The hypervisor-based security architecture represented a robust barrier against system reverse engineering and maintaining kernel integrity, on all versions of the firmware of the PlayStation 5 console.
However, with the recent presentation of SpecterDev to today’s hardwear.io, this picture would be about to radically change, at least on certain firmware.
What is the Hypervisor?
The hypervisor is a software layer that acts as a guardian between the hardware and the operating system kernel of the PlayStation 5 console.
Its main purpose is to protect the system from kernel-level attacks, preventing unauthorized code execution, and ensuring that critical system memory, such as the XOM (eXecute Only Memory), remains secure and inviolate.
Until recently, this system had managed to maintain control, preventing attempts to decrypt system libraries and preventing significant changes to the kernel.
The study by SpecterDev
During his presentation entitled “Byepervisor: How We Broke the PS5 Hypervisor,” SpecterDev illustrated how he managed to bypass the PlayStation 5 hypervisor, paving the way for custom code execution and decrypting system libraries.
This represents an epochal change in the field of PS5 hacking, as it allows for greater system manipulation by homebrew researchers and developers.
The Recovered Vulnerabili
There are two vulnerabilities revealed (but not yet disclosed) by SpecterDev and present in the versions of the hypervisor firmware up to version 2.50.
These vulnerabilities can be exploited to get a complete hypervisor compromise and ultimately bypass XOM protections, allowing access to previously inaccessible memory.
This opens up possibilities for detailed analysis of the PS5 system and the implementation of exploits at a deeper level.
Tools and Scripts Released
To further facilitate the community of researchers and hackers, SpecterDev announced that, at the end of the presentation, scripts and tools for the system’s reverse engineering will be released.
These tools will allow developers to further explore vulnerabilities and better understand the inside workings of the PS5.
The scripts will be made publicly available and will contribute to future research and progress in the field of console hacking.
Source: biteyourconsole.net
Comments