Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.

PS4 AIO v1.4.0 with 4.05 Support and BO3 Mods by MODDED WARFARE!

PS4 Jailbreaking       Thread starter PSXHAX       Start date Jan 29, 2018 at 2:44 AM       115      
Status
Not open for further replies.
Following his previous update, today PlayStation 4 developer @MODDEDWARFARE made available PS4 AIO v1.4.0 with a new demo video on his YouTube Channel which includes exploited 4.05 Firmware support alongside BO3 mods followed by v1.5.0! ;)

Download: PS4-AIO-Setup 1.4.0.exe (42.6 MB) / PS4 AIO Portable 1.4.0.zip (42.1 MB) / PS4 AIO v1.5.0

To quote from the video's caption: PS4-AIO Release with 4.05 Support & BO3 Mods! (PS4 Jailbreak)

Here's an updated version of my PS4-AIO tool which now supports 4.05.

Please download and install the latest version rather than trying to update any older versions.

Playing Ghosts For Free & Cool Mods On 4.05 (PS4 Jailbreak & Homebrew)
[PS4/BO3] Real Time Editing using my own tool (God Mode, Ammo, Points, etc..)
[PS4/RELEASE] Open Source Black Ops III Zombie RTM Tool [5.05/4.55/4.05]
Download: PS4 RTM Tool MrNiato v1.0.zip / PS4 RTM Tool MrNiato v1.0.zip (Mirror) / PS4 RTM Tool MrNiato v1.0.zip (1.26.zip) via MrNiato, to quote: HOW TO:

1) With your PS4 go to this link: http://crack.bargains/505k/

2) If you have message "Youre all set!" close the browser and reopen it again then you will have a message "Awaiting Payload...".

3) Open NETCAT GUI, change your IP Adress with the one of your PS4, change "9023" by "9020", select the payload in the folder then inject it !

4) Launch Black ops III in Zombie mod, connect the PS4 and.... enjoy !!

PS4 AIO v1.4.0 with 4.05 Support and BO3 Mods by MODDED WARFARE!.jpg
 
Click to expand...
PSXHAX
PSXHAX
Live in Your World, HAX in Ours!
Hello World! I've been reporting on Sony PlayStation hacking news since 2000 and started PSXHAX in 2014 to cover PlayStation (PSX), PlayStation 2 (PS2), PlayStation 3 (PS3), PlayStation 4 (PS4), PlayStation Portable (PSP), PlayStation Vita (PS Vita), PlayStation TV (PS TV) and next-gen PlayStation 5 (PS5) platforms along with anything else of interest.

Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM.

If you enjoy gaming and would like to write (unpaid) for this site, Contact Us and we'll be happy to have ya join our Authors! :)

Comments

Pretinaverse said:
First, maybe the values in the game are encrypted somehow? I found that in some other games from other consoles, the values are backward. So, instead of 0D, i should search for D0. But obviously this didn't work in ffxv.
Click to expand...
To clear up things for you. What you are talking about is the endian of a byte array. They bytes are either in big or little endian order. But in your example you changed one byte which isn't the case at all.

Lets say 127 is stored as and integer with 32 bits (4bytes) it would look like this:
Code: 
00 00 00 7F
That is little endian.

Some games also use big endian and it would look like this:
Code: 
7F 00 00 00


So what ever you are trying to tell us with 0D switching to D0 would mean that your actual value changes from 13 (0D) to 208 (D0).
 
Thanks for the clarification. Mine was just a bad example from my lack of knowledge, but that made it much clearer.

I found the value of the gems in Gravity Rush Remastered! (CUSA01113)

So, I closed and reopened the game and the address remained the same.

Base Address: 0x19E84A0
Length: 0x10

It's in big endian format @DeathRGH
I have 281 gems, which would be 00 00 01 21
But what I got instead was 21 01 00 00

The value changes according to the gems I have, so there is no mistake that this is the right address.

The problem is, when I change the value and send the poke, nothing happens in the game. Then I used peek to check and found that the value remains 21 01 (the 289 gems I had).

So, no matter what values I use to replace it, nothing happens.
 
It could be a display value that you found.
If you don't change the actual value the display value will just be refreshed and you will never notice anything.
 
Death is right and also sometimes there are more values found not only display one, i guess could be some pointers but just one is the right one. Hope we can have enstone’s ccapi for ps4 tool release so we can have more tools to hack. If someone could contact him.
 
When the ps4 api released back in the day the dev had another explain for the freezing.

One of the biggest bugs that I have found, and am too lazy to debug, is a bug in which if you call the ReadMemory command to read a large chunk of memory too fast, it will crash the payload.
Click to expand...
 
I already made a basic layout.
All I got for now is a basic code by me that allows you to inject payloads.
Everything else is placeholder stuff.

ZY4dhFg3RyOLDU-q6oiRzg.png

Also collected a few bo3 offsets:
Code: 
//eboot.bin
 
0x21A8164 //playerState
0x17010 //index
 
0x21A8167 //client freeze (0x01 - frozen) || (0x00 - unfrozen)
0x21A8180 //client flag (0x04 - default) || (0x05 - godmode) || (0x06 - spectate) || (0x07 - spectate w/ godmode)
0x21A8190 //client X, Y, Z
0x21A87AC //client killstreak 1
0x21A87B0 //client killstreak 2
0x21A87B4 //client killstreak 3
0x21A87B8 //client ammo primary reserve
0x21A87BC //client ammo secondary reserve
0x21A87F4 //client ammo 1
0x21A87F8 //client ammo 2
0x21A87FC //client ammo 3
0x21A8800 //client ammo 4
0x21A8804 //client ammo 5
0x21A8808 //client ammo 6
0x21A88E4 //client uav offset (0x00 - default) || (0x02 - scramble uav)
0x21A88E9 //client vision flag (0x00 - default) || (0x80 - thermal)
0x21A88F9 //client body state flag (0x00 - default) || (0x01 - cloak) || (0x02 - hologram)
0x21BED64 //client name
 
 
//zombies
0x21A87AC //client ammo primary reserve
0x21A87B4 //client ammo secondary reserve
0x21A87E8 //client ammo
 
Status
Not open for further replies.

PSXHAX Categories

PS4 Jailbreak Status
PS5 Jailbreak Status

Latest Forum Topics

Share This Page

Back
Top