PSXHAX.COM website and domain for sale. Contact Us with your offer!
PS4 6.02 Top Secret Method for Games Rumored Incoming via Zecoxao
For those following, this discussion is moved from the ongoing PS4 6.XX JSC_ConcatMemcpy WebKit Exploit POC thread and based on the Tweets below is not to be confused with M0rph3us1987's 35c3 Speech later this month. :ninjaxf2:

While there is no ETA just yet, established PlayStation scene developer @zecoxao announced on Twitter the following from the embedded Tweets below to quote:

"Top Secret method for ps4 6.02 coming soon..." followed by "reminding everyone that this is a method, NOT an exploit. it'll only be good for things like games, nothing else" and also "once it's patched, it'll be over again."

This rumored 6.02 PlayStation 4 method has also been confirmed as working on 6.20 now, and comes following both the Method to Handle PS4 Fake PKGs & SELF / FSELF and PS4 PKG Install from Internal HDD via FTP & BGFT Method by PS4 scene developer @flatz.

M0rph3us1987 to Speak at 35c3 on Exploiting PS4 Video Apps (All FW)
Those on PlayStation 4 Firmware above 5.05 who are curious about PS4 exploits will be pleased to hear that following his PS4NES v1.01 update developer m0rph3us1987 is scheduled to speak at this month's 35c3 Chaos Communication Congress 2018 hacking event about exploiting PS4 Video Apps in order to run unsigned code regardless of the firmware version installed! :lovexf2:

The 35th Chaos Communication Congress (35c3) 4-day event runs from December 27th to the 30th 2018 in Leipzig Germany with pre-sale tickets and additional details available for those interested in attending.

Download: Relive Exploiting PS4 Video Apps – 35C3 Streaming.mp4 (379 MB - Starts at 16:06)

To quote from the 35c3 Event Page, roughly translated: Exploiting PS4 Video Apps
"Video Apps on the PS4 are something wonderful. In this talk, I'll show you how to exploit them to run your own unsigned code (regardless of the firmware version installed). Step by step I show what problems I stood at the beginning of my entry into the PS4 scene and how I have these, in order to reach the goal, have solved.

Almost three years ago, my wife gave me a PS4 for my birthday. She could not have guessed that I would do anything with the console, just do not gamble. This talk will be about the project with which I set foot in the PS4 underground scene.

Step by step we will see what was needed to run unsigned code on a foreign / unknown system. I will explain the exploit and its steps in as much detail as possible, and thus show that software exploits are not magic but a...
PS4 6.XX JSC_ConcatMemcpy WebKit Exploit POC via C0rpVultra
Since his PS4 Notification Tool release, developer @Wultra (aka C0rpVultra on Twitter) has been testing vulnerabilities and found that a JSC_ConcatMemcpy_InfoLeak WebKit exploit reported by externalist affects PlayStation 4 consoles running PS4 Firmware 6.00, PS4 Firmware 6.02 and even Sony's latest PS4 Firmware 6.10 Beta system software and documented these findings on his repository below with a PS4_JSC_ConcatMemcpy_POC. :geekxf2:

Download: PS4_jsc_ConcatMemcpy_POC-master.zip / Live Demo / Mirror by @EdiTzZ / GIT / CVE-2018-4358

:alert: Needless to say this is a 6.XX PS4 WebKit (Userland) exploit and not a Kernel-level exploit, meaning until a fully implemented 6.XX Kernel exploit is publicly available you won't be able to jailbreak these PlayStation 4 consoles so don't update!

PS4 6.02 Webkit InfoLeak Meme - [object Object] address: 0x200f88100
PS4_JSC_ConcatMemcpy_POC
  • ...
PlayStation Classic is Hacked, PS Classic Game Swapping Videos!
Following the PS Classic Teardown, it's been only a few days since the official PlayStation Classic Launch and already Sony's mini PlayStation Classic console has been hacked with PS Classic hackers demonstrating PlayStation game swapping videos of the feat! :lovexf2: :bananaman6:

According to a Twitter reply from yifanlu when asked if Sony botched up PS Classic security signing with public keys, he stated "No rather they used GnuPG to sign/encrypt and they left in their private keys." :laughxf2:

Below is the latest progress / videos from bakueikozo, nvsofts, puhitaku, yifanlu and others including anima22 via emuonpsp demonstrating a PlayStation Classic root shell through the UART serial connection with a start.sh script and replacing / swapping out stock games such as Battle Arena Toshinden with their own including a Crash Bandicoot (Prototype) to get them running on the PlayStation Classic! :thumbsupxf2:

EMMC dump of PlayStation Classic with SD card reader-[Extra edition] dump PlayStation Classic EMMC-Zopfcode
Finally connected
PlayStation Classic, I tried to put the shell to rewrite eMMC
I rewrite the root of the/etc/passwd to laugh and the timing is too same www after, because it is a style that does not fear God, the w that is mounted and rewritten in the D0 connection without taking backup of the dump, Since...
PS4 Payload Sender Version 4.0 Update Released by Robglez
Proceeding his last revision, today PlayStation 4 developer @robglez updated his PS4 Payload Sender to version 4.0 with the changes outlined below via Twitter. :fire:

Download: 4.0 PS4 Payload Sender 11192018 740 signed.apk (2.3 MB)

PS4 Payload Sender 4.0 Changes:
  • New UI
  • Recoded
  • New Setup Wizard
  • New Personal PS4 information activity
  • Optional Product sans font
  • Settings are now automatically applied
  • Full changelog in Settings > Changelog
Back
Top