Category PS4 Jailbreaking       Thread starter PSXHAX       Start date Oct 23, 2017 at 4:49 AM       15,074       14            
Since the recent Adieu PS4 4.05 Kernel Exploit, NamedObj Strategy Overview and following the past JailBreakMe / WebKit Playgrounds today PlayStation 4 developer AN0NY420 (aka @ANONYM0US) updated the WebKit adding both 4.01 and 4.05 PS4 Firmware support! :D

Download: PS4-4.0x--4.05-Code-Execution-PoC-master.zip / GIT / Live Demo

To quote from the README.md: PS4 4.0x Code Execution

This repo is specterdev's edit of the 4.0x webkit exploit released by qwertyoruiopz. The edit re-organizes, comments, and adds portability across 3.50 - 4.07 (3.50, 3.55, 3.70, 4.00, 4.01, 4.05 and of course 4.06/4.07).

The commenting and reorganization was mostly for my own learning experience, however hopefully others can find these comments helpful and build on them or even fix them if I've made mistakes. The exploit is much more stable than FireKaku and sets up the foundation for running basic ROP chains and returns to normal execution. Credit for the exploit goes completely to qwertyoruiopz.

Organization

Files in order by name alphabetically;
  • expl.js - Contains the heart of the exploit and establishes a read/write primitive.
  • gadgets.js - Contains gadget maps and function stub maps for a variety of firmwares. Which map is used is determined in the post-exploitation phase.
  • index.html - The main page for the exploit. Launches the exploit and contains post-exploitation stuff, as well as output and code execution.
  • rop.js - Contains the ROP framework modified from Qwerty's original exploit as well as the array in which module base addresses are held and gadget addresses are calculated.
  • syscalls.js - Contains a system call map for a variety of firmwares as well as a 'name -> number' map for syscall ID's.
Usage

Simply setup a web-server on localhost using xampp or any other program and setup these files in a directory. You can then go to your computer's local IPv4 address (found by running ipconfig in cmd.exe) and access the exploit.

Notes
  • The exploit is pretty stable but will still sometimes crash. If the browser freezes simply back out and retry, if a segmentation fault (identified by prompt "You do not have enough free system memory") occurs, refresh the page before trying again as it seems to lead to better results.
  • This only allows code execution in ring3, to get ring0 execution a kernel exploit and KROP chain is needed.
  • If I've made an error (particularly having to do with firmware compatibility and gadgets) feel free to open an issue on the repo.
  • The exploit has been tested on 3.55, 4.00 and 4.05 it is assumed to work on other firmwares listed but not guaranteed, again if you encounter a problem - open an issue on the repo.
Credits

qwertyoruiopz - The original exploit, the likes of which can be found here.

Added 4.01 and 4.05 support by AN0NY420.

Thanks to @Bassabov, @hyndrid, @LightningMods, @Nesterwork and @romantizma in the PSXHAX Shoutbox for the news tips! :lovewins:
PS4 4.01 4.05 Code Execution Support PoC by AN0NY420.jpg
 
:idea: Reminder: Those without a Verified Badge yet on Discord to access the private areas we recommend Joining Us! Why? The waiting process takes a week for new Members, and there's a lot we're unable to share on public forums including the latest PS4 PKG Games. 🏴‍☠️

Comments

Trojaner

Senior Member
Contributor
@Centrino only stuff for the last FW would be interesting, so really @ll people had the possibility of using Fun Stuff without buy a new PS Crap Console with Lower FW if the updated already out of the round ... :D
 

Nesterwork

Senior Member
Contributor
Verified
@Centrino only stuff for the last FW would be interesting, so really @ll people had the possibility of using Fun Stuff without buy a new PS Crap Console with Lower FW if the updated already out of the round ... :D
We'll always been told keep yours PS4 on lowest firmwares as possible if you want a jailbreak, don't moan and complain because you updated to latest and nothing is getting released.
 

Trojaner

Senior Member
Contributor
Nester ... ---> @ll People, there are enough who made the mistake and updated <--- ... i personally follow my own way, always on last FW, always online, always Bet Testing FW, i don´t need backups on PS4, have only 100% Exclusives and that will not change, the rest is PC
 
Recent Articles
PS5 Hacking-Themed Platformer Recompile Gameplay Trailer Video
Earlier this week we saw a first look at the PS5 hacking-themed indie platformer Recompile by Phigames, and below is a Recompile PlayStation 5 gameplay trailer video for sceners who can't wait to...
PS5 & Xbox Series X Next-Gen Video Game Prices to Go Up Says IDG
According to video game research firm IDG Consulting, publishers are likely to raise the price of next-gen games for PlayStation 5 and Xbox Series X following the PS5 News that NBA 2K21 will...
Sony Introduces PlayStation Indies for PS5 and PS4 with Montage Video
Proceeding the Indie PS5 game Soulborn Alpha Trailer, Sony introduced their PlayStation Indies initiative featuring nine captivating new independent games including Worms Rumble (PS5 / PS4), Haven...
Cyberpunk 2077 4K Footage and New NBA 2K21 Zion PS5 Trailer Video
Since the last batch of PS5 Trailers some 4K gameplay footage of the upcoming RPG Cyberpunk 2077 by CD Projekt Red surfaced with a 2021 tentative release scheduled alongside a new NBA 2K21 PS5...
Top