Editing Webbrowser
Jump to navigation
Jump to search
The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.
Latest revision | Your text | ||
Line 15: | Line 15: | ||
== Known Useragents == | == Known Useragents == | ||
PlayStation Vita YouTube/1.0 libhttp/1.67 (PS Vita) | PlayStation Vita YouTube/1.0 libhttp/1.67 (PS Vita) | ||
PlayStation Vita YouTube/2.1 libhttp/2.60 (PS Vita) | PlayStation Vita YouTube/2.1 libhttp/2.60 (PS Vita) | ||
Useragent (Vita TV has trailing "Silk/3.2 VTE/2.50" or "Silk/3.2 VTE/3.30" as subidentifier): | Useragent (Vita TV has trailing "Silk/3.2 VTE/2.50" or "Silk/3.2 VTE/3.30" as subidentifier): | ||
Line 105: | Line 100: | ||
| Mozilla/5.0 (PlayStation Vita 3.36) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.360.000_CEX|03.360.000]] || {{yes}} | | Mozilla/5.0 (PlayStation Vita 3.36) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.360.000_CEX|03.360.000]] || {{yes}} | ||
|- | |- | ||
| Mozilla/5.0 (PlayStation Vita 3.50) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.500.000_CEX|03.500 | | Mozilla/5.0 (PlayStation Vita 3.50) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.500.000_CEX|03.500.000]] || {{no}} | ||
|- | |- | ||
|} | |} | ||
== Webkit | == Webkit exploit == | ||
=== Terminology === | === Terminology === | ||
<div style="color: #000000; background-color: #e5e4e2; border: 1px solid #808000; padding: 5px; {{box-shadow|4px|4px|8px|#b0b090}}"> | <div style="color: #000000; background-color: #e5e4e2; border: 1px solid #808000; padding: 5px; {{box-shadow|4px|4px|8px|#b0b090}}"> | ||
An information security '''vulnerability''' is a mistake in software that can be directly used by a hacker to gain access to a system or network. | An information security '''vulnerability''' is a mistake in software that can be directly used by a hacker to gain access to a system or network. | ||
Line 141: | Line 114: | ||
=== '''C'''ommon '''V'''ulnerabilities and '''E'''xposures list === | === '''C'''ommon '''V'''ulnerabilities and '''E'''xposures list === | ||
*http://www.lolhax.org/2014/10/28/psvita-webkit-for-2-00/ | |||
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807 | |||
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4577 | |||
*http://acez.re/ps-vita-level-1-webkitties-3/ | |||
* | |||
http://packetstormsecurity.com/files/123089/Packet-Storm-Advisory-2013-0903-1-Apple-Safari-Heap-Buffer-Overflow.html (related to | |||
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3748 / https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3748) | |||
*https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1303 http://wololo.net/2015/04/22/new-webkit-exploit-found-vita-maybe-playstation-4/ (up to FW [[03.360.000_CEX|3.36]]) | |||
* https:// | |||
=== Repositories === | === Repositories === | ||
* https://github.com/Hykem/vitasploit/ by '''Hykem''' | |||
* | * [https://github.com/BrianBTB/codelion_poc repo] | ||
* [https://github.com/joshaxey/badnanna181/tree/master discarded repro reduction for <=1.81] | * [https://github.com/joshaxey/badnanna181/tree/master discarded repro reduction for <=1.81] | ||
* https://github.com/xyzz/vitadump | |||
* https://bitbucket.org/Archaemic/memory-splicer | |||
* [https://bitbucket.org/DaveeFTW/psvita-260-webkit/ repo] | |||
* https://github.com/acama/webkitties | |||
=== Code, Test & Tool === | |||
* [http://www.lolhax.org/vita.htm live test] [http://wololo.net/v/webkit/vita.htm live test (miror)], [http://wololo.net/v/260.htm live test (old)] | |||
* [ | * [http://wololo.net/downloads/index.php/download/8231 memtools_vita] https://github.com/BrianBTB/memtools_vita/ | ||
* [http://wololo.net/downloads/index.php/download/8233 ROPTool] | |||
* [http://wololo.net/downloads/index.php/download/8234 HTMLIt] | |||
* [ | |||
* [ | |||
* [ | |||
** http://pastie.org/private/ugchhaqctvmw5rrg5w37ka <- load more modules for the JSoS module dumper :) | ** http://pastie.org/private/ugchhaqctvmw5rrg5w37ka <- load more modules for the JSoS module dumper :) | ||
* [http://pastebin.com/XNeALEbC SMOKE's Support_Uri Rop script] | |||
* [http:// | |||
=== Webkit Modules === | === Webkit Modules === | ||
* http://rghost.net/private/59665268/46690bd89ae7f298e4df145059c0d3e2 (3.18 dump) | |||
* | |||
{| class="wikitable sortable" | {| class="wikitable sortable" | ||
Line 456: | Line 370: | ||
|- | |- | ||
| SceWebKitProcess || | | SceWebKitProcess || | ||
|- | |||
|} | |} | ||