Difference between revisions of "Bugs & Vulnerabilities"

From PlayStation 5 Dev Wiki
Jump to navigation Jump to search
(Added info about SMAP bypass)
Line 2: Line 2:
 
Modal Browser:
 
Modal Browser:
 
# It is possible to bypass HTTPS in the modal browser, if you reply to the HTTPS CONNECT with a standard HTTP 1.1 response, instead of attempting to create a tunnel- the browser will just display that response. the downside to this is you have no idea what the contents of even the HTTP REQUEST would have been, but its useful for directing the browser anywhere you want.
 
# It is possible to bypass HTTPS in the modal browser, if you reply to the HTTPS CONNECT with a standard HTTP 1.1 response, instead of attempting to create a tunnel- the browser will just display that response. the downside to this is you have no idea what the contents of even the HTTP REQUEST would have been, but its useful for directing the browser anywhere you want.
 +
 +
SMAP bypass:
 +
# There is a vulnerability in FreeBSD 12 that allows SMAP to be bypassed by userland. There is a very high probability that it affects the PS5 but it was not confirmed yet. [https://hackerone.com/reports/1048322 Source].

Revision as of 20:47, 28 May 2021

Modal Browser:

  1. It is possible to bypass HTTPS in the modal browser, if you reply to the HTTPS CONNECT with a standard HTTP 1.1 response, instead of attempting to create a tunnel- the browser will just display that response. the downside to this is you have no idea what the contents of even the HTTP REQUEST would have been, but its useful for directing the browser anywhere you want.

SMAP bypass:

  1. There is a vulnerability in FreeBSD 12 that allows SMAP to be bypassed by userland. There is a very high probability that it affects the PS5 but it was not confirmed yet. Source.