PS News (Replays Added) The 35th Chaos Communication Congress (#35C3) - Everything you need to know!

Hacking and Exploiting Video Game Consoles by both Hardware and Software always had a high demand by many people, not only when we talk about Consoles who had the name "PlayStation" inside. In fact, a lot of Hacks and Exploits can come across aboard when we compare all Releases from a whole year, like in 2018. But as usual, at the end of every year, many Hackers and Developers from all different branches come together to the city of Leipzig, Germany, to present their achievements in front of the wide audience worldwide. So as for this year, the Chaos Computer Club (CCC) welcomes you to join and to participate at the 35th Chaos Communication Congress - or 35C3 in short - which will held from 27th December until 30th December 2018. And because there were always many Hacks and Exploits presented for various Consoles from the "PlayStation-Family" in the past, this Thread will give you a good overview for - as the Title already suggests - Everything you need to know to keep track to the newest "PlayStation-related" Hacks and Exploits. This Thread will also keep updated if you will miss any important presentation for example, so you will be able to watch any Stream or Presentation in repeat. So better keep this Thread here bookmarked in your Favourites. ​

Updated Coverage

• News from #35C3 - @m0rph3us1987 presents his Talk about "Exploiting PS4 Video Apps"
• News from #35C3 - @yifanlu & @DaveeFTW presents their Talk "Viva la Vita Vida"
• News from #35C3 - @AlexAltea showcases the very first Video Output from his PS4 Emulator "Orbital"

Logo of this years Chaos Communication Congress with their slogan: "Refreshing Memories"​

General Vita la Vita Vida Exploiting PS4 Video Apps Orbital PS4 Emulator Other Assembly Rooms

• 
  The 35th Chaos Communication Congress (35C3) is an annual four-day conference on technology, society and utopia organised by the Chaos Computer Club (CCC) and volunteers.
  
  The Congress offers lectures and workshops and various events on a multitude of topics including (but not limited to) information technology and generally a critical-creative attitude towards technology and the discussion about the effects of technological advances on society.
  
  The Congress takes place at
  
  • Messe Leipzig / Congress Center Leipzig (CCL)
  • Messe-Allee 1
  • 04356 Leipzig
  
  More Information
  
  • via Twitter @CCC Events
  • Schedule (Fahrplan) for #35C3
  • via 35C3 Wiki
  • Travel Information
  • Accommodation Information
  
  Streams
  
  • Overview
  • Recordings
  • Re-Live
• 
  This "Lecture" will be probably the highlight for all "PlayStation-related" Talks during the Congress since both very known Developers @yifanlu and @DaveeFTW will present you together their latest and newest achievements in Hacking the PlayStation Vita. This Talk will explain how the security inside the PSVita works and how they "finally defeated it." And their goal is also that their Talk will inspire more people like you to work and to tinker with the PSVita. So this talk shouldn't be missed out don't you think?
  
  UPDATE: This Talk is already presented, to find additional details, please click here.
  
  
  Spoiler

  Since its release in 2012, the PlayStation Vita has remained one of the most secure consumer devices on the market. We will describe the defenses and mitigations that it got right as well as insights into how we finally defeated it. The talk will be broken into two segments: software and hardware. First, we will give some background on the proprietary security co-processor we deem F00D, how it works, and what we had to do to reverse an architecture with minimal public information. Next, we will talk about hardware attacks on a real world secure hardware and detail the setup process and the attacks we were able to carry out. This talk assumes no prior knowledge in hardware and a basic background in system software. Focus will be on the methods and techniques we've developed along the way.
  
  How do you hack a device running a full featured, security hardened, and completely proprietary operating system executed on a custom designed SoC? Although the PlayStation Vita did not reach the market success of its contemporaries, it was a surprisingly solid device security-wise. Sony learned from the mistakes of PS3 and PSP and there were (mostly) no "FAIL" moments. It carried exploit mitigations that are standard today but groundbreaking for a "popular" device in 2012: SMAP, kernel ASLR, > 2 security domains, and more. Molecule was the first group to run unsigned code on the device as well as the first to hack kernel mode and TrustZone. However, to target the security co-processor (F00D), we need to bring out the big guns. Using a highly customized version of the popular ChipWhisperer hardware, we carried out hardware attacks on the device including fault injection (glitching) and side channel analysis. In a board with twelve layers, dozens of unknown ICs, and hundreds of passives, how do you even begin to attack it without any information? We will start with the basics: a whirlwind tour of the theory behind the attacks. Then we will move to the practical application: mapping out the power domains of a SoC, soldering tips for microscopic points, finding a good trigger signal, finding a glitch target, and searching the right parameters. Finally, if time permits, we will also talk a bit about how to extend our existing setup to perform side channel analysis with a few modifications.
  
  It is unfortunate that the Vita was such a niche device, but we hope this talk will inspire more people to pick it up. The Vita is dead, long live the Vita!

  
  
  • Day: 2018-12-29
  • Start Time: 16:10 PM Local Time (10:10 AM Eastern Time / 07:10 AM Pacific Time)
  • Duration: 01:00
  • Room: Borg
  • Language: en
  • iCalendar
  
  Livestream
  
  • HD (.webm)
  • HD (.m3u8)
  • SD (.webm)
  • SD (.m3u8)
  • Audio (.mp3)
  • Audio (.opus)
  • Slides (.webm)
  • Slides (.m3u8)
  
  Replay
  
  • Uncompressed Stream Dump
  • Uncompressed Stream Dump (.mp4) (please "Jump" to Minute 14:30)
  • Full Release
  • Download 1080p (.mp4)
  • Download 1080p (.webm)
  • Download 576p (.mp4)
  • Download 576p (.webm)
  • Audio (.mp3)
  • Audio (.opus)
  • Slides (.mp4)
• 
  But not only the PSVita will have it's Showcase in front of the audience. One Day before, well-known Developer @m0rph3us1987 will also showcase his achievements in "Exploiting PS4 Video Apps." As already mentioned in a previous post, this Talk will explain you how to run "Unsigned Code" on the PS4 no matter which Firmware you installed on your PS4. Hopefully this Talk will give a "Initial Ignition" to the PS4 and it's Developers to see more Homebrew Apps coming on the PS4.
  
  For more Information about the Talk, please click here.
  UPDATE: This Talk is already presented, to find additional details, please click here.
  
  
  • Day: 2018-12-28
  • Start Time: 12:00 PM Local Time (04:00 AM Eastern Time / 01:00 AM Pacific Time)
  • Duration: 00:50
  • Room: Chaos West Stage
  • Language: de (German)
  • iCalendar
  
  Livestream
  
  • HD (.webm)
  • HD (.m3u8)
  • SD (.webm)
  • SD (.m3u8)
  • Audio (.mp3)
  • Audio (.opus)
  
  Replay
  
  • Uncompressed Stream Dump
  • Uncompressed Stream Dump (.mp4) (please "Jump" to Minute 14:30)
  • Full Release
  • Download 1080p (.mp4)
  • Download 1080p (.webm)
  • Download 576p (.mp4)
  • Download 576p (.webm)
  • Audio (.mp3)
  • Audio (.opus)
• 
  The 35C3-Congress is not only about presenting your newest Achievements in front of a wide audience both in front of the people or via the Livestream. The whole Congress in General is also a nice place to meet up with other Hackers and Developers to discuss your newest Achievements just by talking with each other and drinking some coffee or beer etc. Of course everyone can join them if you will visit the Congress as well. Therefore the Organization behind the Congress gives the Hackers and Developers the opportunity to create their own - as they call it - "Assembly Rooms" where you can meet with several Hackers and Developers talking about specific topics.
  
  Well-known Developer @AlexAltea will also be there at such a Assembly talking about Emulation and by giving a new sneak-peek from his early-stage PS4 Emulator, called Orbital.
  
  For more Information about his PS4 Emulator, please click here.
  UPDATE: A Video from this Talk has been released, please click here.
  
  Source: Twitter @AlexAltea
  

  Flying to #35C3. I'll be around the emulation assembly, otherwise reachable @ 8180 (GSM): mostly CTFing, having tschunks and working on Orbital, my LLE PS4 emulator (sneak peek below). Happy holidays!

  I'll be talking about Orbital / PS4 LLE emulation at the ChaosZone stage. Today, Dec 29th, at 21:35 CET.

  
  
  Experiments in PS4 Emulation by @AlexAltea​
  
  Replay
  
• 
  fail0verflow

  ---

  d

  Like the previous years, console hackers team fail0verflow and CTF aficionado's from Eindbazen are getting together for 35C3. We hope to have some table space at the Hackcenter to set up our consoles, show off our hacks, teach people about them and play some Capture The Flag!

  Source: 0xFFA Assembly Room
  
  qwertyyoruiop

  ---

  .

  We got a KJC assembly set up at 35C3 - so come and say hi!

  Source: Twitter @qwertyoruiopz
  
  Nintenbros

  ---

  .

  We are a group of console hacking enthusiasts with a special love for the hardware provided by Nintendo. Come say hello if you want to see cool stuff about 3DS and Switch. Some of us think the Wii U is OK too.

  Source: Nintenbros Assembly Room
  
  Dolphin Emulator

  ---

  .

  Developers from the Dolphin Emulator project and some friends. We emulate the Wii/Gamecube so you can play your favorite Nintendo games in 4K. Other emulators are cool too, come say hello if you worked on one. Feel free to come over to play on our SNES and N64 consoles or bring your Nintendo Switch for some handheld gaming.

  Source: Dolphin Emulator Assembly Room
  

So which Presentation you are up for? You are welcome to discuss it in the Comments-Section.​

 

I think the PS4 presentation is going to be interesting and fun to watch.
(both are going to give some good info )

 

Yes but sadly there will be no livestream for the PS4 Event. I hope a Replay will be available as soon as when the presentation is over.

 

I will be excited for the PS3 presentation. There has been no news for Han since a very long time. I wish they do something for superslims. I wish they make hombrew enabler for superslims.

 

Would be great to get to Germany to attend it. Oh well there's always next year. And the fact I don't speak one bit of German which would make parts of the trip difficult.

 

I will be excited for the PS3 presentation. There has been no news for Han since a very long time. I wish they do something for superslims. I wish they make hombrew enabler for superslims.

Just as an FYI - this has nothing to do with the PS3. There is no presentation about the PS3..
The guys working on such a things are here at psx-place so easy to see the status. As been mention literally dozens upon dozens of times by bguerville throughout the months and no better person knows then him ..

 

Looking forward to both topics. I'm very intregued on how m0rph3us achieved his ps4 video app exploit though. Hopefully someone is able to throw up the stream shortly after??

 

Updated the Main News with two New Tabs for some who are interested.

 

It seems that there will be a Livestream of the Talk from @m0rph3us1987 regarding the PS4. I added all Livestreams in each Tab for those who are interested.

Also the iCalendar Feature can help you for making some Reminders on your Smartphone for example so you won't miss any action.

 

this Talk will explain you how to run "Unsigned Code" on the PS4 no matter which Firmware you installed on your PS4.

Is this applicable to future firmware releases as well? I know its a dumb question.

 

It seems that there will be a Livestream of the Talk from @m0rph3us1987 regarding the PS4. I added all Livestreams in each Tab for those who are interested.

Also the iCalendar Feature can help you for making some Reminders on your Smartphone for example so you won't miss any action.

Thanks Rox.

 

CAN NOT WAIT !! hopefully the live video replay can be available later on after its done

 

I can't speak German, but I'll definitely be here to watch it. (Been hyped for it all month)
This is excellent reporting @Roxanne
I can't wait for you guys to present us the details!

 

Is this applicable to future firmware releases as well? I know its a dumb question.

I think he's just going to present an entry point in which other developers will be able to port their previous stuff through it on newer firmwares, as well as possibly develop some quality homebrew.
Hopefully someone will get us a current CFW that can work with the 6.02 I've been stuck on all month, since this news first released mind you lol.

It may still be a while yet before we actually see a CFW that will work with this entry point. Or we may get an even bigger surprise. Tis the season

 

Is this applicable to future firmware releases as well? I know its a dumb question.

Only until Sony patch it, which is inevitable. Peoples said it works on 6.20 too. However, Video app is not part of the firmware so even on vulnerable fw, they can still update application alone. So be sure to have disabled all three automatic update options and download it from PlayStation Store. But of course the best way is blocked Sony servers on router (besides those with game patches).

@Zazenora If this allow to run unsigend code, it must be not only an entry point. If all of this is true, golden times for PS4 upcoming with "golden firmware" like i.e 3.60 for PSV or 3.40/3.55 for PS3.

 

As he said in the steam, this is one way to trigger a kernel exploit.

Greets.

 

So has any of you mates understood the meaning of this project? I literally have no idea how video apps could potentially help us trigger a "kernel exploit" or run an unsigned code.

 

So today is 28 Dec and we not have "kernel exploit from video app " or " Top Secret Method " what's going on???!!!!! why there is no Public way to use this Exploit. Is Fake? ( Sorry for my bad English )

 

So today is 28 Dec and we not have "kernel exploit from video app " or " Top Secret Method " what's going on???!!!!! why there is no Public way to use this Exploit. Is Fake? ( Sorry for my bad English )

Roxanne is prepping the details of todays events and what it means
Will be news on the mainpage about it soon.

so called "Top Secret Method" is junk far as i'm concerned ..........

 

Streams for Replays are now added and a Full News is also released, which you can found here --> http://www.psx-place.com/threads/ne...s-talk-about-exploiting-ps4-video-apps.21880/

Edit: The Talk is also now available on YouTube