Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.

PS4 Development Menu (Debug Mode) Enabled on Retail PlayStation 4

PS4 Jailbreaking       Thread starter PSXHAX       Start date Apr 27, 2016 at 7:39 PM       162      
Status
Not open for further replies.
Just over a week ago we heard rumors of accessing the PS4 Debug Mode Settings on retail PlayStation 4 consoles, and today scene developer CTurt confirmed it's now possible to access the PS4 Dev Menu on 1.76 retail units thanks to Flat_z! :D

Download: Enable Dev Menu / PS4-dlclose.zip / PS4-debugmenu.bin (1.0 MB Compiled) via fx0day / PS4-debugmenu.bin (1.0 MB Compiled) via Di_Scala_ / Tutorial by Chaos Kid / PS4-dlclose GIT

From Stuart Fox via Facebook comes a video demo also.

:arrow: Update: From lezek20 also comes code to enable the more advanced debug menu (dlclose.bin (1.00 MB) compiled by ultradogg), to quote:
Code: 
*(char *)0xFFFFFFFF833242FD = 0x81;
Just add it into the kernel payload before this part:
Code: 
writeCr0(cr0);
:alert: This could brick your console btw, so be careful!

:arrow: Update #2: From @j0lama with help from @sealab (Demo video: jgoake.mp4 - 43 MB) via Twitter:
Download: Fully-Enable-Debug-Settings.bin (1 MB)
Code: 
Fully enable Debug Settings:
*(uint32_t*) 0xFFFFFFFF8269C07Cull=0;
*(uint32_t*) 0xFFFFFFFF8269B56Full=0;
Thanks to B7U3 C50SS and GrimDoe in the Shoutbox for the heads-up! :)
PS4 Dev Menu 1.jpg

PS4 Dev Menu 2.jpg

PS4 Dev Menu 3.jpg
 
Click to expand...
PSXHAX
PSXHAX
Live in Your World, HAX in Ours!
Hello World! I've been reporting on Sony PlayStation hacking news since 2000 and started PSXHAX in 2014 to cover PlayStation (PSX), PlayStation 2 (PS2), PlayStation 3 (PS3), PlayStation 4 (PS4), PlayStation Portable (PSP), PlayStation Vita (PS Vita), PlayStation TV (PS TV) and next-gen PlayStation 5 (PS5) platforms along with anything else of interest.

Click on my UserName author link above and you'll be able to view a curated list of all the articles I've contributed thus far to PSXHAX.COM.

If you enjoy gaming and would like to write (unpaid) for this site, Contact Us and we'll be happy to have ya join our Authors! :)

Comments

SorenAlke said:
Code: 
#include <stdio.h>
#include <stdint.h>


#define BUF_SIZE 256


int main()
{
    char *args[3];
    char *fd[256];

    int  addr;

    addr = 0x1FFFFFFFF0;

    printf("Sploited");

    scanf_s("%d", &addr);

    if (addr < 100){

        printf("cant sploit cus of the length :/");

    }
    else if (addr == 256){

        printf("sploited like a dumb female dog");

    }

    return 0;

}
Click to expand...

i like the (return 0;)
 
2013
Code: 
* micromips-opc.c (decode_micromips_operand): Add +T, +U, +V, +W,
    +d, +e, +h, +k, +l, +n, +o, +u, +v, +w, +x,
    +~, +!, +@, +#, +$, +%, +^, +&, +*, +|.
    (MSA): New define.
    (MSA64): New define.
    (micromips_opcodes): Add MSA instructions.
    * mips-dis.c (msa_control_names): New array.
    (mips_abi_choice): Add ASE_MSA to mips32r2.
    Remove ASE_MDMX from mips64r2.
    Add ASE_MSA and ASE_MSA64 to mips64r2.
    (parse_mips_dis_option): Handle -Mmsa.
    (print_reg): Handle cases for OP_REG_MSA and OP_REG_MSA_CTRL.
    (print_insn_arg): Handle cases for OP_IMM_INDEX and OP_REG_INDEX.
    (print_mips_disassembler_options): Print -Mmsa.
    * mips-opc.c (decode_mips_operand): Add +T, +U, +V, +W, +d, +e, +h, +k,
    +l, +n, +o, +u, +v, +w, +~, +!, +@, +#, +$, +%, +^, +&, +*, +|.
    (MSA): New define.
    (MSA64): New define.
    (mips_builtin_op): Add MSA instructions.
Now so ppl understand these are built updates for both 2016 n 2013.
What's going on here they are using mipsel system and using the asm stubs and headers and building on a ppc to build there base compilers which can also be done vice versa aswel.

Now if you head over and grab the advanced chain you wod see how they do this using the asm headers n stubs from mipsel to support floating points via software all done via ppc64

Ps4linux 55GB discs
 
since im so used to being dissapointed ... have at this...
Code: 
int is_payload_loaded(void) { u64 addr = peekq(0x80000000000004f0ULL);
if((addr>>32) == 0x534B3145) { addr&= 0xffffffff; if(addr && peekq(0x80000000000004f8ULL)) { restore_syscall8[0]= peekq(0x80000000000004f8ULL); // (8*8) restore_syscall8[1]= peekq(restore_syscall8[0]); pokeq(restore_syscall8[0], 0x8000000000000000ULL + (u64) (addr + 0x20)); return 2; }
return 1; }
return 0; }
 
cool thx ! maybe a mod should add a dev thread for brainstorming and so on....

first i thought it was for ps4 because of ps4 debug thread
 
mcmrc1 said:
cool thx ! maybe a mod should add a dev thread for brainstorming and so on....

first i thought it was for ps4 because of ps4 debug thread
Click to expand...
Both mine above are cuz they are based on updates for the kernel and I also have the opt codes aswel.
I also explained the rest at the bottom on how this is used to make the toolchains for ps4 aswel as the nice linux 55GB.iso
mcmrc1 said:
i wish i could understand something :)

is it possible to say in simple words what this all means ? in a non dev speak :)
Click to expand...
Above Soren is ps4 related which is y I kept it in here
 
Status
Not open for further replies.

PSXHAX Categories

PS4 Jailbreak Status
PS5 Jailbreak Status

Latest Forum Topics

Share This Page

Back
Top