Live in Your World, HAX in Ours!
Hello World! I've been reporting on Sony PlayStation hacking news since 2000 and started PSXHAX in 2014 to cover PlayStation (PSX), PlayStation 2 (PS2), PlayStation 3 (PS3), PlayStation 4 (PS4), PlayStation Portable (PSP), PlayStation Vita (PS Vita), PlayStation TV (PS TV) and next-gen PlayStation 5 (PS5) platforms along with anything else of interest.
Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM!
Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM!
PS4 4.05 Offsets Now Added to Fail0verflow's Kexec GIT by Marcan
Following their PS4 Kexec Code to Load the Linux Kernel and the addition of Kaslr 3.55, 4.00 and 4.01 Support today Marcan has merged the pull request in Fail0verflow's kexec system call GIT adding the PS4 4.05 Offsets for developers! 
This comes just over a week before their Console Hacking 2016 CCC Presentation which will be Streaming Live at 23:00 on December 27, 2016.
From Fail0verflow's PS4 kexec magic.h via Github: Add 4.05 offsets
This comes just over a week before their Console Hacking 2016 CCC Presentation which will be Streaming Live at 23:00 on December 27, 2016.
From Fail0verflow's PS4 kexec magic.h via Github: Add 4.05 offsets
Code:
#ifdef PS4_3_55
#define kern_off_printf 0x1df550
#define kern_off_copyin 0x3b96e0
#define kern_off_copyout 0x3b9660
#define kern_off_copyinstr 0x3b9a50
#define kern_off_kmem_alloc_contig 0x337ea0
#define kern_off_kmem_free 0x33bca0
#define kern_off_pmap_extract 0x3afd70
#define kern_off_pmap_protect 0x3b1f50
#define kern_off_sched_pin 0x1ced60
#define kern_off_sched_unpin 0x1cedc0
#define kern_off_smp_rendezvous 0x1e7810
#define kern_off_smp_no_rendevous_barrier 0x1e75d0
#define kern_off_icc_query_nowait 0x3ed450
#define kern_off_kernel_map 0x196acc8
#define kern_off_sysent 0xeed880
#define kern_off_kernel_pmap_store 0x19bd628
#define kern_off_Starsha_UcodeInfo 0x1869fa0
#define kern_off_pml4pml4i 0x19bd618
#define kern_off_dmpml4i 0x19bd61c
#define kern_off_dmpdpi 0x19bd620
#elif defined PS4_4_00 || PS4_4_01
#define kern_off_printf 0x347450
#define kern_off_copyin 0x286cc0
#define kern_off_copyout 0x286c40
#define kern_off_copyinstr 0x287030
#define kern_off_kmem_alloc_contig 0x275da0
#define kern_off_kmem_free 0x369580
#define kern_off_pmap_extract 0x3eeed0
#define kern_off_pmap_protect 0x3f1120
#define kern_off_sched_pin 0x1d1120
#define kern_off_sched_unpin 0x1d1180
#define kern_off_smp_rendezvous 0x34a020
#define...
LudicrousBeach's Recompiled PS4 Dlclose Exploit Web Browser Patch
Over the weekend we saw Part 2 of his PS4 GTA V RTM Mod, and now PlayStation 4 developer LudicrousBeach has recompiled the PS4 1.76 Dlclose Exploit into a fixed Web Browser Patch for 1.76 OFW and under with details below. 
Download: WebBrowserPatch.bin (1.0 MB)
To quote: [Fixed] PS4 Web Browser Patch
Introduction
So myself and a few others tried the released Web Browser Patch that was released named "ps4_dev-dlclose_(Browser)_Kernel_Patch.bin", but couldn't get it to work.
Therefore I looked for the code online, implemented the dlclose exploit and compiled it.
The debug information this payload sends is sent to the IP 192.168.1.77, although not needed for the patch. if you want to view the debug information make sure you have a TCP listener on port 9023 and you have changed your PC IP to 192.168.1.77.
Note
Thanks to @lezek20 for the code:
Also thanks to @HydrogenNGU for the news tip in the PSXHAX Shoutbox! 
Download: WebBrowserPatch.bin (1.0 MB)
To quote: [Fixed] PS4 Web Browser Patch
Introduction
So myself and a few others tried the released Web Browser Patch that was released named "ps4_dev-dlclose_(Browser)_Kernel_Patch.bin", but couldn't get it to work.
Therefore I looked for the code online, implemented the dlclose exploit and compiled it.
The debug information this payload sends is sent to the IP 192.168.1.77, although not needed for the patch. if you want to view the debug information make sure you have a TCP listener on port 9023 and you have changed your PC IP to 192.168.1.77.
Note
Thanks to @lezek20 for the code:
Code:
uint64_t (*sceRegMgrSetInt)(uint32_t reg, int val) = (void *)0xFFFFFFFF8269B310;
sceRegMgrSetInt(0x3c040000, 0);
Sony Sends PSN Members $10 in PlayStation Store Holiday Credit
You read that right, if you're a PSN member and are interested in $10 of PlayStation Store credit for the holiday season check your e-mail for a redeemable voucher code that Sony is sending out to random users! 
To quote from ThisGenGaming.com: "Check your emails once again because it looks like another round of $10 PSN codes are being sent to users.
Last time the $10 codes were sent, was because you either bought a PS4 Slim or Pro within a certain time frame. This time however, it looks like email codes are being sent to anyone and is more of a Christmas gift then for any kind of reason."
Keep in mind if you get one it expires on December 24, 2016 and cheers to Banana Squad Owner and Founder @SockNastez for the news tip in the PSXHAX Shoutbox!
To quote from ThisGenGaming.com: "Check your emails once again because it looks like another round of $10 PSN codes are being sent to users.
Last time the $10 codes were sent, was because you either bought a PS4 Slim or Pro within a certain time frame. This time however, it looks like email codes are being sent to anyone and is more of a Christmas gift then for any kind of reason."Keep in mind if you get one it expires on December 24, 2016 and cheers to Banana Squad Owner and Founder @SockNastez for the news tip in the PSXHAX Shoutbox!
PS4 Retail vs DevKit / TestKit 1.76 VSH Differences by ZiL0G80
A few months back we saw a PS4 Retail vs Dev / Test Console comparison, and this weekend PlayStation 4 developer ZiL0G80 shared a PS4 Retail vs DevKit / TestKit VSH difference file comparison from 1.76 Firmware.
Download: PS4 1.76 Retail vs DevKit / TestKit VSH Diff (Thanks to HydrogenNGU for the fixed link!)
Recently a stack pivot for PS4 1.76 surfaced on Pastebin for those following at address: 0x7710e200
Also thanks to @raedoob, @VultraAID and @HydrogenNGU for the news in the PSXHAX Shoutbox!
Download: PS4 1.76 Retail vs DevKit / TestKit VSH Diff (Thanks to HydrogenNGU for the fixed link!)
Recently a stack pivot for PS4 1.76 surfaced on Pastebin for those following at address: 0x7710e200
Also thanks to @raedoob, @VultraAID and @HydrogenNGU for the news in the PSXHAX Shoutbox!
PS4 GTA V RTM Modding (Part 2) Demo Video by LudicrousBeach
Earlier this week we saw Part 1, and now PlayStation 4 developer LudicrousBeach is back with Part 2 of his PS4 GTA V Real-Time Modding (RTM) demonstration on 1.76 Firmware.
In the video's caption he reminds viewers that it is not currently possible to mod online PlayStation 4 gaming... check out all the Grand Theft Auto V modded goodness below.
PS4 - GTA V Modding (1.76) Part 2
In the video's caption he reminds viewers that it is not currently possible to mod online PlayStation 4 gaming... check out all the Grand Theft Auto V modded goodness below.
PS4 - GTA V Modding (1.76) Part 2
Code:
{
"version": 1,
"format": 0,
"poolSize": 2000,
"bonus": [
[
1130213363,
1197124675,
1197124675,
4042712927,
1197101634
],
[
460908344,
478078088,
1192486020,
2882776980,
478144137
]
],
"contentlists": [
[
-468433976,
-2021228543,
-166412830,
-17774536,
-469530768,
-57575170,
-1512162734
]
],
"tunables": {
"BASE_GLOBALS": {
"IMPEXP_SELL_POST_MOD_TRANS_TIMEOUT": [
{
"value": 90000
}
],
"IMPEXP_RUINER2_MISSILES": [
{
"value": 8
}
],
"ENABLE_VEHICLE_HELP_IELAUNCH": [
{
"value": true
}
],
"TURN_ON_TURFWARS": [
{
"value": true
}
],
"SHOP_DISCOUNT_PERCENT": [
{
"value": 100
}
],
"AVAILABLE_PURCHASE_JUMPSUIT_BLACK": [
{
"value": true
}
],
"AVAILABLE_PURCHASE_JUMPSUIT_GOLD": [
{
"value": true
}
],
"AVAILABLE_PURCHASE_JUMPSUIT_SILVER": [
{
"value": true
}
],
"NPCFLOWINVITEPLAYLISTACTIVE": [...