Console Hacker Reveals ‘Essentially Unpatchable’ PS4/PS5 Exploit

Console Hacker Reveals ‘Essentially Unpatchable’ PS4/PS5 Exploit

Sony might have a problem on its hands in the form of a system exploit for both the PlayStation 4 and PlayStation 5. The vulnerability comes by way of noted console hacker CTurt, and if he’s to be believed, there’s effectively no way for Sony to patch this one. That might not be good news for Sony’s security team, but gamers who want to run homebrew software on Sony’s consoles could get their wish.

According to CTurt, he revealed the Mast1c0re exploit to Sony a year ago via the company’s bug bounty program. However, there has been no sign of a patch. So, he’s releasing the proof-of-concept publicly. You can peruse all the relevant information on GitHub, but it’s not for the faint of heart. Given time, the community could craft this software flaw into a system for running arbitrary code, thus, unlocking the power of homebrew (and piracy) on Sony’s latest hardware.

The issue lies with Sony’s PS2 on PS4 emulator — specifically, the just-in-time (JIT) compiler that turns the PS2 code into PS4-ready code on-the-fly while a game is running. Sony gave the compiler privileged access to the system, so the machine treats every bit that comes out of it as legitimate. CTurt managed to hijack the compiler to run games that Sony has not authorized.

CTurt says that the exploit is going to be very difficult for Sony to patch because of how the company opted to distribute the code. Rather than building the PS2-on-PS4 code into the OS, the emulator is bundled with every downloadable and disc-based PS2 game released for the PS4 (yes, there are a few). That means if you’ve got a copy of the emulator, a known exploit in a game from 20 years ago can be used to take control of the JIT compiler on a brand new PS5. Some of these are annoying to trigger on newer consoles, but they work.

In the video above, you can see CTurt loading a custom PS2 ISO using the Mast1c0re exploit. It takes a while to load the game, so the middle of the video has been trimmed. However, CTurt notes that compression support could vastly speed up load times. If you’re not a developer, it’s the future of Mast1c0re that should interest you. Currently, it’s a complex, multistep process to load custom software on the PS4 and PS5, but others could take Mast1c0re and use it as the base for a new homebrew explosion. Sony will undoubtedly try to stop it, but the cat may be out of the bag.

Continue reading

Massive ‘Kilonova’ Explosion Shows First Observed Birth of a Magnetar
Massive ‘Kilonova’ Explosion Shows First Observed Birth of a Magnetar

We've never seen a magnetar come into being, but a new high-energy event several billion light years away might be the first — a kilonova that signals the merging of two neutron stars.

Google Uncovers iPhone Exploit That Can Steal Data Over Wi-Fi
Google Uncovers iPhone Exploit That Can Steal Data Over Wi-Fi

According to Ian Beer of Google's Project Zero security team, the flaw allowed him to steal photos from any iPhone just by pointing a Wi-Fi antenna at it.

SpaceX Starship Performs Amazing Flip Maneuver, Explodes on Hard Landing
SpaceX Starship Performs Amazing Flip Maneuver, Explodes on Hard Landing

The launch itself went off without a hitch, sending the vessel up to 41,000 feet. That's a major milestone for the Starship, but the landing… well, that was more of a crash. SpaceX is still calling this one a win, though.

Activist Firm Urges Intel to ‘Explore Alternatives’ to Manufacturing Its Own Chips
Activist Firm Urges Intel to ‘Explore Alternatives’ to Manufacturing Its Own Chips

Intel is facing calls from an activist investor to explore strategic alternatives and potential for a spinoff or divestment of previous acquisitions.