It's Christmas in July! 
Proceeding the PS5 Root Keys & Debug Settings, PS4 CCP Bug on SAMU Key Slots for Saves, PS5 ELF Loader Plugin with Symbols, Reversing AMD's Platform Security Processor (PSP) and Exploring the PS5 Security Landscape presentation developer @flatz announced on Twitter, "finally... hello, PS5 PSP 
" confirming PlayStation 5 Hypervisor (codenamed Hylonome) exploitation straight from a PS4 save game bringing jubilation en masse to the PS5Scene! 
Below are some replies to this PS5 (PSP) hypervisor exploit discovery using a PS4 game save news from @flatz (Ko-fi Page) on Discord alongside related Tweets, as follows:
The developer known as Flat_z has successfully obtained read access to the PS5 PSP (Platform Security Processor), which contains crucial components such as bootrom and key seeds. Additionally, he has verified he also developed an hypervisor exploit.
As of right now Flat_z has decided not to disclose his exploits or bugs at this time. However, leveraging the knowledge gained from this achievement, he aims to undertake the reverse engineering of secure modules and other relevant information. The ultimate goal is to enable the use of FPKG's (Fake PKGs) on the PS5 in the future.
If circumstances permit, Flat_z intends to provide a comprehensive write-up detailing the implementation of FPKG's for the PS5 console. However, it's important to note that there is currently no specified release date for this write-up, as he must prioritize other commitments before embarking on this endeavor.
For the time being, it is kindly requested that Flat_z not be approached with inquiries about release dates or repeated questions regarding the availability of his work. Your understanding and patience are greatly appreciated.
Proceeding the PS5 Root Keys & Debug Settings, PS4 CCP Bug on SAMU Key Slots for Saves, PS5 ELF Loader Plugin with Symbols, Reversing AMD's Platform Security Processor (PSP) and Exploring the PS5 Security Landscape presentation developer @flatz announced on Twitter, "finally... hello, PS5 PSP " confirming PlayStation 5 Hypervisor (codenamed Hylonome) exploitation straight from a PS4 save game bringing jubilation en masse to the PS5Scene! Below are some replies to this PS5 (PSP) hypervisor exploit discovery using a PS4 game save news from @flatz (Ko-fi Page
) on Discord alongside related Tweets, as follows:- psp is root of trust
- it contains code to boot system, key seeds, etc
- it's bootrom that is burned on die
- it could be cfw if there is some vulnerability that could be exploited
- but idk if there is any
- need to reverse
- yes, it's a dump of ps5 bootrom (psp)
- nope, i'll never publish any proprietary and confidential stuff but i want to implement (and disclose if it will work) methods for stuff like fpkgs like i did for ps4
- no idea, i just got the dump a few mins ago
- the idea is getting keys for IPL, then get keys for SSD, so i'll able able to decrypt my IPL from SSD dump and reverse it, get keys, etc
- it's more relevant to hardware revision than to fw version
- i'm not sure if or when they have patched this, but usually they change keys between hardware revisions, so i guess bootrom dumps from newer revisions have other keys
- ah, i don't remember what is mine, i bought it in 2021 iirc
- don't have it near me atm
- some 2.xx, i'm currently on 2.50 as i said
- the purpose of that is to have keys for all firmwares (keys of everything except of IPL)
- well, i'm doing researching all the time, so i'm going to reverse everything lol
- fpkg will be at some point
- i have less spare time nowadays, so i guess it will take some time until i start working on it
- well, f0f were the first, so it's their decision to publish this or not. i've found their method i guess
- i have testkits and retail ps5s on latest fw
- yeah, we even compared our dumps today
- nope, i'm sitting on 2.50 coz i've implemented everything for it, but maybe i'll start working on newer firmwares in the future, idk
- ah, and i have stuff for 1.xx
- we don't know if they patched bugs, or when
- bugs/methods whatever
- they probably did something
- only if there are some bugs in boot process
- so you can hook code execution
- ps4 doesn't have custom firmwares
- it's just realtime mods
- same applies here
- nah, i've stopped working on ps4 a long time ago, i have everything from it
- i guess fpkgs can be implemented without hv, but i don't know for sure
- you can't know until you try to implement it
- for my purpose game's exploit was the best, it still works on any fw
- i use ps4 game
- ps4 is better because there is no userland xom there
- well, it works on ps4 too, so it's easy to debug
- i load corrupted save game that exploits game
- hv exploitation straight from save game
- mine? it's natural ps4 disc game
- i don't want to use psn games since they requires act.dat crap, etc
- nah, they won't. you can find exploit in any game
- they can't blacklist everything
- they just wants to patch important bugs like kern/hv, games exploits are out of scope
- well, and webkit
- you can use everything else i guess
- bdj is better since it's more privileged i think?
- yeah you need to see what sleirsgoevy is doing, i think these tricks may help
- it involves a few parts of the system
- me neither, but i think i'll start studying it soon
- well, i did, but i have tested a hundred of ideas during these two years and only a few ones worked. so chances are high
- it will happen eventually once you start working on it
The developer known as Flat_z has successfully obtained read access to the PS5 PSP (Platform Security Processor), which contains crucial components such as bootrom and key seeds. Additionally, he has verified he also developed an hypervisor exploit.
As of right now Flat_z has decided not to disclose his exploits or bugs at this time. However, leveraging the knowledge gained from this achievement, he aims to undertake the reverse engineering of secure modules and other relevant information. The ultimate goal is to enable the use of FPKG's (Fake PKGs) on the PS5 in the future.
If circumstances permit, Flat_z intends to provide a comprehensive write-up detailing the implementation of FPKG's for the PS5 console. However, it's important to note that there is currently no specified release date for this write-up, as he must prioritize other commitments before embarking on this endeavor.
For the time being, it is kindly requested that Flat_z not be approached with inquiries about release dates or repeated questions regarding the availability of his work. Your understanding and patience are greatly appreciated.
