Category PS4 CFW and Hacks       Thread starter RetroGamer74       Start date May 23, 2018 at 11:29 AM       54,198       86            
Following the Developers Release of MiraFW: Project Mira v1.0 by OpenOrbis comes a PS4 4.55 Port by @CrazyVoid (aka CrazyVoidProgrammer) on his Github fork and an ELF and binary compiled by @pearlxcore via Twitter:

Download: MiraFW_Orbis_455.elf (2.06 MB) / MiraFW_Orbis_455.bin (0.05 MB) / ESP8266_PS4_RetroGamerFirmV3 / GIT

I also built the binaries, elf and bin successfully and below is a demonstration video of it running and sniffing for those interested. I also converted bin into js to injected it as a payload thru website.

In the PS4Admin web page (http://ps4admin.retrogamer.tech) I did an update and I added the CFW option menu to inject this MiraHEN.

There is no too much information or any notification when you inject it.

But once you finished you can go to your Windows or Linux and try a "telnet PS4-IP 9998". It means do a telnet connection, again your PS4 IP, and using the port 9998.

Then you should see all of the debugging information from PS4 and also the debug and test messages from MiraHEN. So that means it's working.

If you want to see it live in, I did a live thru YT when I show it. My language is Spanish so if you don't want to be bored listening something you don't understand then jump to minute 8 and so on. You will see it in action.

PS4 4.55 CFW Custom Firmware - PS4ADMIN - RetroGamer
5.05 MiraCFW Ported To 4.55 On PS4 (PS4 Jailbreak Custom Firmware)
How To Use MiraCFW On 4.55 & 5.05 On PS4 Tutorial
Enjoy.
Download: Draqen-Esp8266-fw455.bin (4.0 MB)

MiraHEN PS4 4.55 Port by CrazyVoidProgrammer and Demo Video.jpg
 

Comments

GreenSmoke

Senior Member
Contributor
Verified
PS4 5.05 Kernel Exploit

Summary

In this project you will find a full implementation of the second "bpf" kernel exploit for the PlayStation 4 on 5.05. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This exploit also contains autolaunching code for Mira and Vortex's HEN payload. Subsequent loads will launch the usual payload launcher.
This bug was discovered by qwertyoruiopz, and can be found hosted on his website here.

Patches Included

The following patches are made by default in the kernel ROP chain:

Disable kernel write protection

Allow RWX (read-write-execute) memory mapping

Syscall instruction allowed anywhere

Dynamic Resolving (sys_dynlib_dlsym) allowed from any process

Custom system call #11 (kexec()) to execute arbitrary code in kernel mode

Allow unprivileged users to call setuid(0)successfully. Works as a status check, doubles as a privilege escalation.

Payloads included

Vortex's HEN (Homebrew Enabler)

Mira

Notes

The page will crash on successful kernel exploitation, this is normal

Contributors

Massive credits to the following:

qwertyoruiopz

Flatz

Vortex

OpenOrbis Team

Anonymous

Quoted from https://github.com/Cryptogenic/PS4-5.05-Kernel-Exploit/blob/master/README.md
 
Recent Articles
PS4 Patch Builder for Building Modded Update PKGs by MODDED WARFARE
Since his YouTube Issues PlayStation 4 homebrew developer @MODDEDWARFARE returns releasing on Twitter a PS4 Patch Builder application used for building modded Update Packages (PKGs) alongside a...
PS Vita System Software / Firmware 3.73 is Live, Don't Update!
Trick or treat?! šŸŽƒ Since their previous PS Vita OFW revision, today Sony pushed live a PlayStation Vita System Software / Firmware 3.73 Update leaving many curious if they patched the H-Encore 2...
PlayStation Store Halloween Sale Now Live, PSN Game Deals Up to Half Off
The month is already half over and Halloween 2019 is quickly approaching as Sony unleashes their latest PlayStation Store Halloween Sale featuring PSN game deals at up to 50% off on select titles...
Sony PlayStation Augmented Reality (AR) Wireless Headset Patent Surfaces
Contrary to the potential PSVR2 Patent that superimposes a computer-generated image on a user's view of the real world, the latest PlayStation Augmented Reality (AR) Wireless Headset Patent by...
Top