Interested in investing time and money into PSXHAX.COM? Read More and Contact Us for details!

PSXHAX

Live in Your World, HAX in Ours!
PSXHAX
PSXHAX
Live in Your World, HAX in Ours!
Hello World! I've been reporting on Sony PlayStation hacking news since 2000 and started PSXHAX in 2014 to cover PlayStation (PSX), PlayStation 2 (PS2), PlayStation 3 (PS3), PlayStation 4 (PS4), PlayStation Portable (PSP), PlayStation Vita (PS Vita), PlayStation TV (PS TV) and next-gen PlayStation 5 (PS5) platforms along with anything else of interest.

Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM! :)
X - YouTube - Starlink (Ref) - Windscribe VPN (Ref)
PS4 *** Updated by PlayStation 4 Homebrew Developer CTurt
Following his previous PS4 Hacking work and the recent JailbreakMe PS4 4.0x exploit, PlayStation 4 homebrew developer @CTurt (Twitter) updated his open-source PS4 *** with the most recent commit details below. :ninja:

Download: PS4-***-master.zip / PS4 *** GIT (CTurt) / PS4SDK GIT (Hitodama) / MSYS64.7z (51.9 MB) / MSYS64-beta2.7z (51.9 MB) / MSYS64-beta3.7z (51.9 MB)

Update libc.h
Code: 
libPS4/include/libc.h

@@ -60,5 +60,6 @@ extern size_t (*fwrite)(const void * ptr, size_t size, size_t count, FILE *strea
 extern int (*fseek)(FILE *stream, long int offset, int origin);
 extern long int(*ftell)(FILE *stream);
 extern int (*fclose)(FILE *stream);
+extern int (*fprintf)(FILE *stream, const char *format, ...);
 
 void initLibc(void);
Update libc.c
Code: 
libPS4/source/libc.c

@@ -53,6 +53,7 @@ size_t (*fwrite)(const void * ptr, size_t size, size_t count, FILE *stream );
 int (*fseek)(FILE *stream, long int offset, int origin);
 long int(*ftell)(FILE *stream);
 int (*fclose)(FILE *stream);
+int (*fprintf)(FILE *stream, const char *format, ...);
 
 void initLibc(void) {
     int libc = sceKernelLoadStartModule("libSceLibcInternal.sprx", 0, NULL, 0, 0, 0);
@@ -108,4 +109,5 @@ void initLibc(void) {
     RESOLVE(libc, fseek);
     RESOLVE(libc, ftell);
     RESOLVE(libc, fclose);
+    RESOLVE(libc, fprintf);
 }
Cheers to @mcmrc1 in the...
Category PS4 CFW and Hacks       Author PSXHAX       Date / time Mar 31, 2017 at 9:53 PM       Replies 6
ArmaGallant: Decks of Destiny PS4 on PlayStation Store Next Week
Next week's PSN update combines deckbuilding with real-time strategy and multiplayer arena battles in ArmaGallant: Decks of Destiny for PS4 on PlayStation Store. :veryhappy:

Here's a summary from SIEA Social Media Senior Specialist Ryan Clements of what else is hitting PS Store next week!

New Releases: Week of April 4, 2017
  • Air Conflicts: Secret Wars Ultimate Edition - PS4 — Digital, Retail
  • ArmaGallant: Decks of Destiny - PS4 — Digital, Retail
  • Blackwood Crossing - PS4 — Digital
  • Bulletstorm: Full Clip Edition - PS4 — Digital, Retail (Out 4/7)
  • Drawn to Death - PS4 — Digital (Free with PS Plus)
  • Lego City Undercover - PS4 — Digital, Retail
  • Mortal Blitz - PS VR — Digital
  • PaRappa the Rapper Remastered - PS4 — Digital
  • Persona 5 - PS4, PS3 — Digital, Retail
  • Plutobi: The Dwarf Planet Tales - PS4 — Digital
  • Use Your Words - PS4 — Digital
  • Virry VR - PS VR — Digital
PlayStation Music
  • Ghost in the Shell (Music Inspired by the Motion Picture)
  • Mastodon – Emperor of Sand
  • G-Eazy – Step Brothers
PlayStation Video
  • Split (plus bonus features)
  • Teen Titans: The Judas Contract
PlayStation Vue
  • Archer- April 5 at 10/9c (FXX)
  • Colony- April 6 at 10/9c (USA)
  • Crashing- April 9 at 10:30/9:30c (HBO)
The information above is subject to change without notice.
Category PS4 News       Author PSXHAX       Date / time Mar 31, 2017 at 8:50 PM       Replies 0
PS4 NIDs and PS3 NIDs Added to Hashcat Bruteforcer by Jarveson
Following the PS3 FNIDS Python Scripts by PlayStation developer @zecoxao, today he let us know on Twitter that jarveson added PS4 NIDs and PS3 NIDs to his Hashcat bruteforcer password recovery utility. :winkxf2:

Download: Hashcat v3.40 / PS4 NIDs / PS3 NIDs

Intended for developers, the NIDs can be used with the attack tool to determine PlayStation 4 and PlayStation 3 System Firmware function names.

From the README.md: hashcat

hashcat is the world's fastest and most advanced password recovery utility, supporting five unique modes of attack for over 200 highly-optimized hashing algorithms.

hashcat currently supports CPUs, GPUs, and other hardware accelerators on Linux, Windows, and OSX, and has facilities to help enable distributed password cracking.

PS4 NIDs

include/interface.h
Code: 
@@ -1761,6 +1761,7 @@ int filezilla_server_parse_hash   (u8 *input_buf, u32 input_len, hash_t *hash_bu
 int netbsd_sha1crypt_parse_hash   (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED const hashconfig_t *hashconfig);
 int atlassian_parse_hash          (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED const hashconfig_t *hashconfig);
 int ps3_nid_parse_hash            (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED const hashconfig_t *hashconfig);
+int ps4_nid_parse_hash            (u8 *input_buf, u32 input_len, hash_t *hash_buf, MAYBE_UNUSED const hashconfig_t *hashconfig);
 
 /**
  * hook functions
src/interface.c
Code: 
@@ -240,6 +240,7 @@ static const char HT_14900[] = "Skip32";
 static const char HT_15000[] = "FileZilla Server >= 0.9.55";
 static const char HT_15100[] = "Juniper/NetBSD sha1crypt";
 static const char HT_16110[] = "PS3 Function NIDs";
+static const char HT_16111[] = "PS4 Function NIDs";
 static const char HT_99999[] = "Plaintext";
 
 static const char HT_00011[] = "Joomla < 2.5.18"...
Category PS4 Jailbreaking       Author PSXHAX       Date / time Mar 30, 2017 at 3:56 PM       Replies 6
JailbreakMe PS4 4.0x: PS4 4.0x WebKit RCE Exploit by Qwertyoruiopz!
Following the PS4 Playground for Firmware 3.55 and PS4 3.55 File Browser, today PlayStation 4 developer qwertyoruiopz made available a PS4 4.0x WebKit RCE Exploit dubbed JailbreakMe PS4 4.0x with details via Twitter below! :biggrinxf2:

PS4 Link (click go 3 times): http://rce.party/ps4/ / local rce.rar (3 KB) via Nesterwork / Local RCE v2.rar (6 KB) via Nesterwork / Local rce v3.rar (12 KB) via Nesterwork

According to the developer's Tweets below, the bug used is a stack uninit read yielding UaF and the actual exploit does nothing but give you read/write/infoleak arbitrary JS object primitives.

He also confirmed the exploit won't work on PS4 4.50 as Sony updated WebKit past a vulnerable version unfortunately, but it's still an entry point for those on PlayStation 4 OFW 3.55 through 4.07. :thumbsupxf2:

C8MRP_eXkAAwFYE.jpgThat said, if you give it a try on a PlayStation 4 under 4.50 and receive a ffff000000000539 error prompt it's expected output for the exploit's success.

Spoiler: Related Twitter Tweets
Category PS4 Jailbreaking       Author PSXHAX       Date / time Mar 29, 2017 at 2:03 PM       Replies 220
Lovers in a Dangerous Spacetime PS4 in April 2017 PS Plus Games
In addition to the PS4 shooter Drawn To Death, today Sony announced Lovers in a Dangerous Spacetime on PS4 among others will also be included in the free PS Plus games for April 2017. :D

Check out the full list below from PlayStation Plus rep James Hallahan, as follows:

PS Plus April 2017 Full Lineup:
  • Drawn To Death, PS4
  • Lovers in a Dangerous Spacetime, PS4
  • Invizimals: the Lost Kingdom, PS3
  • Alien Rage – Extended Edition, PS3
  • 10 Second Ninja, PS Vita (crossbuy with PS4)
  • Curses ‘n Chaos, PS Vita (crossbuy on PS4)
Category PS4 News       Author PSXHAX       Date / time Mar 29, 2017 at 1:47 PM       Replies 2

PSXHAX Categories

PS4 Jailbreak Status
PS5 Jailbreak Status

Share This Page

Back
Top