The fail0verflow team did it again, they have succeeded hack a Playstation 4 (PS4) and install a fully functional Linux distribution in it. Through a video of almost 5 minutes, the group hackers, Widely known for breaching the security of other consoles in the past like PS3, Wii or Wii U and allowing free code execution on them, it shows the operation of your system based on the official distribution of the Sony console.

Although for now there is no detailed information on how the process is carried out to gain access to low-level instructions, the source of the vulnerability appears to be in the engine of the system’s own webkit-based web browser. A fairly recent vulnerability that seems to affect all those consoles the system version does not exceed 1.76.

The fail0verflow group has gained access to core of system by means of a exploit at a low levelThat is, exploiting a vulnerability that gives the user the ability to execute commands with system privileges. Its announcement took place about a month ago, and yesterday it was presented at the 31st edition of the 31C3 Congress (Chaos Communication Congress). The achievement of being able to load a modified version of the console’s Linux system seems a milestone more pedagogical than functional, As we remember that console hardware of this generation has been harshly criticized for being more similar than ever to a PC certainly limited in resources.

In addition to showing the video and several screens of his achievement during the congress, where it was clearly appreciated the graphical interface based on the famous lightweight LXDE desktop, An emulator of the classic GameBoy Advance console was run with the Pokémon game. The performance of this emulator is quite acceptable to run with rendered completely software, as so far not all console libraries are fully available that allow you to conveniently exploit the hardware it includes.

There are still no precise details of how the process of the exploit. According to the network, it appears that a webkit-based vulnerability is used that uses the console’s web browser and that it would not have been patched in versions higher than 1.76. In this way it is loaded by debootstrap 1 core modified that is compatible with the console and operating system set.

The adaptation that this group has had to carry out is really great, up to a total of almost 7400 lines of instruction to be able to put into operation the code of the core of Linux 4.4 on the console. If we pay attention to the presentation we can see in the load the 8 cores of the PS4 CPU and support for frequency scaling. Also, the APU, comparable to the Radeon models of desktop computers, has been given the code name of Liverpool or Starsha. In addition, the console’s Southbridge hub for input and output controllers is named Aeolia in an unusual layout that breaks the PCI specification standard.

The current state of the image, which uses a modified system based on Sony’s proprietary BSD-based distribution, shows its ability to access peripheral devices such as network card, Wi-Fi and Bluetooth controller, leds, serial port and digital video output via HDMI and audio via S / PDIF. Fail0verflow is currently working on accelerating the graphics subsystem to prevent it from working directly, as it slows down overall system performance. Soon they hope to gain control of audio encoding through the HDMI channel, perform the first tests with the optical disc player using the SATA AHCI standard and access to the USB ports of the device. This last step would, they say, open a path to the use of the computer’s internal hard drive.

We hope that the necessary patches for the will be published soon core which allow the execution of the code that allows the GNU / Linux system boot on the console. There has been no talk of the possibility of running code that is not previously signed for the console or the adaptation for other Linux bases, so the real utility for the general public is, at least for now, really scarce.

When unsigned code can be run we can start to see the execution of the first Linux applications on this system. This would expand the possibilities of the console as a complete multimedia center, enabling content playback for streaming, File sharing via P2P or emulation of other entertainment systems.

Table of Contents