Jump to content
Reidenschi

LIBXML2 stack overflow?

Recommended Posts

Someone found libxml2 vunerability: 

http://wololo.net/talk/viewtopic.php?f=63&t=45831

https://bugzilla.gnome.org/show_bug.cgi?id=765207

 

I'm very interesting in new ps4 exploit, but have low skills in exploitation. Can anyone write right xml I can taes on 2.57 fw?

Share this post


Link to post
Share on other sites
50 minutes ago, Reidenschi said:

Someone found libxml2 vunerability: 

http://wololo.net/talk/viewtopic.php?f=63&t=45831

https://bugzilla.gnome.org/show_bug.cgi?id=765207

 

I'm very interesting in new ps4 exploit, but have low skills in exploitation. Can anyone write right xml I can taes on 2.57 fw?

 

 

why dont you setup khali linux use the xml exploit it's pretty easy to setup and learn, virtual box the linux and learn via google. that's how i learned coding when i was 14/15 and now im 33 lol 

 

@cfwprophet done a nice tutorial on how to do coding for beginners on this forum, 

Share this post


Link to post
Share on other sites

I know how to coding, I didnt understand ways of exploitation and didn't found sane manual. 

I little know xml, its some sort of tagget document, but dont understand how to use it for exploitation. 

and another one thing: I can only replace ps4-updatelist.xml file, didn't have access to webbrowser of ps4 - need log in PSN

Share this post


Link to post
Share on other sites
34 minutes ago, Reidenschi said:

I know how to coding, I didnt understand ways of exploitation and didn't found sane manual. 

I little know xml, its some sort of tagget document, but dont understand how to use it for exploitation. 

and another one thing: I can only replace ps4-updatelist.xml file, didn't have access to webbrowser of ps4 - need log in PSN

 

 

if you dont have access to psn then it is useless as you need it to run the exploit 

Share this post


Link to post
Share on other sites

why? this is are not webkit exploitation, isnt it?

 

Share this post


Link to post
Share on other sites
16 minutes ago, Reidenschi said:

why? this is are not webkit exploitation, isnt it?

 

 

 

no it's an really really really old exploit https://www.google.co.uk/#q=libxml2+exploit 

 

https://www.rapid7.com/db/search?q=CVE-2015-7942 <--- freebsd and linux been patched,

 

The only way i guess if you was on 1.00 anything above 1.76 will be patched.

 

for xml to run you will need to have browser to work and all apps or redirect the xml to think its online

Share this post


Link to post
Share on other sites

so, its little chance exploit didn't patched on 2.57. really bad news. I can redirect ps4 to my own ps4-updatelist.xml and go online, but then I try  open browser its redirect to psn login.

 

 

Share this post


Link to post
Share on other sites
6 minutes ago, xxmcvapourxx said:

 

 

no it's an really really really old exploit https://www.google.co.uk/#q=libxml2+exploit 

 

https://www.rapid7.com/db/search?q=CVE-2015-7942 <--- freebsd and linux been patched,

 

The only way i guess if you was on 1.00 anything above 1.76 will be patched.

 

for xml to run you will need to have browser to work and all apps or redirect the xml to think its online

 

 

I thought the exploit was CVE-2016-3627 which is only two months old ?

Share this post


Link to post
Share on other sites

is this 100% patched on 3.50?

Share this post


Link to post
Share on other sites

oh, i didnt read carefully. Yep its CVE-2016-1762

Share this post


Link to post
Share on other sites
7 minutes ago, Reidenschi said:

oh, i didnt read carefully. Yep its CVE-2016-1762

Actually it might be CVE-2016-3705, he stated that he found the bug whilst working on CVE-2016-3627, regardless, it doesn't seem to be as old as @xxmcvapourxx thinks it is, here are some links:

http://seclists.org/oss-sec/2016/q2/191

https://bugzilla.gnome.org/show_bug.cgi?id=765207

 

Share this post


Link to post
Share on other sites

i'm at work now, but at free time will test this file https://bugzilla.gnome.org/attachment.cgi?id=327227 

 

 

So I redirect request for ps4-updatelist.xml to file from bugzilla with Charly proxy, but console just say what she cant connect update server. If anyone didnt test it on 3.50 FW i will try it later, tomorow maybe

 

test: http://192.168.11.112:8000/cgi-bin/repo.py

Edited by Reidenschi

Share this post


Link to post
Share on other sites

testing on 3.50 FW: didn't work for me

 

openinig xml file from bugzilla (repo2.xml) by browser of ps4 and I got same error as on my windows PC in chrome - syntaxis error

 

then on python server copyed python script from bugzilla and repo.xml to cgi-bin directory and tryng to open script from con by webbrowser - just white rectangle nothing else, but "helloworld" script working correctly

Share this post


Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now


Play-Asia.com - Play-Asia.com: Online Shopping for Digital Codes, Video Games, Toys, Music, Electronics & morePlay-Asia.com - Play-Asia.com: Online Shopping for Digital Codes, Video Games, Toys, Music, Electronics & more

×