So as many of you already (around 30k+) have installed HENkaku 変革 and I know what your thinking…. Whats next??
Well Yifan Lu has put that ball in your court by introducing the HENkaku KOTH Challenge! This is an awesome chance for you the user to be part of this amazing and wonderful hack.
Now the task at hand will not be an easy on and you may want to be up for the challenge but if you are brave, smart and determined enough then this is right up your alley.
Yifan Lu had this to say on his site. You can find the full post here.
CTF challenges are common in the hacking community. The goal is to hack a system in a controlled environment to get a “flag” and is a fun and educational experience. I highly recommend it to anyone interested in security. We are hosting a variation of this challenge. The first king-of-the-hill challenge will take place on Vita Island.
The idea is as follows: we (molecule) are currently the kings of the hill. You (challenger) can claim the throne by reversing our hack (HENkaku) and explaining it. Once we have been knocked off, we will post all our source code, build scripts, and a special bonus… We won’t say what it is yet, but it can be claimed by anyone who beats the challenge (not just the first) and is only valuable to people who have an interest in the Vita and Vita hacking. Since all the “prizes” are available to everyone and not just the first, we strongly encourage collaboration.
To make the challenge as interesting as possible, we used minimal obfuscation in our code. The goal isn’t to see who can write the best deobfuscation tool but to invite all the skilled security researchers of the world to look at what we believe is one of the most secure device on the market today. Therefore most of the difficulties in the challenge will be posed by the system and not us.
The source for HENkaku will be released in parts. Today, we released the files for offline hosting. This allows the challengers to start in reversing our code and also allows for anyone to mirror HENkaku. It also allows those with slow or intermittent internet access to use HENkaku.
Next, when someone completely reverses the second stage ROP and explains properly how it works, we will release the source code up to that point as it might aid in the next part. I don’t think it would take more than a couple of weeks for someone to get to this point. Some questions to be thinking about are: how do we manage to run unsigned code? do we get kernel access? if so, how? if not, what other ways are there?
Finally, when someone figures out the entire HENkaku installation process, we will release all our source and tools. I hope this would be done in no longer than a couple of months (if interest takes off) however it may take a year (if there is minimal interest).
You need to host two things: the first stage ROP and the second stage dynamic ROP. The first stage is just static HTML/JS and can be hosted using any means. The second stage must run our custom server. We provided a PHP and Go implementation (Go is recommended as it can handle ~1000x more requests per second).
Download: Offline hosting
With the prize that is up for grabs I feel you all should do your best and try to crack the code.
I also think you all who have the skill or the willingness to learn about this should try it never hurts to try and the more of us that try and work together the more will be found out.
This will be the rebirth of the vita in so many ways and we should all do our part this make this happen.
So I call to you all hackers, modders, tinkerers, and and explorers to power on your minds and let’s see what you all have got in store for the future.
Let us know below what you think and if you will be giving it a shot we would love to hear from you and good luck to you all.
Thanks for reading and keep doing it for the love of the game.