Console Hacker Reveals ‘Essentially Unpatchable’ PS4/PS5 Exploit

Console Hacker Reveals ‘Essentially Unpatchable’ PS4/PS5 Exploit

Sony might have a problem on its hands in the form of a system exploit for both the PlayStation 4 and PlayStation 5. The vulnerability comes by way of noted console hacker CTurt, and if he’s to be believed, there’s effectively no way for Sony to patch this one. That might not be good news for Sony’s security team, but gamers who want to run homebrew software on Sony’s consoles could get their wish.

According to CTurt, he revealed the Mast1c0re exploit to Sony a year ago via the company’s bug bounty program. However, there has been no sign of a patch. So, he’s releasing the proof-of-concept publicly. You can peruse all the relevant information on GitHub, but it’s not for the faint of heart. Given time, the community could craft this software flaw into a system for running arbitrary code, thus, unlocking the power of homebrew (and piracy) on Sony’s latest hardware.

The issue lies with Sony’s PS2 on PS4 emulator — specifically, the just-in-time (JIT) compiler that turns the PS2 code into PS4-ready code on-the-fly while a game is running. Sony gave the compiler privileged access to the system, so the machine treats every bit that comes out of it as legitimate. CTurt managed to hijack the compiler to run games that Sony has not authorized.

CTurt says that the exploit is going to be very difficult for Sony to patch because of how the company opted to distribute the code. Rather than building the PS2-on-PS4 code into the OS, the emulator is bundled with every downloadable and disc-based PS2 game released for the PS4 (yes, there are a few). That means if you’ve got a copy of the emulator, a known exploit in a game from 20 years ago can be used to take control of the JIT compiler on a brand new PS5. Some of these are annoying to trigger on newer consoles, but they work.

In the video above, you can see CTurt loading a custom PS2 ISO using the Mast1c0re exploit. It takes a while to load the game, so the middle of the video has been trimmed. However, CTurt notes that compression support could vastly speed up load times. If you’re not a developer, it’s the future of Mast1c0re that should interest you. Currently, it’s a complex, multistep process to load custom software on the PS4 and PS5, but others could take Mast1c0re and use it as the base for a new homebrew explosion. Sony will undoubtedly try to stop it, but the cat may be out of the bag.

Continue reading

PS5 Outperforms Xbox Series X in Tests as Sony Promises More Consoles
PS5 Outperforms Xbox Series X in Tests as Sony Promises More Consoles

Two interesting pieces of news today: The PlayStation 5 continues to punch above its weight class against the Xbox Series X, and Sony is pledging that it will get more consoles in stock and into consumer hands, pronto.

Every CPU, GPU, and Console Debut This Fall Was Effectively a Paper Launch
Every CPU, GPU, and Console Debut This Fall Was Effectively a Paper Launch

Every CPU, GPU, and console launch since midsummer has effectively (if not technically) been a paper launch for the majority of consumers who wanted the hardware.

Diablo II: Resurrected Arrives on PCs and Consoles This Year
Diablo II: Resurrected Arrives on PCs and Consoles This Year

Blizzard is remaking Diablo II, with a number of quality of life improvements. Revisit one of the greatest hybrid RPG titles ever made. Fight the Lords of Hell. Then, kick back, stay awhile, and have yourself a listen.

There’s a Ticking Time Bomb Inside Older PlayStation Consoles
There’s a Ticking Time Bomb Inside Older PlayStation Consoles

The PlayStation 3 and PlayStation 4 have a mandatory online check-in feature that could make life difficult for video game history preservationists down the road.