Molecule: Difference between revisions

From Vita Development Wiki
Jump to navigation Jump to search
No edit summary
No edit summary
 
(5 intermediate revisions by 2 users not shown)
Line 5: Line 5:
=== Bootrom exploit ===
=== Bootrom exploit ===


After having obtained a [[Boot ROM]] dump, Team Molecule searched for exploits in it and found on 2019-08-30 their last and ultimate exploit: First Loader SLSK buffer overflow on some PS Vita prototypes. In August 2019, Yifan Lu exploited a DEM-3000H from A to Z and streamed it publicly.
After having obtained a [[First_Loader|Boot ROM]] dump, Team Molecule searched for exploits in it. They found on 30/08/2019 their last and ultimate exploit: First Loader SLSK buffer overflow on some PS Vita prototypes. In August 2019, Yifan Lu exploited a DEM-3000H from A to Z and streamed it publicly.


[https://yifan.lu/2019/08/16/glitching-a-20k-piece-of-history/]
[https://yifan.lu/2019/08/16/glitching-a-20k-piece-of-history/]


=== Cmep exploit ===
=== Secure cryptoprocessor exploit ===


[[Secure Kernel]] was dumped 02/2017 (through octopus exploit) and [[Boot ROM]] was dumped on 08/2018 (through [[Glitching]]).<ref>https://teammolecule.github.io/35c3-slides/</ref>
[[Secure Kernel]] was dumped in 02/2017 through the Octopus exploit. [[First_Loader|Boot ROM]] was dumped in 08/2018 through [[Glitching]].<ref>https://teammolecule.github.io/35c3-slides/</ref>


=== Non Secure Kernel Bootloader exploit - enso ===
=== Non Secure Kernel Bootloader exploit - enso ===


The commonly spread definition of CFW in PSP and PS3 scene was to be reboot-proof. Molecule achieved this on PS Vita by exploiting a vulnerability in NSKBL eMMC init code.
The commonly spread definition of a custom firmware (CFW) in PSP and PS3 scene was a reboot-proof homebrew enabler (HEN). Team Molecule achieved this on PS Vita by exploiting a vulnerability in NSKBL eMMC init code.


=== Plugins API - taiHEN ===
=== Plugins API - taiHEN ===
Line 27: Line 27:
=== Kernel exploit release - HENkaku ===
=== Kernel exploit release - HENkaku ===


On 29/07/2016 HENkaku was released: http://henkaku.xyz/
On 29/07/2016 HENkaku was released. It was hosted on the website at the address http://henkaku.xyz/.


HENkaku enables homebrew by patching out signature checks (works similar to [[SceKernelModulemgr#Module_decryption_and_signature_checks]]). HENkaku uses two kernel vulnerabilities: [[Vulnerabilities#Heap_use-after-free_in_sceNetSyscallIoctl]] and [[Vulnerabilities#sceIoDevctl_does_not_clear_stack_buffer]] and a usermode webkit vulnerability. HENkaku only works as-is on firmware 3.60, however the kernel vulnerabilities are present in all firmware versions up to and including 3.60.
HENkaku enables homebrew by patching out signature checks (works similar to [[SceKernelModulemgr#Module_decryption_and_signature_checks]]). HENkaku uses two kernel vulnerabilities: [[Vulnerabilities#Heap_use-after-free_in_sceNetSyscallIoctl]] and [[Vulnerabilities#sceIoDevctl_does_not_clear_stack_buffer]] and a usermode WebKit vulnerability. HENkaku only works as-is in firmware 3.60, however the kernel vulnerabilities it uses are present in all firmware versions up to and including 3.60.


=== Usermode release - Rejuvenate ===
=== Usermode exploit release - Rejuvenate ===


On 14/06/2015, Rejuvenate, which was the first public exploit that allowed to run unsigned usermode code, was released. http://yifan.lu/2015/06/14/rejuvenate-native-homebrew-for-psvita/
On 14/06/2015, Rejuvenate, which was the first public exploit that allowed to run unsigned usermode code, was released. http://yifan.lu/2015/06/14/rejuvenate-native-homebrew-for-psvita/
Line 37: Line 37:
=== Secure Kernel exploit ===
=== Secure Kernel exploit ===


It was no surprise that crypto processes were not handled by the kernel (such was the case for previous Sony consoles). Libraries that deal with encrypted/signed content ([[Self Loading|SELF loading]], [[PUP]] unpacking, etc) all make calls to the [[Secure World]]. The hypothesis was that like many large manufacturers at the time, secure world was used for cryptography and security tasks. Getting access to the secure kernel was even harder than non-secure kernel because there was much less exposure and much less information. However, with a vulnerability that abused some lightly documented features of the ARM architecture, the secure kernel was dumped on 06/09/2014, a little less than a year after owning kernel. Unfortunately, almost immediately, the team found that secure kernel was a red herring. There was no keys or any sensitive information in secure world (Sony was wiser here than most other ARM device makers), but the sole task of the secure kernel was to communicate with an external processor which the team named [[F00D Processor]] because of the <code>e_machine</code> field of the ELF headers.
It was no surprise that crypto processes were not handled by the kernel (such was the case for previous Sony consoles). Libraries that deal with encrypted/signed content ([[SELF Loading|SELF loading]], [[PUP]] unpacking, etc) all make calls to the [[TrustZone|Secure World]]. The hypothesis was that like many large manufacturers at the time, secure world was used for cryptography and security tasks. Getting access to the secure kernel was even harder than non-secure kernel because there was much less exposure and much less information. However, with a vulnerability that abused some lightly documented features of the ARM architecture, the secure kernel was dumped on 06/09/2014, a little less than a year after owning kernel. Unfortunately, almost immediately, the team found that secure kernel was a red herring. There was no keys or any sensitive information in secure world (Sony was wiser here than most other ARM device makers), but the sole task of the secure kernel was to communicate with an external processor, [[Cmep]], that the team named "F00d" because of the 0xf00d value of the <code>e_machine</code> field of the ELF headers.


=== Kernel exploit ===
=== Kernel exploit ===


For about a year research was focused on getting kernel code execution. Through some ingenuity and a lot of luck, on 27/08/2013 the first kernel exploit on the PS Vita was realized. The vulnerability was an integer overflow leading to a heap overflow and a misconfiguration that allowed a small portion of kernel heap memory to be leaked. The exploit and tools were completed on 01/09/2013 and for the first time, kernel memory was revealed. After a week of dumping the large kernel codebase (there were many factors that made it a slow process), work begin in parallel to reverse the system and find more vulnerabilities.
For about a year, Team Molecule's research was focused on getting kernel code execution. Through some ingenuity and a lot of luck, on 27/08/2013 the first kernel exploit on the PS Vita was realized. The vulnerability was an integer overflow leading to a heap overflow and a misconfiguration that allowed a small portion of kernel heap memory to be leaked. The exploit and tools were completed on 01/09/2013 and for the first time, kernel memory was revealed. After a week of dumping the large kernel codebase (there were many factors that made it a slow process), work began in parallel to reverse the system software and find vulnerabilities that would grant code execution in kernel.


=== Usermode exploit announcement ===
=== Usermode exploit announcement ===


On 18/08/2012, a vulnerability was discovered in [[PSM]] that allowed both for memory to be dumped and code to be executed.<ref>[https://www.youtube.com/watch?v=w1GICNXTOhM&list=UUNIviKniCqbDShbAvldEOtA First memory dump]</ref> [[UVLoader]] was developed and in a couple of weeks, the first working native code homebrew ran on 12/09/2012. Although the source for UVLoader was released in anticipation for excitement in the homebrew community, there was no serious response from developers. Unfortunately, Sony used the source for UVLoader to secure the system in later updates and make usermode code loading a much harder reality.
On 18/08/2012, a vulnerability was discovered in [[PSM]] that allowed both for memory to be dumped and code to be executed.<ref>[https://www.youtube.com/watch?v=w1GICNXTOhM&list=UUNIviKniCqbDShbAvldEOtA First memory dump]</ref> [[UVLoader]] was developed and in a couple of weeks, the first working native code homebrew ran on 12/09/2012. Although the source for UVLoader was released in anticipation for excitement in the homebrew community, there was no serious response from developers. Unfortunately, Sony used the source code of UVLoader to secure the system in later System Software updates and make usermode code loading a much harder reality.


=== Usermode ROP ===
=== Usermode ROP ===


In early 2012, the first usermode ROP exploit was achieved through the [[Web Browser]]. Memory dumps of the browser were obtained through a disclosed WebKit vulnerability that was not patched because Sony did not use the most up-to-date WebKit version. The same vulnerability allowed allowed ROP code execution. [[ROPTool]] was written to make creation and testing of ROP payloads easy.
In early 2012, the first usermode ROP exploit was achieved through the [[Web Browser]]. Memory dumps of the browser were obtained through a disclosed WebKit vulnerability that was not patched because Sony did not use the most up-to-date WebKit version. The same vulnerability allowed allowed ROP code execution. [[ROPTool]] was written to make creation and testing of ROP payloads easier.


=== PSPemu ===
=== PSPemu ===


Molecule has done some work on PSP in the past. Initial reversing of the [[PSP Emulator]] was done by members of Molecule including the first flash0: dump that opened the door for all future PSP emulator hacks.
Team Molecule has done some work on PSP in the past. Initial reversing of the [[PSP Emulator]] was done by members of Team Molecule including the first flash0: dump that opened the door for all future PSP emulator hacks.


<references/>
<references/>


[[Category:Vulnerabities]]
[[Category:Vulnerabilities]]

Latest revision as of 23:37, 16 July 2023

Team logo

The Molecule team was the first to hack the PS Vita and responsible for the majority of the reversing work done on the PS Vita.

History

Bootrom exploit

After having obtained a Boot ROM dump, Team Molecule searched for exploits in it. They found on 30/08/2019 their last and ultimate exploit: First Loader SLSK buffer overflow on some PS Vita prototypes. In August 2019, Yifan Lu exploited a DEM-3000H from A to Z and streamed it publicly.

[1]

Secure cryptoprocessor exploit

Secure Kernel was dumped in 02/2017 through the Octopus exploit. Boot ROM was dumped in 08/2018 through Glitching.[1]

Non Secure Kernel Bootloader exploit - enso

The commonly spread definition of a custom firmware (CFW) in PSP and PS3 scene was a reboot-proof homebrew enabler (HEN). Team Molecule achieved this on PS Vita by exploiting a vulnerability in NSKBL eMMC init code.

Plugins API - taiHEN

Davee wanted a powerful API for patching PS Vita OS, making it more a Custom FirmWare.

Yifan's writeup

Davee's writeup

Kernel exploit release - HENkaku

On 29/07/2016 HENkaku was released. It was hosted on the website at the address http://henkaku.xyz/.

HENkaku enables homebrew by patching out signature checks (works similar to SceKernelModulemgr#Module_decryption_and_signature_checks). HENkaku uses two kernel vulnerabilities: Vulnerabilities#Heap_use-after-free_in_sceNetSyscallIoctl and Vulnerabilities#sceIoDevctl_does_not_clear_stack_buffer and a usermode WebKit vulnerability. HENkaku only works as-is in firmware 3.60, however the kernel vulnerabilities it uses are present in all firmware versions up to and including 3.60.

Usermode exploit release - Rejuvenate

On 14/06/2015, Rejuvenate, which was the first public exploit that allowed to run unsigned usermode code, was released. http://yifan.lu/2015/06/14/rejuvenate-native-homebrew-for-psvita/

Secure Kernel exploit

It was no surprise that crypto processes were not handled by the kernel (such was the case for previous Sony consoles). Libraries that deal with encrypted/signed content (SELF loading, PUP unpacking, etc) all make calls to the Secure World. The hypothesis was that like many large manufacturers at the time, secure world was used for cryptography and security tasks. Getting access to the secure kernel was even harder than non-secure kernel because there was much less exposure and much less information. However, with a vulnerability that abused some lightly documented features of the ARM architecture, the secure kernel was dumped on 06/09/2014, a little less than a year after owning kernel. Unfortunately, almost immediately, the team found that secure kernel was a red herring. There was no keys or any sensitive information in secure world (Sony was wiser here than most other ARM device makers), but the sole task of the secure kernel was to communicate with an external processor, Cmep, that the team named "F00d" because of the 0xf00d value of the e_machine field of the ELF headers.

Kernel exploit

For about a year, Team Molecule's research was focused on getting kernel code execution. Through some ingenuity and a lot of luck, on 27/08/2013 the first kernel exploit on the PS Vita was realized. The vulnerability was an integer overflow leading to a heap overflow and a misconfiguration that allowed a small portion of kernel heap memory to be leaked. The exploit and tools were completed on 01/09/2013 and for the first time, kernel memory was revealed. After a week of dumping the large kernel codebase (there were many factors that made it a slow process), work began in parallel to reverse the system software and find vulnerabilities that would grant code execution in kernel.

Usermode exploit announcement

On 18/08/2012, a vulnerability was discovered in PSM that allowed both for memory to be dumped and code to be executed.[2] UVLoader was developed and in a couple of weeks, the first working native code homebrew ran on 12/09/2012. Although the source for UVLoader was released in anticipation for excitement in the homebrew community, there was no serious response from developers. Unfortunately, Sony used the source code of UVLoader to secure the system in later System Software updates and make usermode code loading a much harder reality.

Usermode ROP

In early 2012, the first usermode ROP exploit was achieved through the Web Browser. Memory dumps of the browser were obtained through a disclosed WebKit vulnerability that was not patched because Sony did not use the most up-to-date WebKit version. The same vulnerability allowed allowed ROP code execution. ROPTool was written to make creation and testing of ROP payloads easier.

PSPemu

Team Molecule has done some work on PSP in the past. Initial reversing of the PSP Emulator was done by members of Team Molecule including the first flash0: dump that opened the door for all future PSP emulator hacks.