PSXHAX

Not long ago news of a PS4 Root Privilege Escalation & Prison Break / Sandbox Break PoC was confirmed, and today kr105 dropped word in the Shoutbox that a usable dlclose exploit for PS4 Firmware 1.76 is now available to compile with CTurt's open-source work!

Download: PS4-dlclose-master.zip / PS4 Dlclose GIT / GIT / Linux Loader Patch for 1.76 / bzImage / initramfs.cpio.gz by kr105 / PS4 Playground / PS4 Playground GIT / ps4link-master.zip / PS4Link GIT

• PS4 Linux Installation Guide
• How to Run PS4 Linux Ubuntu Guide with Video Demo

From the ReadMe Files: PS4-dlclose

Fully implemented dlclose exploit for PS4 fw 1.76. Compile it with CTurt's.

This is the bare working exploit, you must add your own payload code to make it do anything useful. Enjoy!

Linux loader

PlayStation 3 developer Andreas Oman updated Movian PS3 Media Center to version 5.0 today, which features a new user interface that works better with touch devices!

Download: movian-gh-5.0.pkg / movian-5.0.pkg / movian-5.0.self

To quote from the official blog via PS4 News: Movian 5.0

Finally I've decided to put the 5.0 release out. Downloads are available here.

This release comes with a new user interface which works better with touch devices as Movian is now also available in Google Play store, get it here.

Highlights from this version, in no particular order:

• New "flat" user interface
• Official Mac OS X builds (with built-in updater)
• Official Android builds (with built-in updater)
• Improved screen saver
• Better video decoding support on Raspberry Pi
• Raspberry Pi 3 supported
• Show current time in top-right corner
• Hardware accelerated video decoding on Android

Have fun!
/Andreas

Recently we reported on PS4.5 rumors, and now OsirisBlack has unofficially confirmed some additional PS4K details below.

To quote via PS4 News: "Related info from a meeting we had yesterday was waiting for it to be approved before posting.

Price is currently $399.99 they were discussing a better CPU which would raise the price to $499.99 we were guaranteed the price will be no higher than $499.99 (He mentioned the CPU upgrade quite a bit almost as if they haven't really decided on a final spec could be a pricing issue.) also there is currently no plan for any type of trade in program for current PS4 users but that could change.

They stated that the GPU is twice as powerful as standard PS4 and much faster. They did not say exactly how fast but that is was running at a higher clock speed while being much smaller than the original.

It will have a 4k blu ray player and will upscale games that are not natively 4k. Also there was talk of some sort of VR lounge for the media player app which is supposed to be getting a substantial upgrade.

It was stated plainly and with no room for interpretation that there are developers that already have development kits for the PS4K and that they are making games that will directly target and take advantage of the higher specs of the PS4K. It was also stated that these games will in fact work for the PS4 but with considerable sacrifices made to performance.

It was also made very clear that current games would not be getting any type of performance upgrades by being played on the system and any benefits to older games would come via patch per game and per developer. When asked if this was going to happen the response was "Its a possibility but doubtful with the exception of a handful of games."

We were also given a list of games that will be available at launch that will directly take advantage of the PS4K where the differences are and I will quote him "Significant."

For the PSVR

• Eve Valkyrie
• Robinson
• GT Sport

For the PS4K

• Deep Down (Thought this was dead)
• GOW4 (This was the exact abbreviation on the sheet I can only assume its god of war 4)...

Following his previous release, PlayStation 3 developer deank updated the PS3 backup game manager to MultiMAN version 04.78.01 BASE (20160125) for Custom Firmware (CFW) users alongside a mmCM 04.78.01 update from GameSonic followed by a multiMAN 04.78.02 BASE / CEX (20160328) and multiMAN 04.78.03 BASE / CEX (20160425) update!

Download: multiMAN_04.78.02_BASE_(20160328).pkg (34.63 MB) / multiMAN_04.78.02_BASE_(20160328).pkg (2.42 MB) / multiMAN_ver_04.78.02_STEALTH_(20160328).zip (33.34 MB) / multiman_480.rar (33.96 MB - 4.78 Renamed to 4.80) / multiMAN_ver_04.78.03_BASE_(20160425).pkg (35 MB) / multiMAN_ver_04.78.03_UPD_CEX_(20160425).pkg (2 MB) via j1ni0r

Previous Versions: multiMAN 04.78.00 BASE (20160125).pkg (34 MB) / multiMAN ver 04.78.01 BASE (20160328).pkg (Mirror) / multiMAN ver 04.78.01 BASE (20160328).pkg (Mirror #2) / mmCM_04.78.01_UPDATE_gamesonic.it.pkg (2.42 MB) / multiMAN ver 04.78.01 UPD CEX (20160326).pkg (Mirror) / multiMAN ver 04.78.01 UPD CEX (20160326).pkg (Mirror #2)

From...

Following the ongoing PS3 RSX Driver LV1 Reverse-Engineering Project, today PlayStation 3 developer AlexAltea shared a full RSX VRAM / IO access PS3 exploit with other developers.

Download: ps3exploit.zip

Below are the details for those interested from his post, as follows: Full RSX VRAM/IO access exploit

This allows userland/lv2 access to the entire 256 MB RSX VRAM range and the entire RSX IO address space and works on all firmwares up to the last version. Particularly interesting here, is that this allows to access the last 2 MB of VRAM, reserved only for the LV1 driver, and maybe slightly less interesting, accessing 'vsh.self' VRAM area and IO mapped memory.

## Disclaimer:

The requirements are quite hard to satisfy (many of you either don't need this, or can't run this) and it's only relevant for devs (so some don't need to care about it either). It just gives you access to something inaccessible before with userland/supervisor privileges, nothing else. That's the ONLY reason I'm posting this (and maybe the hope of someone being able to do something better with it).

## Requirements:

You need either:

• Userland entry point (e.g. Browser exploit [1], <= 4.78?) + NAND console (although probably if you have this, you already hacked it and have LV1 access).
• LV2 entry point (e.g. RSXploit [2], <= 4.45?). You will need to replace the `sys_rsx_context_attribute` LV2 syscall with the `lv1_gpu_device_map` LV1 call in the source code of the PoC provided below (and remove all the GCM library code among other things).

## Download:

Source code available here (documentation inlined as comments):

https://github.com/AlexAltea/ps3autotests/blob/master/exploits/user_vram_access/user_vram_access.cpp