PS4 CFW and Hacks       Thread starter PSXHAX       245       0
Status
Not open for further replies.

PSXHAX

Staff Member
Moderator
Contributor
Verified
Just a few days ago PlayStation 4 developer CTurt released a PS4 File Browser, and today he's back on IRC and Twitter with details on Custom Fonts for PlayStation 4 alongside the inception of an open source PS4 *** (unlike Sony's PS4 *** for licensed developers only).

Download: PS4-***-master.zip / PS4-SDK_compiled.rar / PS4 *** GIT / CTurt's Blog

:arrow: From the Readme File: PS4 ***

An open source PlayStation 4 ***, developed from running ROP tests.

Design

At the moment, it is primarily focused on the kernel. For example, I've successfully implemented all semaphore system calls, from 549 to 556:
Code:
549 - int createSemaphore(const char *name, int attributes, int startingCount, int maxCount);
550 - int removeSemaphore(int semaphore);
551 - int openSemaphore(const char *name, int oflag, int mode, unsigned int value);
552 - int closeSemaphore(int semaphore);
553 - int waitSemaphore(int semaphore, int requiredCount, int *microsecondTimeout);
554 - int pollSemaphore(int semaphore, int requiredCount);
555 - int signalSemaphore(int semaphore, int count);
556 - int cancelSemaphore(int semaphore, int count, int *threadsReleased);
I've also made use of function pointers and the kldsym trick to resolve functions from other modules. For example, we it can use socket related functions from the libSceNet.sprx module:
Code:
#define SCENET 0xe

#define RESOLVE(module, name) getFunctionAddressByName(module, #name, &name)

int (*socket)(const char *, int, int, int);

int main(void) {
    RESOLVE(SCENET, socket);

    int sock = socket("test", AF_INET, SOCK_STREAM, 0);

    return 0;
}
Support

Whilst the *** isn't capable of a most basic functionality yet, such as displaying graphics, or receiving controller input, it is a solid foundation which will be improved upon over time, especially once we have code execution to test it.

:arrow: From CTurtE on Twitter:
  • Sorry, but it looks like custom fonts are not possible on the PS4.
  • Well, for 1.76 at least. Maybe we can abuse the themes feature that firmware 2.00 and above have.
  • Started an open source PS4 ***. It can't do much yet, but I'm going public because I need help. https://github.com/CTurt/PS4-***
:arrow: PS4Dev IRC log:

[CTurt] I dumped a font from "/sandboXDir/common/font/"
[CTurt] but it doesn't work
[CTurt] Windows says it is corrupt
[CTurt] is it likely that Sony modified the ttf format
[CTurt] or is my dump just fcked?
[rck`d] it would be very unlikely they would change the TTF format
[eussNL] unless you're dumping OpenType instead...
[CTurt] http://wololo.net/talk/viewtopic.php?f=63&t=40349&p=396437#p396437 (PS4 1.76 Webkit ROP POC)
[CTurt] these are my steps
[CTurt] fixed it
[CTurt] font dump views in Windows fine :)
[CTurt] ffs
[CTurt]
[rck`d] what was the problem?
[HelsAngel] thats cool CTurt
[CTurt] oh, I wasn't reading size right
[CTurt] now I can get 100% accurate dumps
[CTurt] save files are 1:1 with those from USB export feature
[HelsAngel] can you sent files to ps4 aswell?
[CTurt] well, we can receive data from PC to PS4
[CTurt] but if you try to overwrite a font
[CTurt] it won't work
[CTurt] didn't try overwriting anything else
[HelsAngel] thats pretty nice
[CTurt] thanks!
[CTurt] don't really have any ideas for anything else to try at the moment, so I'm writing another article with my recent findings
[ZiL0G80] nice
[HelsAngel] would a gui filebrowser be possible?
[HelsAngel] for pc so simple people like me can fidle around
[HelsAngel] or too much RNG
[CTurt] I can write down all of the files on my PS4 and tell you them
[CTurt] if that's what you mean
[HelsAngel] no like a gui browser so i can realtime get/send stuff to it
[HelsAngel] and others aswell
[HelsAngel] like ftp
[CTurt] ah, right
[ZiL0G80] make some plugin for totalcommnder :p
[CTurt] right, so now that people have code execution :(
[CTurt] why not
[CTurt]
[HelsAngel] code execution how?
[NiceShot] go to your browser and type
[NiceShot] code execution
[HelsAngel] says adanado

Finally, from bigboss: Added camera support to ps4*** done
PS4 Font Names from Pastebin.com:
Code:
c041056ts.ttf -> SCopperplateTBolCon
d013013ds.ttf -> DomCasualD
e046323ms.ttf -> SURWEgyptienneMRegExtNar
e046323ts.ttf -> SURWEgyptienneTExtNar
k006004ds.ttf -> SKaufmannDBol
n023055ms.ttf -> SNimbusSanMSemBolCon
n023055ts.ttf -> SNimbusSanTSemBolCon
 
Status
Not open for further replies.
Recent Articles
Sony PS4 / PS3 Blu-ray Disc Drive Internals & Security by Oct0xor at 36c3
Last year they covered Exploiting PS4 Video Apps, and at the 36th annual Chaos Communication Congress (36c3) from December 27th to the 30th 2019 in Leipzig Germany scene developer @Octopus (aka...
Sony PS4 Remote Play: Now on More Devices Latest Promo Video
Proceeding the PSPlay Free Trial of the unofficial Android app and yesterday's Google Stadia release that includes 22 Stadia Launch Titles, today Sony unleashed their latest PS4 Remote Play - Now...
Baikal Support Added to PlayStation 4 Linux Loader by Valeery
Since the PSXITArch Linux v2 Guide, Spine PS4 Emulator for Linux Demo, CECPS4 Linux Scripts and PS4 Gentoo Linux development updates support for the Baikal chip was recently added to the...
PS5 DualShock 5 (DS5) Controller Images Surface in Japanese Patent
Following Sony's New Controller Patent, PS5 Devkit Prototype Leak and recent PS5 Transition Update in preparation for the PlayStation 5 2020 Launch today some PS5 DualShock 5 (DS5) Controller...
Top