u/AltruisticPumpkin245

Before we start, exploit name - The Romeo & Joliet Exploit.

So I mentioned about a month ago that me and some devs were working on an exploit, which... kinda flopped, as none of us have enough skills to finish it. Like, we have the Loader (PS4 Homebrew Loader - Alpha Version) and the entrypoint (Vue-After-Free - the code execution part does work on 13.04, despite people stating otherwise) but we don't have enough skills combined to write the exploit itself.

Credits:

SufficientWin8669 - Most of the Loader code, except aesthetics and logs. Potential_Cattle7163 - Finding potential chainability with 7.55´s Karo WebKit-based exploit. Shadowdev-Vita (me) - Finding and documenting the exploit itself, pondered over entrypoints in the beginning stages, aesthetics for PS4 Homebrew Loader - Alpha Version.

The exploit itself (small writeup, we don't have a proof-of-concept):

It is a parsing bug in 13.04´s [RECOVERY] .PUP, in the libarchive library (based originally on CVE-2025-5914) which allows for an overflow using an expandable Unicode filename, to then get code execution, and commit kernel slides, memory corruption, and allow for the swiping of cr_change_uid, while the kernel is ´dizzy’ from the memory corruption.

In turn, this would allow for a jailbreak on firmwares 13.04 and older, which would be pretty cool, if I'm honest.

Bye for now, Shadowdev-Vita.

So yeah, haven't posted that much lately (side projects, while me and some devs figure our main thing out, and also Mum has my laptop... again) so here's a list of stuff I'm working on/planning.

Before we start, though, 1 new thing to announce: Found a cool new thing for WebKit that I might work on:

A CVE for Safari 17.0, which is what PS4´s on 13.04 use for WebKit. It is CVE-2023-42833 which I found on Apple´s ´Security Content’ page. It was added on 01/02/2024, and might not be patched on the PS4. I´ll look into it, and keep you guys updated.

1. Dropping some big things in a post tomorrow - look out!

2. Making PS4/PS5 development platforms (side thing, but basically, it's all the FreeBSD 9.0/11.0 stuff, plus the OSS, which will form Orbis replicas, except without Sony´s ´secret sauce’, to make/test homebrew and exploits. Thought it'd be fun.

3. Dumping the PS4/PS5 User´s Guides, to see what's in them, how they work, etc, which I will document.

4. Finishing both the Puffy Cat Open Source Project (haven´t mentioned that yet, will make follow-up posts) and WebKit Doom v2.01, which are both just about done.

5. BeatMania Pocket Arcade game port in C, with full colour and other cool new stuff to the PS4 and 3DS.

6. Animal Crossing New Leaf: Welcome Amiibo rewrite in C, to add cool mods, with support of some new bug fixes, ported to 3DS and PS4.

7. boot9strap and Luma3DS: Android Edition (thought it would be cool, I guess.)

Bye for now, Shadowdev-Vita.