Editing Webbrowser

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
[[Category:Software]]<noinclude>[[Category:Main]]</noinclude>
[[Category:Software]]
== Web Content Guidelines ==
* [http://www.scei.co.jp/guideline/PS_Vita_Web_Content-Guidelines_e.pdf PS Vita Web Content Guidelines v3.00]
* [http://webassetsc.scea.com/pscomauth/groups/public/documents/webasset/web_content-guidelines_3.10-e.pdf PS3 Web Content Guidelines v3.10]
* [http://www.scei.co.jp/guideline/PS4_Web_Content-Guidelines_e.pdf PS4 Web Content Guidelines v1.50]


== Supports ==
Supports:
* Cookies
* Cookies
* Javascript 1.7
* Javascript 1.7
* partial HTML 5
* partial HTML 5
* Partial Video support (added from 2.10 update)
* Partial Video support (added from 2.10 update)
=== Not supported ===
 
Does not support:
* Flash
* Flash
* Youtube (no HTML5: video)
* Youtube (no HTML5: video)
== Known Useragents ==
=== YouTube ===
PlayStation Vita YouTube/1.0 libhttp/1.67 (PS Vita)
PlayStation Vita YouTube/2.1 libhttp/2.60 (PS Vita)
=== WebBrowser ===
   
   
Useragent (Vita TV has trailing "Silk/3.2 VTE/2.50" or "Silk/3.2 VTE/3.30" as subidentifier):
Useragent:
 
  Mozilla/5.0 (Playstation Vita 1.50) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2
Table below indicates known and unknown. "YES" = known vulnerability in use, "NO" = unknown if vulnerability in use.
 
{| class="wikitable sortable"
|-
! useragent !! version !! vulnerability
|-
| Mozilla/5.0 (PlayStation Vita 1.00) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.000.000_CEX|01.000.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.03) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.030.010_CEX|01.030.010]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.04) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.040.000_CEX|01.040.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.05) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.050.000_CEX|01.050.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.06) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.060.010_CEX|01.060.010]] || {{yes}}
|-
| Mozilla/5.0 (Playstation Vita 1.50) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.500.000_CEX|01.500.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.51) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.510.000_CEX|01.510.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.52) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.520.000_CEX|01.520.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.60) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.600.000_CEX|01.600.000]] || {{yes}}
|-
| Mozilla/5.0 (Playstation Vita 1.61) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.610.000_CEX|01.610.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.65) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.650.000_CEX|01.650.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.66) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.660.000_CEX|01.660.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.67) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.670.000_CEX|01.670.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.69) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.690.000_CEX|01.690.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.80) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.800.000_CEX|01.800.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 1.81) AppleWebKit/531.22.8 (KHTML, like Gecko) Silk/3.2 || [[01.810.000_CEX|01.810.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.00) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.000.000_CEX|02.000.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.01) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.010.000_CEX|02.010.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.02) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.020.000_CEX|02.020.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.05) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.050.000_CEX|02.050.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.06) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.060.000_CEX|02.060.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.10) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.100.000_CEX|02.100.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.11) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.110.000_CEX|02.110.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.12) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.120.000_CEX|02.120.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.50) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.500.000_CEX|02.500.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.60) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.600.000_CEX|02.600.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 2.61) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[02.610.000_CEX|02.610.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.00) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.000.000_CEX|03.000.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.01) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.010.000_CEX|03.010.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.10) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.100.000_CEX|03.100.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.12) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.120.000_CEX|03.120.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.15) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.150.000_CEX|03.150.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.18) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.180.000_CEX|03.180.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.20) AppleWebKit/536.26 (KHTML, like Gecko) Silk/3.2 || [[03.200.000_CEX|03.200.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.30) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.300.000_CEX|03.300.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.35) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.350.000_CEX|03.350.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.36) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.360.000_CEX|03.360.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.50) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.500.000_CEX|03.500.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.52) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.520.000_CEX|03.520.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.55) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.550.000_CEX|03.550.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.57) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.570.000_CEX|03.570.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.60) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.600.000_CEX|03.600.000]] || {{yes}}
|-
| Mozilla/5.0 (PlayStation Vita 3.61) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.610.000_CEX|03.610.000]] || {{no}}
|-
| Mozilla/5.0 (PlayStation Vita 3.63) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.630.000_CEX|03.630.000]] || {{no}}
|-
| Mozilla/5.0 (PlayStation Vita 3.65) AppleWebKit.537.73 (KHTML, like Gecko) Silk/3.2 || [[03.650.000_CEX|03.650.000]] || {{no}}
|-
| ? || [[03.670.000_CEX|03.670.000]] || {{no}}
|-
| ? || [[03.680.000_CEX|03.680.000]] || {{no}}
|-
| ? || [[03.690.000_CEX|03.690.000]] || {{no}}
|-
|}
 
== Webkit exploits ==
 
=== Terminology ===
 
<div style="color: #000000; background-color: #e5e4e2; border: 1px solid #808000; padding: 5px; {{box-shadow|4px|4px|8px|#b0b090}}">
An information security '''vulnerability''' is a mistake in software that can be directly used by a hacker to gain access to a system or network.
 
An information security '''exposure''' is a system configuration issue or a mistake in software that allows access to information or
capabilities that can be used by a hacker as a stepping-stone into a system or network.
</div>
 
=== '''C'''ommon '''V'''ulnerabilities and '''E'''xposures list ===
 
1.50-1.81 (CVE-2010-1807 and CVE-2010-4577)
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1807
* http://imthezuk.blogspot.com/2010/11/float-parsing-use-after-free.html
 
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4577
* https://code.google.com/p/chromium/issues/detail?id=63866
 
2.00-3.20 (CVE-2013-0903-1)
* [http://acez.re/ps-vita-level-1-webkitties-3 Acama's write-up]
* http://packetstormsecurity.com/files/123088/
* http://packetstormsecurity.com/files/123089/Packet-Storm-Advisory-2013-0903-1-Apple-Safari-Heap-Buffer-Overflow.html
* related to http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-3748 and https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2012-3748


3.30-3.36 (CVE-2014-1303)
Browsertests: http://www.roshi.tv/2011/12/psvitano.html
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-1303
* http://wololo.net/2015/04/22/new-webkit-exploit-found-vita-maybe-playstation-4
* https://www.blackhat.com/docs/eu-14/materials/eu-14-Chen-WebKit-Everywhere-Secure-Or-Not.PDF
* https://www.blackhat.com/docs/eu-14/materials/eu-14-Chen-WebKit-Everywhere-Secure-Or-Not-WP.pdf
* https://cansecwest.com/slides/2015/Liang_CanSecWest2015.pdf


3.50-3.60 (no CVE at the time it was written, credits to xyz)
Access to the PS3 Store and get content in Vita
* https://blog.xyz.is/2016/webkit-360.html
* [https://pastebin.com/Av2YCR5Q Mike H.'s write-up]
* [https://pastebin.com/aSJQbJyd Mike H.'s write-up #2]
 
=== Repositories ===
 
<=1.81 webkit exploit PoC:
* [http://www.lolhax.org/2014/10/28/psvita-webkit-for-2-00 article] by '''Davee'''
* [https://github.com/joshaxey/badnanna181/tree/master discarded repro reduction for <=1.81] by '''Josh Axey'''
 
1.50-1.69-1.80 HTMLit:
* [https://bitbucket.org/DaveeFTW/htmlit htmlit] by '''Davee'''
 
ROPtool:
* [https://www.lolhax.org/2014/10/04/roptool roptool article] by '''Davee'''
* [https://github.com/xyzz/roptool-legacy old version] by '''Davee'''
* [http://wololo.net/downloads/index.php/download/8233 first release] by '''Davee'''
* [https://bitbucket.org/DaveeFTW/roptool new version] by '''Davee'''
 
1.61 files for HTMLit and ROPtool:
* [https://github.com/xyzz/wk161 files+webkit]by '''xyz'''
 
1.80 files for ROPtool:
* [https://bitbucket.org/DaveeFTW/wk180-roptool-target files] by '''Davee'''
 
1.81 ROP:
* [https://web.archive.org/web/20150811215153/http://pastebin.com/XNeALEbC Support_Uri ROP script] by '''SMOKE'''
* [https://github.com/SMOKE5/VitaROP VitaROP] by '''SMOKE'''
 
2.60 webkit exploit PoC:
* [https://www.lolhax.org/2014/10/19/psvita-webkit-exploit-information-and-credits credits article]
* [https://bitbucket.org/DaveeFTW/psvita-260-webkit psvita-260-webkit] by '''Davee'''
* [https://github.com/173210/psvita-webkit psvita-webkit] by '''Davee'''
 
3.18 webkit exploit PoC:
* [https://github.com/BrianBTB/codelion_poc codelion_poc] by '''Codelion''' and '''BrianBTB'''
 
3.01-3.15-3.18 memory dumping:
* [https://bitbucket.org/Archaemic/memory-splicer memory-splicer] by '''Archaemic'''
* [https://github.com/BrianBTB/JSoS-Module-Dump-Release JSoS-Module-Dump-Release] by '''BrianBTB'''
** http://pastie.org/private/ugchhaqctvmw5rrg5w37ka <- load more modules for the JSoS module dumper :)
* [https://github.com/BrianBTB/memtools_vita memtools_vita] by '''BrianBTB'''
 
3.15-3.18 webkitties:
* [https://github.com/acama/webkitties webkitties] by '''Acama'''
 
3.00-3.15-3.18 vitasploit:
* [https://github.com/Hykem/vitasploit vitasploit] (dead link) by '''Hykem'''
* [https://github.com/wargio/vitasploit vitasploit] (mirror) by '''Hykem'''
 
2.02-2.12-3.00-3.01-3.18 vitasploit:
* [https://github.com/xyzz/vitasploit vitasploit] by '''xyz'''
 
3.36 webkit exploit:
* [http://wololo.net/talk/viewtopic.php?f=54&t=42501 3.36 webkit exploit] by '''xyz'''
 
2.00-2.01-2.02-2.05-2.10-2.11-2.12-2.50-2.60-2.61-3.00-3.01-3.10-3.12-3.18-3.20 + 3.30-3.35-3.36 vitasploit:
* [https://github.com/Sorvigolova/vitasploit vitasploit] by '''Sorvigolova'''
 
Other tools:
* [https://github.com/xyzz/vitadump vitadump IDA plugin] by '''xyz'''
 
=== Online Tests ===
 
* [http://www.lolhax.org/vita.htm live test]
* [http://wololo.net/v/webkit/vita.htm live test (miror)]
* [http://wololo.net/v/260.htm live test 2.60 (old)]
 
=== Webkit Modules ===
 
* [http://rghost.net/private/59665268/46690bd89ae7f298e4df145059c0d3e2 (3.18 dump)] dead link
 
{| class="wikitable sortable"
|-
! Module !! Remark
|-
| SceAacenc ||
|-
| SceActivityDb ||
|-
| SceAppUtil ||
|-
| SceAtrac ||
|-
| SceAudiocodec ||
|-
| SceAvcodecUser ||
|-
| SceAvPlayer ||
|-
| SceBeisobmf ||
|-
| SceBemp2sys ||
|-
| ScebXCe ||
|-
| SceCheckoutDialogPlugin ||
|-
| SceClipboard ||
|-
| SceCommonDialog ||
|-
| SceCommonGuiDialog ||
|-
| SceDbrecoveryUtility ||
|-
| SceDbutil ||
|-
| SceDriverUser ||
|-
| SceDrmPsmKdc ||
|-
| SceFiber ||
|-
| SceFriendListDialogPlugin ||
|-
| SceGpuEs4User ||
|-
| SceGxm ||
|-
| SceHafnium ||
|-
| SceHandwriting ||
|-
| SceIme ||
|-
| SceImeDialogPlugin ||
|-
| SceIniFileProcessor ||
|-
| SceJpegArm ||
|-
| SceJpegEncArm ||
|-
| SceLibc ||
|-
| ScelibDbg ||
|-
| SceLibFios2 ||
|-
| SceLibft2 ||
|-
| SceLibG729 ||
|-
| SceLibGameUpdate ||
|-
| SceLibHttp ||
|-
| SceLibJson ||
|-
| SceLibKernel ||
|-
| SceLibLocation ||
|-
| SceLibLocationExtension ||
|-
| SceLibMp4Recorder ||
|-
| SceLibNetCtl ||
|-
| SceLibPgf ||
|-
| SceLibPspnetAdhoc ||
|-
| SceLibPvf ||
|-
| SceLibRudp ||
|-
| SceLibSsl ||
|-
| SceLibVitaJSExtObj  ||
|-
| SceLibXml ||
|-
| SceLiveAreaUtil ||
|-
| SceMp4 ||
|-
| SceMsgDialogPlugin ||
|-
| SceMusicExport ||
|-
| SceNearDialogUtil ||
|-
| SceNearProfile ||
|-
| SceNearUtil ||
|-
| SceNet ||
|-
| SceNetAdhocMatching ||
|-
| SceNetCheckDialogPlugin ||
|-
| SceNgsUser ||
|-
| SceNotificationUtil ||
|-
| SceNpActivity ||
|-
| SceNpActivityNet ||
|-
| SceNpBasic ||
|-
| SceNpCommerce2 ||
|-
| SceNpCommon ||
|-
| SceNpCommonPs4 ||
|-
| SceNpFriendPrivacyLevel ||
|-
| SceNpKdc ||
|-
| SceNpManager ||
|-
| SceNpMatching2 ||
|-
| SceNpMessage ||
|-
| SceNpMessageContactsPlugin ||
|-
| SceNpMessageDialogPlugin ||
|-
| SceNpMessageDlgImplPlugin ||
|-
| SceNpPartyGameUtil ||
|-
| SceNpScore ||
|-
| SceNpSignaling ||
|-
| SceNpSnsFacebook ||
|-
| SceNpTrophy ||
|-
| SceNpTus ||
|-
| SceNpUtility ||
|-
| SceNpWebApi ||
|-
| ScePaf ||
|-
| ScePartyMemberListPlugin ||
|-
| ScePhotoExport ||
|-
| ScePhotoImportDialogPlugin ||
|-
| ScePhotoReviewDialogPlugin ||
|-
| ScePromoterUtil ||
|-
| ScePsp2Compat ||
|-
| SceSasUser ||
|-
| SceSaveDataDialogPlugin ||
|-
| SceScreenShot ||
|-
| SceShellSvc ||
|-
| SceShutterSound ||
|-
| SceSqlite ||
|-
| SceSqliteVsh ||
|-
| SceStoreCheckoutPlugin ||
|-
| SceSystemGesture ||
|-
| SceTeleportClient ||
|-
| SceTeleportServer ||
|-
| SceTrophySetupDialogPlugin ||
|-
| SceUlt ||
|-
| SceVideoExport ||
|-
| SceVoice ||
|-
| SceVoiceQoS ||
|-
| SceWebFiltering ||
|-
| SceWebKit ||
|-
| SceWebKitProcess ||
|}
 
== Browsertests ==
* http://www.roshi.tv/2011/12/psvitano.html
 
== Access to the PS3 Store and get content in Vita ==


Video
Video
Line 506: Line 61:


   '''GAME''' or '''VIDEO'''
   '''GAME''' or '''VIDEO'''
Redeem Comand


   '''psns:redeem?code1=123&code2=456&code3=789'''
   '''psns:redeem?code1=123&code2=456&code3=789'''


This command will immediantly prompt you to the PSN Stores' redeem function, taking the arguments with it.
This command will inmediantly prompt you to the PSN Stores' redeem function, taking the arguments with it.
Please note that all contributions to Vita Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see Vita Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)

Templates used on this page: