Sony Playstation 4 (PS4) 5.01 WebKit Code Execution PoC

2018.02.28

Credit: ALEXZZZ9

Risk: High

Local: No

Remote: Yes

CVE: CVE-2017-7005

CWE: CWE-119

CVSS Base Score: 6.8/10

Impact Subscore: 6.4/10

Exploitability Subscore: 8.6/10

Exploit range: Remote

Attack complexity: Medium

Authentication: No required

Confidentiality impact: Partial

Integrity impact: Partial

Availability impact: Partial

PS4 5.01 WebKit Exploit PoC
===========================
Based on:
- [CVE-2017-7005](https://bugs.chromium.org/p/project-zero/issues/detail?id=1208)
- [PegaSwitch](https://github.com/reswitched/pegaswitch) ([Copyright 2017 ReSwitched Team](https://github.com/reswitched/pegaswitch/blob/master/LICENSE.md))
- 4.0x exploit by [qwertyoruiopz](https://twitter.com/qwertyoruiopz)
> This exploit supports 5.01 (maybe others)!
Installation
============
1. Install the latest version of node from [nodejs.org](https://nodejs.org)
2. Clone this repository
3. Run `npm install`
Usage
=====
1. Run `npm start`
License
=======
MIT License. See attached `LICENSE.md` file.

References:

https://bugs.chromium.org/p/project-zero/issues/detail?id=1208

https://twitter.com/qwertyoruiopz

https://github.com/reswitched/pegaswitch

See this note in RAW Version

Vote for this issue:

100%

Thanks for you vote!

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.

Nick (*)

Email (*)

Video

Text (*)

(*) - required fields.

{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1

{{ x.comment }}

Sony Playstation 4 (PS4) 5.01 WebKit Code Execution PoC

References:

Thanks for you vote!

Thanks for you comment!Your message is in quarantine 48 hours.

Thanks for you comment!
Your message is in quarantine 48 hours.