Xbox One hack: Xbox One Exploit Proof of Concept released

4.6
Developer unknownv2 has released a proof of concept exploit for the Xbox One. The exploit leverages a series of known vulnerabilities in the Microsoft Edge Browser (CVE-2016-7200 and CVE-2016-7241).

The Xbox One uses Microsoft’s Edge browser. Pretty much the same browser that you used once on Windows 10, to download google Chrome.

In November last year, several critical vulnerabilities were found in the Edge browser, and disclosed by Microsoft as they patched them. A proof of concept was released for these vulnerabilities by developer Brian Pak, demonstrating how to use them in an exploit.

This is known as the Chakra exploit

Hacker unknownv2 has built his Xbox One exploit on top of Brian Pak’s proof of concept. In the developer’s words:
The POC itself was mostly complete, but the first bug (CVE-2016-7200) it used was patched on the console. I used Json.Parse bug (CVE-2016-7241) to leak addresses instead and after a bit of tweaking with the values, I was able to get the correct address for the chakra.dll. From there, I modified the POC by changing the code addresses for the gadgets and the VirtualProtect function call to make the shellcode executable.


This is a userland exploit, similar to webkit exploits that many of us are familiar with. From unknownv2:

Currently the Xbox One has a sandboxed AppContainer protection just like Windows 10. Therefore, the Edge app and its code has restricted access to the file’s resources and further work is needed to escalate the process’s privileges. This could be in the form of a kernel exploit.

The sandbox is similar to the PS4 in the sense that it is limited in what you can do, but its the same thing as getting RCE on Edge on Windows 10 essentially.


Unknownv2’s exploit works on XBox One’s firmware 10.0.14393.2152 (released in December last year), according to the developer. Note that a new firmware update for Xbox One was released earlier this week, it is not clear of that firmware patches the vulnerabilities involved here.

Download Chakra exploit for XBox

Posted:
Related Forum: Xbox Forum

Source: http://wololo.net/2017/03/31/xbox-one-hack-xbox-one-exploit-proof-concept-released-based-chakra-exploit-unconfirmed/

Related Articles

Comments

"Xbox One hack: Xbox One Exploit Proof of Concept released" :: Login/Create an Account :: 34 comments

If you would like to post a comment please signin to your account or register for an account.

ReversingPosted:

Man, Theyre gonna make bank on these modded consoles.

ReevyPosted:

Most of the people commenting on this are completely clueless to what it's about lol

JayPosted:

I wouldn't say it will take years. Chances are if certain things are already cracked it's just time to fix the puzzle together. I'd say early 2018- mid 2018. TTG will be alive once again! oi oi

DanielPosted:

I really didn't want this to happen so soon or even at all to be honest but i guess its gonna happen one day.

Ill probably end up selling my xbox when its out.

HaloPosted:

Imagine once these consoles are able to be modded! :O

lolohnoeszszPosted:

Elitism Oh great all the hackers ruin our games. Thanks guys


These people aren't here to ruin your cod games they try their hardest to find exploits in the system to see IF it's possible to actually modify it. They could give two shits about games.

LokePosted:

Well it's a start at least :)

SilkyPosted:

I wonder what will happen in the future as a result of this.

TOXICPosted:

One day i think we will have a jtag xbox one the question is how many years time will this be lol

SkatesPosted:

Excited to see what the future holds for this.


Latest Downloads

Latest Tutorials