Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 / PS5 PKGs.
PS4 CFW and Hacks       Thread starter PSXHAX       Start date Oct 26, 2017 at 10:37 PM       153      
Not open for further replies.
Inspired by the recent PS4 Webkit Exploit Local Server tutorial, @Al Azif shared a script to cover many of the steps in the guide and has since updated the Easy PS4 Exploit Hosting Tool releasing on Github for those seeking to host their own PS4 Webkit Exploit page on LAN since Sony started blocking them. :geek:

Easy PS4 Exploit Hosting Tool Download: / GIT / PS4 Exploit Host Menu (for those who don't want to host their own) / Exploits Folder Browser / PS4 Exploit Host for OpenWRT by irefuse

To quote from the PS4 Exploit Host

What is this?

This is an easy way for anyone to host their own exploit for the PS4 on their LAN. It blocks PSN to stop accidental updates, it also serves the 4.05 update if you want it to. You can also generate an FTP payload. There is also a simple CLI for sending additional payloads.

So the scope of this has become like an all in one toolkit.

  • Python 2 (Tested on 2.7.14)
  • The Python Directory added to your System Path Environment Variable (Windows Only)
  • This should run on Windows, OSX, and Linux (Tested on Windows 7, Windows 10, and Ubuntu 16.04)
How to download
  • Download the zip on the releases page
  • Download with Git, be sure to grab the submodules
How to run
  1. Run python from the command line
    • If it starts with no errors, note the IP given to you
  2. On your PS4 use the noted IP as your DNS server
  3. On your PS4, go to Settings > User Guide and select it. Boom, the exploit page should load.
  4. When you're done use Crtl+C to cleanly close the script

You can check the issue tracker for my to do list and/or bugs. Feel free to send a pull request for whatever. Be sure to report any bugs, include as much information as possible.

What if a new exploit is released?

You should just be able to replace the exploit files in the "exploit" folder.

Here are some other PS4-related Tweets making their rounds today:


Download: PS4-BETA-1.50-PS4UPDATE.PUP (307.9 MB) / PS4-BETA1-2.50-PS4UPDATE.PUP (233.6 MB) / PS4-BETA2-3.50-PS4UPDATE.PUP (286.5 MB) / PS4-BETA3-4.00-PS4UPDATE.PUP (297.8 MB)
Host Your Own Webkit Exploit & Jailbreak 4.05 Firmware PS4
How to Host the 4.55/4.05 Exploit Locally
Hosting PS4 5.05 Exploit Locally + Adding custom payloads (5.05 Jailbreak)
Hosting 5.05 Exploit Offline (PS4 Jailbreak)
How To Setup Al Azif DNS For Your PlayStation 4 And Run Any Payload Offline!
Cheers to @hyndrid, @SSShowmik and @Wultra for the Easy PS4 Exploit Hosting Tool news tips in the PSXHAX Shoutbox earlier today! (y)
Host Your Own PS4 Webkit Exploit Page on LAN by Al-Azif.jpg


Please can you tell me exactly where to add the payload hen v1.6 from vortex in .bin and its index.html inside the ps4 exploit host 0.4.2 from al azif ? thank you.
Following the last revision, here's the latest PS4 Exploit Host v0.4.3 update via Github:


  • 5.05/5.07 enabled by default
  • 5.05 payloads/exploits included
  • Fixed network test
  • Fixed updater
  • RPi issue fixed by @Vadammt
  • Removed 4.05 spoofed UA in settings.json and default theme's script.js (Even less reason to be on 4.05 now)
  • Block all Nintendo subdomains
  • ARM Build/RPi Scripts coming by this weekend
Another update to PS4 Exploit Host v0.4.6a1:

  • Various minor bugfixes

  • Various caching fixes and optimizations
    • Theme cached by default
    • Loading bar and notifications for caching
    • Exploits cached on demand (By individual firmware or all)
    • Caching buttons will not show up offline
    • Fixed payload listening exploits while cached
    • Preview for "Sticky Caching"
  • Default theme QoL improvements
    • Fixed grey artifacts on buttons
    • "O" will now go back
    • If only one firmware is available it will autoselect
  • Added option gzip compression (Enable it in setting)

  • Settings (Your old settings will not work)
    • More/better warning/import rules
    • Reorganized
    • UA_Check disabled by default
    • Added DNS settings (Changing the port will not just work, if you change it you're on your own)
    • Add default timeout for payload sender
    • Add gzip compression level (Valid values are 0 through 9, from least to most compression, 0 is disabled)
  • You can now specify a payload to send from the exploit itself

    Copy the "Original" exploit, in "index.html" change ping("/success"); to ping("/success/9020/15/test.bin); to send "test.bin" (from the payloads folder) to port 9020 after successful exploitation with a 15 second timeout

  • UA blocker now uses regex

  • Updated Readme and FAQ

  • App2USB rebuilt for release
Not open for further replies.