Category PS4 CFW and Hacks       Thread starter PSXHAX       Start date Mar 13, 2018 at 12:30 PM       27,754       39            
Yesterday we saw an ESP Host PS4 Payloads Guide, and today mallrats let us know of a recent project of his (aka Treyjazz) dubbed ESPS4ExploitServer- a PS4 Exploit Server for ESP8266 Arduino boards. (y)

Download: PS4Exploit.zip / GIT / ESPS4ExploitServer fork by 5u770n

To quote from the README.md: ESPS4ExploitServer

This is a project for ESP8266 Arduino boards. It has been tested on a (cloned?) Wemos D1 board with 4MByte flash. It uses SPIFFS to load files from the flash chip but can easily be ported to use an SD addon board.

Setting up the board:
  • Install the Arduino IDE if you don't already have it
  • Start the Arduino IDE Install the ESP8266 library
  • Install the ESP8266 Filesystem Uploader - http://www.instructables.com/id/Using-ESP8266-SPIFFS/
  • Restart the Arduino IDE Plug in the board and install the drivers for it
  • Under Tools: Select the board that is appropriate
  • Select the COM port the board is attached to (can be found in the Device Manager in Windows)
  • Select the Flash Size - The code is pretty small so you can use the option that has the most memory saved for SPIFFS Ex: 4M (1M/3M SPIFFS)
  • Load the .ino from the downloaded directory
  • In the /data directory place the payloads that Unplug the board and hold down the Flash button while you plug it back in
  • Under Tools, select ESP8266 Sketch Data Uploader
  • If there is an error in transferring then unplug the board and hold the Flash button while plugging it back in again
  • If there is an error in creating the SPIFFS then you have files adding up to too much memory for what your board so remove some
  • Unplug the board and plug it back in Under Sketch, select Upload
If you need to add/remove SPIFFS files then always use the Sketch Data Uploader before you upload the sketch. There seems to be a bug that will trash the data in the program area of flash when you upload to the SPIFFS area in flash and the board won't run without the sketch being uploaded again.

Usage:

It defaults to creating an access point 'ps4exploit' with password 'hackmyps4'. Set your PS4 gateway and DNS to 10.13.37.1 when the board is in AP mode. To change the configuration open a web browser to http://10.13.37.1/settings.

Note that it is an unsecured webpage so the password for a wifi network that is entered in will be saved in plain text, but will only be accessible to those that can log onto the network already. In station mode, the IP for the board will attempt to use the default static IP containing '235'. Ex: 192.168.1.1 with subnet mask 255.255.255.0 will try the static IP of 192.168.1.235

Settings:

Selection of wifi mode - AP/Station AP - Network name, password Station - Available networks, password, static IP Payload - Selection of available payloads loaded in flash

Operation:

It creates a web server and fake DNS server that resolves everything back to itself. It defaults back to sending the index.html on any request that doesn't match a file loaded into flash. SPIFFS doesn't allow for directories so the names of the different exploit pages and scripts (and references in their htmls) had to be renamed. Keep this in mind when adding new exploit pages.

If other payload exploit pages are released you must add some code to set JS_MAX to the number of .js files loaded by the page to trigger the automatic payload setting. After the IDC or Specter exploit pages are loaded through a web browser (or user manual on PS4), the payload transfer will automatically start after a 1s wait. If it fails with a not enough memory error then it is best to restart the PS4 because it typically causes a soft-lock on the XMB after repeated attempts.

Failsafes (useful for when you can't reprogram the board): Programmatically - If the board can connect to a wifi station then it will revert back to AP mode If the static IP you select conflicts with the network you connect to then the network will assign one Physically - Bridging D6 to GND while plugging the board into a power source will force it to load up the default AP settings so you can change the network settings (http://10.13.37.1/settings)

Known bugs: The LED doesn't turn on steady after files are transferred (I think the problem is somewhere in the ESP8266 library) Sometimes after a failed payload transfer the board will be stuck in a loop and need to be reset if you can't connect.
Download: ESP8266 ESP32 HTTP OTA server / GIT

Download: Ps4Exploit-455-By-Draqen-v1.2 for esp8266EX.bin (4.0 MB) / nodemcu-pyflasher-v3.0 / Ps4Exploit-455-By-Draqen-v1.3 for esp8266EX.bin (4.0 MB) / Draqen-Esp8266-405.bin (4.0 MB) / Draqen-Esp8266.bin (4.0 MB) / Draqen-Esp8266-405.bin (4.0 MB) / ESP8266_Simple_455.bin (4.0 MB) / ESP8266_Simple_405.bin (4.0 MB) / Draqen-Esp8266-405.bin (4.0 MB) / Draqen-Esp8266.bin (4.0 MB)

Download: ESP8266XploitHost_fixed2.zip (14.2 MB) / c0d3m4st4_ESP8266XploitHost_nodemcu_1.0b4.zip (967 KB) / c0d3m4st4_ESP8266XploitHost_v1_final.zip (865 KB) / c0d3m4st4_ESP8266XploitHost_v2.0b.zip (1.7 MB) / c0d3m4st4_ESP8266XploitHost_v2.0b2.zip (1.7 MB) /
c0d3m4st4_ESP8266XploitHost_v2.1.zip (1.9 MB)

Finally, from UrbanAnonymous comes a guide on ESP8266 MAC OSX Installation and Flashing for PS4, to quote:

So I am at my core a Windows PC person, but recently I have forced myself to only use a mac to become more familiar with OSX. I am constantly running into situations where I have to figure out how to make things work that only have explanations for windows installs, this is one of them. So for all the time I spent getting the 8266 to connect to my mac and actually complete the process I figured I would compress what I have learned into a tutorial.

Before I start I want to point out that I am running OSX HIGH SIERRA. The drivers for the ESP8266 may differ depending on what version of OSX u are running and the specific ESP8266 chip you have. You can look on the back of the printed circuit and most will tell you what drivers are needed.

INSTALLING THE ESP8266 ON OSX

FILES TO INSTALL:

DRIVER INSTALLATION

So now that you have all the files your gonna need your going to want to install the driver for the esp8266 by selecting and unzipping the driver file u previously downloaded. Once unzipped select the .pkg file and install the drivers. after you are done restart your mac. You should now be able to go to your system information and see the esp8266 under the usb tab. If you are not familiar with how to do this you'll need to go to the apple symbol in the top left corner and select about this mac. It should look something like this.

ESP8266 MAC OSX Installation and Flashing for PS4 1.png

Then select system report. Once you are in the system report, select the USB tab on the left side of the screen.

You should see something similar to this if the driver installation was successful.

ESP8266 MAC OSX Installation and Flashing for PS4 2.png

There should be a USB 2.0 device. If you do not see this you can try and find the correct driver for your OSX version or you can comment on this post and ill try my best to help you troubleshoot the issue.

Now you are ready to flash the esp8266 using the NodeMCU-PyFlasher program you previously downloaded. So go ahead and open up the program.

FLASHING PROCEDURE

At this point you should have NodeMCU-PyFlasher open, the rest of this process is pretty simple. your going to want to unzip the firmware file u downloaded (either c0d3m4st4 or RetroGamer74) so that you can load the .BIN file into the flashing software.
  1. Select the ESP8266 from the drop down menu labeled serial port. My ESP8266 was listed as /dev/cu.wchusbserial1410 (yours may be different).
  2. For NodeMCU Firmware Select the bin file u recently unzipped. i used c0d3m4st4 which is what you will see in the screenshot below.
  3. For the Baud rate setting i used the default which is 115200. Alternatively you con look on the back of the printed circuit (on most versions) for the recommended rate.
  4. Flash mode should be set to Dual I/O (DIO).
  5. For the erase flash option select "yes, wipes all data".
  6. Now your going to want to click Flash NodeMCU.
If everything was done correctly you should see something similar to this.

ESP8266 MAC OSX Installation and Flashing for PS4 3.png

We now want to plug the ESP8266 into the PS4 and turn on the system.

PS4 CONFIGURATION

NETWORK CONFIGURATION FOR C0D3M4ST4'S .BIN
  1. Go to Settings > Network > Set up internet connection > Use WIFI.
  2. Select easy then wait for available networks to load.
  3. once networks are loaded choose “ESP8266XploitHost”
  4. Use Password “ps4xploit” (without the quotes).
  5. Test connection, and you are done.
  6. After that, open the user guide to access the exploit. You can also use it from the PS4 web browser. Just type 13.37.13.37 in the address bar.
NETWORK CONFIGURATION FOR RETROGAMER74'S .BIN
  1. Go to Settings > Network > Set up internet connection > Use WIFI.
  2. Select custom then wait for available networks to load.
  3. Once loaded choose "PS4_WIFI"
  4. Leave all the setting as the default except primary and secondary DNS.
  5. Set the primary DNS to 10.10.10.1 and do the same for the secondary.
  6. Test connection and you are done. After that, open the user guide to access the exploit.
Much thanks to everyone who has contributed to the progression of this device in correlation to the scene. Your hard work is much appreciated.

ESPS4ExploitServer ESP8266 Arduino PS4 Exploit Server by Treyjazz.jpg
 

Comments

zerodevide

EZ !
Senior Member
Contributor
Verified
can someone give me a short tutorial for a complete noob?
I have the esp8266 and nothing more.

i just need the ESP8266 Filesystem Uploader and nothing more?
 

Cris Modzzz

Developer
Senior Member
Contributor
Hello, i flash my esp8266 v3 with the Draqen-Esp8266 v1.4.
But when I try to connect with the ps4 in wifi, I always have the error conexion to the server interrupted, why it don't works?
Need configure something on the ps4?
Thanks.
 

RAD AHMED

Member
Contributor
hi
You can add a password (ESP8266 Wifi Module)

Example
Network name
PS4-WIFI
password
N0125487A

Please program the following files and add the password also

esphost.bin
esphostmulti.bin
esphostmulti405.bin

Please upload it to me again on any server
 

Zoilus

Developer
Senior Member
Contributor
Verified
I would love to know how to compile those bin files for this. I know there is a tutorial on how to set up virtual box, ubuntu...etc did all that. There are examples there on how to create a bin payload by using those samples. BUT I would like to create (or edit) these bins, that way, using that tool shown in those videos above, it would be easy to load up the esp8266.

You just select the bin you created and BAM your done.
 
Recent Articles
Sony CEO Confirms No Interest in Making Another Handheld Console
A few weeks back CEO Jim Ryan revealed Sony's plans to Transition to PS5, and in a recent interview with GameInformer.com he confirmed that PlayStation is also no longer interested in making...
Monster Hunter World: Iceborne x Horizon Zero Dawn: The Frozen Wilds PS4
Following the Monster Hunter: World PS4 Pro LE Bundle and Monster Hunter World: Iceborne Expansion, today Capcom announced that the gates to the Tundra Region have opened in Monster Hunter World...
PlayStation 5 (PS5) Pre-order Notification Sign Ups Available at Retailers!
Although no PS5 Price has been confirmed yet, those seeking a launch day PS5 console during the Holiday 2020 season may want to sign up at various retailers to receive an email notification when...
FBI Warrant Orders PS4 PSN Data from Sony on Alleged Drug Dealer
Previously we've seen Search & Seizure Warrants for GTA5 Cheaters issued, so it should come as no surprise that the Federal Bureau of Investigation (FBI) recently ordered...
Top