Category PS4 Jailbreaking       Thread starter PSXHAX       Start date Apr 1, 2016 at 4:47 PM       36,915       44            
Status
Not open for further replies.
Not long ago news of a PS4 Root Privilege Escalation & Prison Break / Sandbox Break PoC was confirmed, and today kr105 dropped word in the Shoutbox that a usable dlclose exploit for PS4 Firmware 1.76 is now available to compile with CTurt's open-source work! :D

Download: PS4-dlclose-master.zip / PS4 Dlclose GIT / GIT / Linux Loader Patch for 1.76 / bzImage / initramfs.cpio.gz by kr105 / PS4 Playground / PS4 Playground GIT / ps4link-master.zip / PS4Link GIT
From the ReadMe Files: PS4-dlclose

PS4_Linux_Patched.jpgFully implemented dlclose exploit for PS4 fw 1.76. Compile it with CTurt's.

This is the bare working exploit, you must add your own payload code to make it do anything useful. Enjoy!

Linux loader
Code:
@@ -28,6 +28,15 @@ If you're on Linux, the easiest way is probably to use `netcat`:

After you have sent the binary, it will be executed automatically.

+### Linux loader
+You need a FAT32 formatted USB drive plugged in on any PS4's USB port with the following files on the root directory:
+
+`bzImage` : Kernel image that will be loaded. Recommended to use [this sources](https://github.com/fail0verflow/ps4-linux/tree/ps4-xhci-wip) to compile it.
+
+`initramfs.cpio.gz` : The initial file system that gets loaded into memory during the Linux startup process. [This one](https://github.com/slashbeast/better-initramfs) is recommended.
+
+The file names must match with the above and you can have more files on the same USB drive. From there you can setup the environment to run from an NFS share or from an external drive via USB (recommended) and boot a complete distro!
+
### Syscalls
`Get PID` - Get process ID
Patches for decrypt_pup_header (1.76):
Code:
*(uint16_t *) 0xFFFFFFFF827C445C = 0x9090;
*(uint16_t *) 0xFFFFFFFF827C446B = 0x9090;
*(uint16_t *) 0xFFFFFFFF827C4470 = 0x9090;
PS4-dlclose.png
 

Comments

Status
Not open for further replies.

Space Monkey

Member
Contributor
Good. Ps4 scene is progressing.

Anyone know how good will ps4 be able to play the dolphin emulator on linux? How many fps?
The scene has just kicked off, I doubt any one will be able to answer ur question any time soon. Hold tight though, I wouldn't be surprised if someone does answer ur question.
 

Lan

Senior Member
Contributor
Well, i feel like it is common secret that ps4 is fully hacked even at 3.15 (i think a dev here say that he/she have a exploit).

It is sure good that we see some exploit release now.
 

nightfire10

Senior Member
Contributor
i feel that too. its a matter of time before they release it. although a good start from the 1.76 fully customize firmware will be the best to start.
 

Fimo

Senior Member
Contributor
Well, i feel like it is common secret that ps4 is fully hacked even at 3.15 (i think a dev here say that he/she have a exploit).

It is sure good that we see some exploit release now.
A new webkit exploit might be release on FW > 1.76 but the dlclose exploit is working untill FW 2.57 (release date is may 2015?)

So if a downgrade trick is not release soon, the 3.xx PS4 will have to wait for a long time.
 

Lan

Senior Member
Contributor
Ps4 scene is strongly against backups (especially compare to wii u), that why we don't see many things happening.

As you say is more possible for a downgrade to happen.
 

Space Monkey

Member
Contributor
Ps4 scene is strongly against backups (especially compare to wii u), that why we don't see many things happening.

As you say is more possible for a downgrade to happen.
Some DEVs are against backups but not all. Once the dlclose becomes main stream - meaning easy to install and use - loaders are next. Just wait and watch.

I, myself, is sitting on firmware 2.55 and hoping for some thing good comes along.

So the name of the game is to wait and watch. If worst comes to worst, people will end up buying dongles and let's face it, dongles are inevitable fact.
 

mcmrc1

Senior Member
Contributor
Verified
jep but if dongles are on the go the most devs will gack the crap out of it and also release for free...devs dont want priracy ok...but they also want no re drm devices :)
 

PLAYER 1

Senior Member
Contributor
Game developers are the only scared ones.

For sony could be just the final impulse to sell the remaining "old version" consoles, that money will help to build the new "4-almost-5" model.
 
Status
Not open for further replies.
Recent Articles
Blu-Play DOOM I Port by Sleirsgoevy, Homebrew Games with C / C++
Following the second PS4 Blu-Play homebrew release The UFO Game! from LuBlu Entertainment, developer sleirsgoevy demonstrates that you can create Blu-ray Disc Java homebrew with C or C++ using...
Installing PS4 Gentoo Linux on PlayStation 4 Guide by Mircoho
After the recent PS4 Gentoo Kernel Sources 5.3.7 with Baikal Chip Patches, here is a guide by me (@mircohoooo) covering how to install Gentoo Linux on PlayStation 4 and turn your PS4 into an...
PKGEditor for PS4 Updated by Maxton with EKPFS / XTS Key Support
Since yesterday's PS4 PKG Backporting updates PlayStation 4 scene developer maxton of Maxton.xyz announced on Twitter that he updated the LibOrbisPkg PkgEditor adding support for EKPFS / XTS keys...
PlayStation Store Kicks Off 2020 with PSN Games Under $20 at PS Store
The first PlayStation Store flash sale of 2020 is here and Sony is kicking things off with a two-week long PSN Games Under $20 promotion featuring discounts of up to 50% select titles including...
Top