Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.

Hacking Sony PlayStation 4 Blu-ray Drives by Oct0xor 36c3 Talk Details

PS4 Jailbreaking       Thread starter PSXHAX       Start date Dec 23, 2019 at 7:11 AM       30      
Status
Not open for further replies.
Since the initial announcement by @Octopus (aka oct0xor on Twitter) here's a summary of what to expect in his 36c3 talk that will be livestreamed in English (YouTube Channel) on Hacking Sony PlayStation 4 (PS4) and PlayStation 3 (PS3) Blu-ray Drives during the 36th annual Chaos Communication Congress at the Saal Borg Lecture Hall in Leipzig Germany on December 28, 2019 at 22:10 +0100 CET (4:10 PM ET - Current Eastern Time). 🤓

Below are further details from the 36th Chaos Communication Congress Schedule Fahrplan Events Page, to quote: Lecture: Hacking Sony PlayStation Blu-ray Drives

Xbox 360 video game console had a number of widely known hacks for firmware of its optical disc drives. However, it was never the case with Blu-ray disc drives of Sony PlayStation video game consoles. In fact, up until recently there was no much information available on this subject publicly.

In this presentation, I would like to share my journey of delving deep into internals and security of Sony PlayStation Blu-ray disc drives. As games are distributed within optical media, those embedded devices were intended to contain the best security possible.

I will demonstrate a multiple hardware hacks and several software vulnerabilities that allowed to dump firmware and get code execution on multiple models of Sony PlayStation Blu-ray disc drives.

In this presentation, I will share the following:

1) I will provide in-depth analysis of vulnerabilities and their exploitation to achieve code execution on multiple models of Sony PlayStation Blu-ray disc drives

2) I will discuss problems that I’ve encountered while reverse engineering the firmware and how I solved (some of) them

3) I will talk about security features of Sony PlayStation Blu-ray disc drives

4) I will explain what engineers did right and how achieving code execution on the drive doesn’t lead to full compromise of security

:idea: It will definitely be an interesting lecture for PS4 scene developers seeking to learn more about the PlayStation 4 Blu-ray drive security and vulnerabilities, however, end-users are reminded to remain patient for a future PS4 jailbreak exploit... those who can't wait may want to locate a jailbreakable PS4 5.05 / 5.07 console to enjoy hundreds of PS4 FPKG games already available and cure cabin fever this winter! :fire:

PS4 Blu-ray Optical Drive Chip Swap Re-marry by NorthRidgeFix.com

Hacking Sony PlayStation 4 Blu-ray Drives by Oct0xor 36c3 Talk Details.jpg
 
Click to expand...
PSXHAX
PSXHAX
Live in Your World, HAX in Ours!
Hello World! I've been reporting on Sony PlayStation hacking news since 2000 and started PSXHAX in 2014 to cover PlayStation (PSX), PlayStation 2 (PS2), PlayStation 3 (PS3), PlayStation 4 (PS4), PlayStation Portable (PSP), PlayStation Vita (PS Vita), PlayStation TV (PS TV) and next-gen PlayStation 5 (PS5) platforms along with anything else of interest.

Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM.

If you enjoy gaming and would like to write (unpaid) for this site, Contact Us and we'll be happy to have ya join our Authors! :)

Comments

@xxdylanxx45 Funny part is that i have a ps4 5.05 and when i put a ps4 game in the drive and then open the drive through ftp, the only files i find is 2 files, a pkg file and another file. I don't remember what the other files was, but i think it is a license file.

And what i believe is that the ps4 is decrypting and then mounting the pkg file into the ps4 system so it can run the game, like a temporary decryption and mounting. So burning games would be much more difficult now.

You have to think about the decrypting part, and if we can't pack pkg files with official keys, then how is the ps4 supposed to read the files ?

Not like the old days where the disc content was eboot.bin (ps3) and default.xex (xbox360) files sadly.
 
wouldn't it be cool if the SAMU keys are used for the BD drive (encrypted of course) and we could decrypt the drive and retrieve the samu keys?
 
@Mustafa0436 You are correct, when your first insert a retail disk in the PS4 it copies the the pkg file from the bluray disk to the internal HDD. (This is the game install process)

Then when you go to run the game it checks first that the original game disk is inserted then it decrypts and unpacks all the individual game files from the installed pkg file on the HDD to the sandbox and this is where the game is run from.

The pkg file on the bluray disk and the one installed on the PS4 HDD are 100% identical. When you start a game the only time the bluray is used is to check that the original game disk is inserted. The game is never run from the bluray disk it is always run from the internal HDD.
 
Status
Not open for further replies.

PSXHAX Categories

PS4 Jailbreak Status
PS5 Jailbreak Status

Latest Forum Topics

Share This Page

Back
Top