In this project you will find a full implementation of the "ipv6 uaf" kernel exploit for the PlayStation 4 for firmwares 7.00 - 7.02. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. will launch the usual payload launcher (on port 9020).
The following patches are applied to the kernel: 1) Allow RWX (read-write-execute) memory mapping (mmap / mprotect) 2) Syscall instruction allowed anywhere 3) Dynamic Resolving (
sys_dynlib_dlsym) allowed from any process 4) Custom system call #11 (
kexec()) to execute arbitrary code in kernel mode 5) Allow unprivileged users to call
setuid(0)successfully. Works as a status check, doubles as a privilege escalation.