Articles

PlayStation 2

• Yabasic
• FreeDVDBoot

PlayStation 4

My jouney of achieving the first public kernel exploit (2015):

• Part 1 - Introduction to PS4's security, and userland ROP
• Part 2 - Userland code execution
• Part 3 - Kernel exploitation

• sys_dynlib_prepare_dlclose kernel exploit

PlayStation 5

mast1c0re: Hacking the PS4 / PS5 through the PS2 Emulator (2022):

• Part 1 - Escape
• Part 2 - Compiler Attack

FreeBSD

• Analysis of CVE-2016-1886, SETFKEY FreeBSD kernel vulnerability
• Analysis of CVE-2016-1887, sendmsg FreeBSD kernel heap overflow
• Analysis of stack disclosure vulnerabilities in FreeBSD compatibility layers

Nintendo

• shogihax - Remote Code Execution on Nintendo 64 through Morita Shogi 64

Apple

• bindValue - JSC UaF RCE

Web

• How I hacked an online Poker site!
• Can you use StackOverflow to find bugs at scale?