Visit: ChendoChap's repo // sleirsgoevy's repo
## Summary
Here you will find a full implementation of the "ipv6 uaf" kernel exploit for the PlayStation 4 for firmwares 7.00 - 7.02. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system.
This bug was originally discovered by Fire30, and subsequently found by Andy Nguyen.
## Patches Included
- Allow RWX (read-write-execute) memory mapping (mmap / mprotect)
- Syscall instruction allowed anywhere
- Dynamic Resolving (sys_dynlib_dlsym) allowed from any process
- Custom system call #11 (kexec()) to execute arbitrary code in kernel mode
- Allow unprivileged users to call setuid(0) successfully. Works as a status check, doubles as a privilege escalation
- (sys_dynlib_load_prx) patch
## Notes
- The page will crash on successful kernel exploitation, this is normal
- There are a few races involved with this exploit, losing one of them and attempting the exploit again might not immediately crash the system but stability will take a hit
Don't miss the Game Mods & PS4 Tools section (top right corner)!
I'm not responsible for any kind of damage on your PS4! Use it at your own risk!
## Contributors
Massive credits to the following:
TheFlow0
Fire30
ChendoChap
Synacktiv
sleirsgoevy
Al Azif
All payload creators
Anonymous