Change system to support multiple firmware versions

Author: Al-Azif

html/error.html

@@ -1,25 +1,3 @@
-<!--
-Copyright (c) 2017-2018 Al Azif, https://github.com/Al-Azif/ps4-exploit-host
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--->
 <!DOCTYPE html>
 <html>
 <head>
@@ -43,4 +21,26 @@
 <div class="message">%(explain)s</div>
 </div>
 </body>
-</html>
+</html>
+<!--
+Copyright (c) 2017-2018 Al Azif, https://github.com/Al-Azif/ps4-exploit-host
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+-->

html/exploits.html

@@ -2,38 +2,34 @@
 <html>
 <head>
 <meta charset="utf-8">
-<title>Select Exploit | PS4 Exploit Host by Al Azif</title>
+<title>*</title>
 <link rel="stylesheet" href="/static/style.css">
+<script src="/static/script.js"></script>
 <script>
-var data = [{{EXPLOITS}}];
+var data = JSON.parse('{{EXPLOITS}}');
+var exploitBase = "/exploits/";
 
-var exploits = '';
-x = 0;
-for (var i = 0, len = data.length; i < len; i++) {
-  x += 1;
-  exploits += '<a href="/exploits/' + data[i] + '/"><button class="btn btn-main">' + data[i] + '</button></a>';
-  if (x >= 3) {
-    exploits += '<br>';
-    x = 0;
-  }
-}
+var firmwares = getFirmwares();
 
 window.onload = function() {
-  document.getElementById("buttons").innerHTML=exploits;
+  if(window.location.hash) {
+    firmwareSelected();
+  } else {
+    resetPage();
+  }
 }
 </script>
 </head>
-<body>
+<body onhashchange="firmwareSelected()">
 <div id="wrapper">
 <div id="contentWrapper">
 <div id="contentHeader">
-<div><h1>PlayStation 4 Exploit Host</h1><a href="/static/about.html" class="about">About</a></div>
+<h1 id="title">*</h1>
 </div>
 <div id="content">
 <div id="contentBody">
-<h2>Exploits</h2>
+<h2 id="header">*</h2>
 <div id="buttons"></div>
-<iframe id="ifr"></iframe>
 </div>
 </div>
 </div>

html/ps4-updatefeature.html

@@ -1,25 +1,3 @@
-<!--
-Copyright (c) 2017-2018 Al Azif, https://github.com/Al-Azif/ps4-exploit-host
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--->
 <!DOCTYPE html>
 <html>
 <head>
@@ -45,4 +23,26 @@ <h3>Main features:</h3>
 </div>
 </div>
 </body>
-</html>
+</html>
+<!--
+Copyright (c) 2017-2018 Al Azif, https://github.com/Al-Azif/ps4-exploit-host
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+-->

start.py

@@ -137,24 +137,25 @@ def exploit_matcher(self):
         self.my_sender('text/html', data)
 
     def exploit(self):
-        path = unquote(self.path.rsplit('/', 1)[-1])
-        if not path or path == '/':
-            path = 'index.html'
-        which = unquote(self.path.rsplit('/')[-2])
-        mime = mimetypes.guess_type(path)
+        path = unquote(self.path.split('/', 2)[-1])
+        if path[-1:] == '/':
+            path += 'index.html'
+        mime = mimetypes.guess_type(self.path.rsplit('/', 1)[-1])
         if mime[0]:
             mime = mime[0]
         else:
             mime = 'application/octet-stream'
-        with open(os.path.join(EXPLOIT_LOC, which, path), 'rb') as buf:
+        with open(os.path.join(EXPLOIT_LOC, path), 'rb') as buf:
             data = buf.read()
         if path == 'index.html':
             data = data.replace(b'0.0.0.0', bytes(get_lan(), 'utf-8'))
         self.my_sender(mime, data)
 
     def static_request(self):
-        path = unquote(self.path.rsplit('/', 1)[-1])
-        mime = mimetypes.guess_type(path)
+        path = unquote(self.path.split('/', 2)[-1])
+        if path[-1:] == '/':
+            path += 'index.html'
+        mime = mimetypes.guess_type(self.path.rsplit('/', 1)[-1])
         if mime[0]:
             mime = mime[0]
         else:
@@ -178,19 +179,31 @@ def payload_launcher(self):
 
     def inject_exploit_html(self, html):
         try:
-            exploits = os.listdir(EXPLOIT_LOC)
-            if 'PUT EXPLOITS HERE' in exploits:
-                exploits.remove('PUT EXPLOITS HERE')
-            exploits.sort()
-            if len(exploits) == 0:
-                return html
-            elif len(exploits) == 1:
-                data = '"{}"'.format(exploits[0])
+            firmwares = os.listdir(EXPLOIT_LOC)
+            if 'PUT EXPLOITS HERE' in firmwares:
+                firmwares.remove('PUT EXPLOITS HERE')
+            firmwares.sort()
+            if len(firmwares) == 0:
+                return html.replace(b'{{EXPLOITS}}', '{"firmwares": ["No Exploits Found"]}')
+            elif len(firmwares) == 1:
+                data = '{"firmwares": ["{}"]}}'.format(firmwares[0])
             else:
-                data = '"' + '", "'.join(exploits) + '"'
+                data = '{"firmwares": ["' + '", "'.join(firmwares) + '"]}'
+
+            for firmware in firmwares:
+                exploits = os.listdir(os.path.join(EXPLOIT_LOC, firmware))
+                exploits.append('[Back]')
+                if len(exploits) == 1:
+                    data = data[:-1]
+                    data += ', "{}": ["{}"]}}'.format(firmware, exploits[0])
+                else:
+                    data = data[:-1]
+                    data += ', "{}": ["'.format(firmware)
+                    data += '", "'.join(exploits) + '"]}'
+
             data = bytes(data, 'utf-8')
         except IOError:
-            pass
+            return html.replace(b'{{EXPLOITS}}', '{"firmwares": ["I/O Error on Host"]}')
 
         return html.replace(b'{{EXPLOITS}}', data)
 
@@ -201,7 +214,11 @@ def check_ua(self):
             'Mozilla/5.0 (PlayStation 4 4.05) AppleWebKit/537.78 (KHTML, like Gecko)',
             'Mozilla/5.0 (PlayStation 4 5.05) AppleWebKit/537.78 (KHTML, like Gecko)',
             'Mozilla/5.0 (PlayStation 4 4.55) AppleWebKit/601.2 (KHTML, like Gecko)',
-            'Mozilla/5.0 (PlayStation 4 5.05) AppleWebKit/601.2 (KHTML, like Gecko)'
+            'Mozilla/5.0 (PlayStation 4 5.05) AppleWebKit/601.2 (KHTML, like Gecko)',
+            'Mozilla/5.0 (PlayStation 4 5.01) AppleWebKit/601.2 (KHTML, like Gecko)',
+            'Mozilla/5.0 (PlayStation 4 5.03) AppleWebKit/601.2 (KHTML, like Gecko)',
+            'Mozilla/5.0 (PlayStation 4 5.05) AppleWebKit/601.2 (KHTML, like Gecko)',
+            'Mozilla/5.0 (PlayStation 4 5.50) AppleWebKit/601.2 (KHTML, like Gecko)'
         ]
 
         if self.headers['User-Agent'] in allowed:
@@ -241,7 +258,7 @@ def do_GET(self):
         except IOError:
             self.send_error(404)
 
-        if self.path.rsplit('/', 1)[-1] == 'kernel.js':
+        if self.path.rsplit('/', 1)[-1] == 'rop.js':
             print('>> Exploit sent...')
             try:
                 payloads_file = os.path.join(EXPLOIT_LOC, self.path.rsplit('/', 2)[-2], 'nopayloads')

static/script.js

@@ -0,0 +1,80 @@
+function isInArray(value, array) {
+  return array.indexOf(value) > -1;
+}
+
+function updatePage(title, header, buttons) {
+  document.title = title + " | PS4 Exploit Host by Al-Azif";
+  document.getElementById("title").innerHTML = title;
+  document.getElementById("header").innerHTML = header;
+  document.getElementById("buttons").innerHTML = buttons;
+}
+
+function resetPage() {
+  history.pushState("", document.title, window.location.pathname + window.location.search);
+  updatePage("Firmware Selection", "Firmware", firmwares);
+}
+
+function getFirmwares() {
+  var firmwares = "";
+  x = 0;
+  for (var i = 0, len = data["firmwares"].length; i < len; i++) {
+    x += 1;
+    firmwares += "<a href=\"#" + data["firmwares"][i] + "\"><button class=\"btn btn-main\">" + data["firmwares"][i] + "</button></a>";
+    if (x >= 3) {
+      firmwares += "<br>";
+      x = 0;
+    }
+  }
+  return firmwares;
+}
+
+function getExploits() {
+  var hash = window.location.hash.substr(1);
+  var exploits = "";
+  x = 0;
+  for (var i = 0, len = data[hash].length; i < len; i++) {
+    x += 1;
+    if (data[hash][i] == "[Back]") {
+      exploits += "<a href=\"#back\"><button class=\"btn btn-main\">" + data[hash][i] + "</button></a>";
+    } else {
+      exploits += "<a href=\"" + exploitBase + hash + "/" + data[hash][i] + "/index.html\"><button class=\"btn btn-main\">" + data[hash][i] + "</button></a>";
+    }
+    if (x >= 3) {
+      exploits += "<br>";
+      x = 0;
+    }
+  }
+  return exploits;
+}
+
+function firmwareSelected() {
+  var hash = window.location.hash.substr(1);
+  if (!isInArray(hash, firmwares)) {
+    resetPage();
+  } else {
+    var exploits = getExploits();
+    updatePage("Exploit Selection", hash, exploits);
+  }
+}
+/*
+Copyright (c) 2017-2018 Al Azif, https://github.com/Al-Azif/ps4-exploit-host
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/

static/style.css

@@ -1,25 +1,3 @@
-/*
-Copyright (c) 2017-2018 Al Azif, https://github.com/Al-Azif/ps4-exploit-host
-
-Permission is hereby granted, free of charge, to any person obtaining
-a copy of this software and associated documentation files (the
-"Software"), to deal in the Software without restriction, including
-without limitation the rights to use, copy, modify, merge, publish,
-distribute, sublicense, and/or sell copies of the Software, and to
-permit persons to whom the Software is furnished to do so, subject to
-the following conditions:
-
-The above copyright notice and this permission notice shall be
-included in all copies or substantial portions of the Software.
-
-THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
-EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
-MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
-NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
-LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
-OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
-WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
-*/
 html {
     height: 100%;
 }
@@ -109,3 +87,25 @@ ul.default li {
     color: white;
     border-radius: 8px;
 }
+/*
+Copyright (c) 2017-2018 Al Azif, https://github.com/Al-Azif/ps4-exploit-host
+
+Permission is hereby granted, free of charge, to any person obtaining
+a copy of this software and associated documentation files (the
+"Software"), to deal in the Software without restriction, including
+without limitation the rights to use, copy, modify, merge, publish,
+distribute, sublicense, and/or sell copies of the Software, and to
+permit persons to whom the Software is furnished to do so, subject to
+the following conditions:
+
+The above copyright notice and this permission notice shall be
+included in all copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,
+EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF
+MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND
+NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
+LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION
+OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION
+WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
+*/