PSVita Webkit Exploit – Information and Credits

As you have probably seen, a small PoC webkit exploit for 2.60 was released for the psvita. You can test your vita yourself by visiting the link here: http://lolhax.org/vita.htm

At first the exploit only supported 2.60, which happens to be the firmware my vita is on. The exploit now supports up-to version 3.18 and code execution demo with ROPTool will be shown over the next while.

Lets talk about how this all came to be. Thanks to a tweet from @yifanlu, news exploded onto the internet about this hack and what it means for the vita. Problem is, most of you don’t know what it means for the vita and franky, nor do I. I’ve been working with webkit for over 2 years now but there are many other brains behind the scenes doing work, which I would like to talk about.

First off, there is Codelion or @BBalling1. He is a strong driving force in a small development group that just struggled to gain momentum. People left, people lost interest. This guy managed to keep in the game and deserves as much credit as you give me. He even posted a description of the exploit on his twitter over a week ago, so make sure to follow him.

Secondly, there is Josh Axey @Josh_Axey, another member of the group. As I said, people lost interest the group cohesion broke and people worked on their own. This guy also made use of the packetstorm webkit bug.

Thirdly, @Archaemic. I haven’t spoken to this guy, but I can take yifan’s word that he has been working on the exploit for a long time and even has produced dumps from as early as April, good job man!

Thank you all for the praise, but I would like these guys to get a mention too, they are hardworkers and probably spent a lot of time on this bug too. If you’re interested in getting involved either drop me or any of these guys a tweet, I’m sure they’ll be glad to get a few extra devs.