Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
PS4 Jailbreaking       Thread starter juansbeck       Start date Dec 29, 2016 at 3:50 PM       54      
Status
Not open for further replies.
Following the PS4 Linux 33c3 Demo and the start of a community-driven PS4Webkit Project, today I (@juansbeck on Twitter aka HybridComputers) am continuing from my UniversalFlash App work-in-progress bringing an update on the PlayStation 4 glitch pinout used by Marcan and the possibility to downgrade a PlayStation 4 Slim / PS4 Pro with details below. (-8

Rough translation: Failoverflow's Marcan made a 'glitch' attack TOOL0 combined other ports like RX and TX (rs232) to PS4 Southbridge (sysconf-hypervisor) to give read and write permissions to its devboard lattice ECP3 to intercept the signals and return them in a Payload as we showed CTurt in its extensive article, but how?

Anyone can give us the datasheet? Or if at PSDevWiki oops... the blessed datasheet is a farce. It's a troll from a dodgy blog... one has to be very stupid to believe that the r32c is the hypervisor to attack Marcan... not even the VSS nor the VCC agree >:-(

Never fool us, not all the other developers that have their functional CFW that the downgrade key or the way we can get to exploit versions 3.55, 4.01, 4.05 or whatever is in this simple sysconf :bananaman17: RL78G14 there are 100 pin and 64 and even less as it is ps4 pro the chip is from the company renesas company and although it cost us more 8 months without sleeping here I attach the datasheet, I can say that there is a pin the TOOOL0 credits (JaiCraB) which is the evolution of RX and TX.

For now the datasheet of sysconf and a small drawing for the devs who want to investigate meanwhile we do ours to keep this team that continues adding more than 8,000 euros a month I tell you why not everything is lost, :bananaman13: here we keep moving forward and something has to come out of this.

This can be used to find a way to downgrade to the minimum version of any PS4 (including PS4 Pro)

1. Correct hypervisor datasheet (ps3devwiki blunder this farce). This is the real 64 pin LQFP for ps4 slim and 1215A pages (18) and for PS4 fat page (21) PS4 Pro pending.

hypervisor final sony (sysconf).pdf

2. Correct way to program the hypervisor to create the glitch (sysconf)

forma correcta de programar hypervisor.pdf

3. Pinout glitch hypervisor PS4

https://drive.google.com/open?id=0B2cZly5GV8y-bDhFZWhKVFJtc3c
pinout attack glitch.jpg

4. PS4 Pro (unconfirmed) some ports on which Sony is based on its hypervisor (sysconf)

https://drive.google.com/open?id=0B2cZly5GV8y-RjA5dnJiQXRJUFE
algunos port rl78g13 del que se baso sony para su hypervisor sysconf.jpg

A greeting to all and wish you from Universal Team a Merry Christmas! :tree::santa:

Note

As if you are a handyman, those who try to do this and you are bundled in short layout of connections so that it is if you do not make the plate yourselves and you stay like this.

https://drive.google.com/open?id=0B2cZly5GV8y-SHJac05IUVUwUUU
SYCONFONLY.jpg

In the end will be something like this, we need your support in the kickstarter.

https://drive.google.com/open?id=0B2cZly5GV8y-MGF3Z0I4bS1ORk0
universal flasher.jpg

We based on that development board and we added reading and writing of XBox One, PS Vita, Wii U and we are working for iPhone reading :bananaman17:
Sony did not (and still does not) uses eFuses to prevent downgrading (they are dedicated to store per console settings at factory)
Downgrading is prevented using hashes in syscon's NVS, revocation lists (on ps4/ps vita) and stripping PUP header keys from existing modules
I can confirm that they do not burn e-fuses to prevent downgrading (or during updates) and instead rely on a "Secure Non Volatile Storage" (aka SNVS), which only SAMU modules access the (per console) keys to read and write data from.
which only SAMU modules can access the (per console) keys to read and write data from * (just fixed a typo)
Of course, this also means that in the unlikely event that you do get SAMU code execution on a specific console, you can then downgrade it (but if you can achieve that, why the hell would you need to downgrade anyway?)
 

Comments

OP claims that by glitching a chip on the PS4's motherboard (via soldering a controller device to it), you can downgrade a PS4 all the way back to its original firmware.

This means in theory that older model PS4s could be downgraded to 1.76 to use the existing exploit. Newer model PS4s like the Pro can't be downgraded that far, but if an entry point is found, it could make testing custom firmware easier since it would be possible to recover to any firmware.

In practical terms, this involves taking the PS4 apart, buying a controller chip, soldering to the mainboard, and most likely losing your save data. Still, it's very much a step in the right direction.
Anyway, we have to wait what happens next months, no more to do if you are not involved in some of these groups.
A flasher? , a dongle?, a program? nobody knows yet.
 
This article is written in bad English with many grammar mistakes. Can someone fix these mistakes so that it is easier to read?
Anyways, great job and keep up the good work!
And after you are done don't forget to make an easily understandable tutorial for the noobs.
Good luck!

Edit: May be Sony using fake trolls to spread misinformation?? xD
 
Is it really? Like is this legit for real or fake?
Hi everyone merry xmas (i know its late but i still said it right?) and happy new year from aus anyway

Like player1 says its a work in progress.. just goes to show what devs and contributors are doing and how far they are into getting close to the end of a challenge..for a common user/newbie perhaps reverse engineering or cracking whatever you wanna use is to the right person is not how can i get backups for the world but to see how it ticks can i crack the "impossible" the ps4 is a a massive advanced level mathematics book with 1 page on how to use it and the rest X amount of pages blank and they fill up when somethings found it opens up more questions more problem solvers... all news is good news rumors are rumors until proven otherwise... we should be grateful teams like this so this not for us not coz some of us hate sony not coz a game coz a min 50$ but for the challenge
 
Status
Not open for further replies.
Back
Top