.060.010]] || {{yes}}
|-
| Mozilla/5.0 (Playstation Vita 1.50) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.500.000_CEX|01.500.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.51) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.510.000_CEX|01.510.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.52) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.520.000_CEX|01.520.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.60) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.600.000_CEX|01.600.000]] || {{yes}}
|-
| Mozilla/5.0 (Playstation Vita 1.61) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.610.000_CEX|01.610.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.65) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.650.000_CEX|01.650.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.66) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.660.000_CEX|01.660.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.67) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.670.000_CEX|01.670.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.69) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.690.000_CEX|01.690.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.80) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.800.000_CEX|01.800.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.81) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.810.000_CEX|01.810.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.00) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.000.000_CEX|02.000.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.01) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.010.000_CEX|02.010.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.02) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.020.000_CEX|02.020.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.05) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.050.000_CEX|02.050.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.06) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.060.000_CEX|02.060.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.10) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.100.000_CEX|02.100.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.11) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.110.000_CEX|02.110.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.12) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.120.000_CEX|02.120.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.50) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.500.000_CEX|02.500.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.60) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.600.000_CEX|02.600.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.61) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.610.000_CEX|02.610.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.00) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.000.000_CEX|03.000.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.01) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.010.000_CEX|03.010.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.10) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.100.000_CEX|03.100.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.12) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.120.000_CEX|03.120.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.15) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.150.000_CEX|03.150.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.18) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.180.000_CEX|03.180.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.20) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.200.000_CEX|03.200.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.30) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.300.000_CEX|03.300.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.35) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.350.000_CEX|03.350.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.36) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.360.000_CEX|03.360.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.50) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.500.000_CEX|03.500.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.52) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.520.000_CEX|03.520.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.55) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.550.000_CEX|03.550.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.57) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.570.000_CEX|03.570.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.60) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.600.000_CEX|03.600.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.61) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.610.000_CEX|03.610.000]] || {{no}}
|-
| Mozilla/5.0 (PlayStation Vita 3.63) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.630.000_CEX|03.630.000]] || {{no}}
|-
| Mozilla/5.0 (PlayStation Vita 3.65) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.650.000_CEX|03.650.000]] || {{no}}
|-
| ? || [[03.670.000_CEX|03.670.000]] || {{no}}
|-
| ? || [[03.680.000_CEX|03.680.000]] || {{no}}
|-
| ? || [[03.690.000_CEX|03.690.000]] || {{no}}
|-
|}

== Webkit exploits ==

=== Terminology ===

<div style="color: #000000; background-color: #e5e4e2; border: 1px solid #808000; padding: 5px; {{box-shadow|4px|4px|8px|#b0b090}}">
 An information security '''vulnerability''' is a mistake in software that can be directly used by a hacker to gain access to a system or network.

 An information security '''exposure''' is a system configuration issue or a mistake in software that allows access to information or 
 capabilities that can be used by a hacker as a stepping-stone into a system or network.
</div>

=== '''C'''ommon '''V'''ulnerabilities and '''E'''xposures list ===

1.50-1.81 (CVE-2010-1807 and CVE-2010-4577)
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4577

2.00-3.20 (CVE-2013-0903-1)
* [http://acez.re/ps-vita-level-1-webkitties-3 Acama's write-up]
* http://packetstormsecurity.com/files/123089/Packet-Storm-Advisory-2013-0903-1-Apple-Safari-Heap-Buffer-Overflow.html
* related to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3748 and https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3748

3.30-3.36 (CVE-2014-1303)
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1303
* http://wololo.net/2015/04/22/new-webkit-exploit-found-vita-maybe-playstation-4

3.50-3.60 (no CVE at the time it was written, credits to xyz)
* https://blog.xyz.is/2016/webkit-360.html
* [https://pastebin.com/Av2YCR5Q Mike H.'s write-up]
* [https://pastebin.com/aSJQbJyd Mike H.'s write-up #2]

=== Repositories ===

<=1.81 webkit exploit PoC:
* [http://www.lolhax.org/2014/10/28/psvita-webkit-for-2-00 article] by '''Davee'''
* [https://github.com/joshaxey/badnanna181/tree/master discarded repro reduction for <=1.81] by '''Josh Axey'''

1.50-1.69-1.80 HTMLit:
* [https://bitbucket.org/DaveeFTW/htmlit htmlit] by '''Davee'''

ROPtool:
* [https://www.lolhax.org/2014/10/04/roptool roptool article] by '''Davee'''
* [https://github.com/xyzz/roptool-legacy old version] by '''Davee'''
* [http://wololo.net/downloads/index.php/download/8233 first release] by '''Davee'''
* [https://bitbucket.org/DaveeFTW/roptool new version] by '''Davee'''

1.61 files for HTMLit and ROPtool:
* [https://github.com/xyzz/wk161 files+webkit]by '''xyz'''

1.80 files for ROPtool:
* [https://bitbucket.org/DaveeFTW/wk180-roptool-target files] by '''Davee'''

1.81 ROP:
* [https://web.archive.org/web/20150811215153/http://pastebin.com/XNeALEbC Support_Uri ROP script] by '''SMOKE'''
* [https://github.com/SMOKE5/VitaROP VitaROP] by '''SMOKE'''

2.60 webkit exploit PoC:
* [https://www.lolhax.org/2014/10/19/psvita-webkit-exploit-information-and-credits credits article]
* [https://bitbucket.org/DaveeFTW/psvita-260-webkit psvita-260-webkit] by '''Davee'''
* [https://github.com/173210/psvita-webkit psvita-webkit] by '''Davee'''

3.18 webkit exploit PoC:
* [https://github.com/BrianBTB/codelion_poc codelion_poc] by '''Codelion''' and '''BrianBTB'''

3.01-3.15-3.18 memory dumping:
* [https://bitbucket.org/Archaemic/memory-splicer memory-splicer] by '''Archaemic'''
* [https://github.com/BrianBTB/JSoS-Module-Dump-Release JSoS-Module-Dump-Release] by '''BrianBTB'''
** http://pastie.org/private/ugchhaqctvmw5rrg5w37ka <- load more modules for the JSoS module dumper :)
* [https://github.com/BrianBTB/memtools_vita memtools_vita] by '''BrianBTB'''

3.15-3.18 webkitties:
* [https://github.com/acama/webkitties webkitties] by '''Acama'''

3.00-3.15-3.18 vitasploit:
* [https://github.com/Hykem/vitasploit vitasploit] (dead link) by '''Hykem'''
* [https://github.com/wargio/vitasploit vitasploit] (mirror) by '''Hykem'''

2.02-2.12-3.00-3.01-3.18 vitasploit:
* [https://github.com/xyzz/vitasploit vitasploit] by '''xyz'''

3.36 webkit exploit:
* [http://wololo.net/talk/viewtopic.php?f=54&t=42501 3.36 webkit exploit] by '''xyz'''

2.00-2.01-2.02-2.05-2.10-2.11-2.12-2.50-2.60-2.61-3.00-3.01-3.10-3.12-3.18-3.20 + 3.30-3.35-3.36 vitasploit:
* [https://github.com/Sorvigolova/vitasploit vitasploit] by '''Sorvigolova'''

Other tools:
* [https://github.com/xyzz/vitadump vitadump IDA plugin] by '''xyz'''

=== Online Tests ===

* [http://www.lolhax.org/vita.htm live test]
* [http://wololo.net/v/webkit/vita.htm live test (miror)]
* [http://wololo.net/v/260.htm live test 2.60 (old)]

=== Webkit Modules ===

* [http://rghost.net/private/59665268/46690bd89ae7f298e4df145059c0d3e2 (3.18 dump)] dead link

{| class="wikitable sortable"
|-
! Module !! Remark
|-
| SceAacenc || 
|-
| SceActivityDb ||
|-
| SceAppUtil || 
|-
| SceAtrac || 
|-
| SceAudiocodec || 
|-
| SceAvcodecUser || 
|-
| SceAvPlayer || 
|-
| SceBeisobmf || 
|-
| SceBemp2sys || 
|-
| ScebXCe || 
|-
| SceCheckoutDialogPlugin || 
|-
| SceClipboard || 
|-
| SceCommonDialog || 
|-
| SceCommonGuiDialog || 
|-
| SceDbrecoveryUtility ||
|-
| SceDbutil ||
|-
| SceDriverUser || 
|-
| SceDrmPsmKdc ||
|-
| SceFiber || 
|-
| SceFriendListDialogPlugin ||
|-
| SceGpuEs4User || 
|-
| SceGxm || 
|-
| SceHafnium || 
|-
| SceHandwriting || 
|-
| SceIme || 
|-
| SceImeDialogPlugin || 
|-
| SceIniFileProcessor ||
|-
| SceJpegArm || 
|-
| SceJpegEncArm || 
|-
| SceLibc || 
|-
| ScelibDbg || 
|-
| SceLibFios2 || 
|-
| SceLibft2 || 
|-
| SceLibG729 || 
|-
| SceLibGameUpdate || 
|-
| SceLibHttp || 
|-
| SceLibJson ||
|-
| SceLibKernel || 
|-
| SceLibLocation || 
|-
| SceLibLocationExtension || 
|-
| SceLibMp4Recorder || 
|-
| SceLibNetCtl || 
|-
| SceLibPgf || 
|-
| SceLibPspnetAdhoc || 
|-
| SceLibPvf || 
|-
| SceLibRudp || 
|-
| SceLibSsl || 
|-
| SceLibVitaJSExtObj  || 
|-
| SceLibXml || 
|-
| SceLiveAreaUtil || 
|-
| SceMp4 || 
|-
| SceMsgDialogPlugin ||
|-
| SceMusicExport || 
|-
| SceNearDialogUtil || 
|-
| SceNearProfile ||
|-
| SceNearUtil || 
|-
| SceNet || 
|-
| SceNetAdhocMatching || 
|-
| SceNetCheckDialogPlugin ||
|-
| SceNgsUser || 
|-
| SceNotificationUtil || 
|-
| SceNpActivity || 
|-
| SceNpActivityNet ||
|-
| SceNpBasic || 
|-
| SceNpCommerce2 || 
|-
| SceNpCommon || 
|-
| SceNpCommonPs4 ||
|-
| SceNpFriendPrivacyLevel ||
|-
| SceNpKdc ||
|-
| SceNpManager || 
|-
| SceNpMatching2 || 
|-
| SceNpMessage || 
|-
| SceNpMessageContactsPlugin ||
|-
| SceNpMessageDialogPlugin ||
|-
| SceNpMessageDlgImplPlugin ||
|-
| SceNpPartyGameUtil || 
|-
| SceNpScore || 
|-
| SceNpSignaling || 
|-
| SceNpSnsFacebook || 
|-
| SceNpTrophy || 
|-
| SceNpTus || 
|-
| SceNpUtility || 
|-
| SceNpWebApi ||
|-
| ScePaf ||
|-
| ScePartyMemberListPlugin ||
|-
| ScePhotoExport || 
|-
| ScePhotoImportDialogPlugin ||
|-
| ScePhotoReviewDialogPlugin ||
|-
| ScePromoterUtil ||
|-
| ScePsp2Compat || 
|-
| SceSasUser || 
|-
| SceSaveDataDialogPlugin ||
|-
| SceScreenShot || 
|-
| SceShellSvc || 
|-
| SceShutterSound || 
|-
| SceSqlite || 
|-
| SceSqliteVsh ||
|-
| SceStoreCheckoutPlugin ||
|-
| SceSystemGesture || 
|-
| SceTeleportClient || 
|-
| SceTeleportServer || 
|-
| SceTrophySetupDialogPlugin ||
|-
| SceUlt ||
|-
| SceVideoExport || 
|-
| SceVoice || 
|-
| SceVoiceQoS || 
|-
| SceWebFiltering || 
|-
| SceWebKit || 
|-
| SceWebKitProcess || 
|}

== Browsertests ==
* http://www.roshi.tv/2011/12/psvitano.html

== Access to the PS3 Store and get content in Vita ==

Video

[http://www.youtube.com/watch?v=IFyTEd_SgLs]

PS Vita's browser has some secrets function, such as enter in ps store or open an app.

For example:

{| class="wikitable sortable"
|-
! psns:browse?category=PN.P3.US-PN.P3.GAME.US-BASE || opens PS3 store US region
|-
| '''psns:browse?product=IP9100-PCSI00002_00-MUSICUNLIMITED00''' || '''opens Music Unlimited product''' 
|-
|}

How it works

  '''psns:browse'''

This command supports several arguments, the most usables are:

  '''psns:browse?category='''
  
  '''psns:browse?product='''

By defining a category or product ID, this command will redirect you to the PSN Store and show you the chosen category/product. A few examples:

The syntax for categories works as follows:

  '''PN + CONSOLE ID + REGION ID + PN + CONSOLE ID + STORE ID + REGION ID + PAGE'''

Common Console ID's are:

  '''P3 --> PS3'''
  
  '''VT --> PS VITA'''
  
  '''PC --> MEDIA GO / PSP'''

Common Store ID's are:

  '''GAME''' or '''VIDEO'''

Redeem Comand

  '''psns:redeem?code1=123&code2=456&code3=789'''

This command will immediantly prompt you to the PSN Stores' redeem function, taking the arguments with it.