Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
PS4 Jailbreaking       Thread starter PSXHAX       Start date Feb 12, 2022 at 4:42 AM       103      
Status
Not open for further replies.
Proceeding his PS4 Server 9.00 / PS4 Server 9.00u for ESP8266 D1 Mini & Pro, PS4Scene developer @stooged shared on the forum an ESP32 Server 9.00u for the PS4 9.00 pOOBs4 Exploit with ESP32 S2 Boards noting the best would be an S2 Mini as they're small and around $5 only. :geek:

Download: ESP32-Server-900u-main.zip / GIT

Here's further details from the README.md: ESP32 Server 9.00u

This is a project designed for the ESP32-S2 and ESP32 boards to provide a wifi http server, dns server and *USB storage emulation. It is for the PS4 9.00 OOB Exploit.

⚠️ If your board is an ESP32 the USB emulation will not be available so you will need to wire a USB drive up to it like this project PS4-Server-900u or you can manually plug and unplug a USB drive for exfathax. This is a wiring diagram for the ESP32 boards.

:thumbup: If your board is an ESP32-S2 you do not need a USB drive with this project as it emulates a USB mass storage device to the console and triggers a filesystem bug to leverage the exploit (exfathax).

These ESP32-S2 boards can be used for a plug and play setup (no wiring):

4MB boards
16MB boards
These ESP32-S2 boards will need a usb A plug wired up to them:

4MB boards
The project is built using ESPAsyncWebServer and AsyncTCP so you need to add these libraries to arduino:
Install or update the ESP32 core by adding this url to the Additional Boards Manager URLs section in the arduino "Preferences".
Code:
https://raw.githubusercontent.com/espressif/arduino-esp32/gh-pages/package_esp32_index.json
Then goto the "Boards Manager and install or update the "esp32" core.

The only files required on the storage of the esp32 are the .bin payloads, everything else is handled internally including generating a list of payloads.

You can still modify the html by uploading your own index.html, if there is no index.html on the storage the internal pages will be used.

If you have problems compiling the sketch make sure the ESP32 library is up to date.

The firmware is updatable via http and the payload files can be managed via http.

You can access the main page from the userguide or the consoles webbrowser using any hostname.

Implemented internal pages:
  • admin.html - the main landing page for administration.
  • index.html - if no index.html is found the server will generate a simple index page and list the payloads automatically.
  • info.html - provides information about the esp board.
  • upload.html - used to upload files(.bin) to the esp board for the webserver.
  • update.html - used to update the firmware on the esp board (fwupdate.bin).
  • fileman.html - used to view / download / delete files on the internal storage of the esp board.
  • config.html - used to configure wifi ap and ip settings.
  • reboot.html - used to reboot the esp board
Installation is simple you just use the arduino ide to flash the sketch/firmware to the esp32 board.

Next you connect to the wifi access point with a pc/laptop, PS4_WEB_AP is the default SSID and password is the default password.

Then use a webbrowser and goto http://10.1.1.1/admin.html 10.1.1.1 is the default webserver ip or http://ps4.local

On the side menu of the admin page select File Uploader and then click Select Files and locate the data folder inside the ESP32_Server_900 folder in this repo and select all the files inside the data folder and click Upload Files you can then goto Config Editor and change the password for the wifi ap.

Alternatively if you install this plugin to the arduino ide you can upload the files to the esp32-s2 with the arduino ide by selecting Tools > ESP32 Sketch Data Upload
PS4 ESP32 Server 9.00u for ESP32 S2 Boards by Stooged 2.jpg

The files uploaded using this method are found in the data folder inside the ESP32_Server_900u folder.
PS4 ESP32 Server 9.00u for ESP32 S2 Boards by Stooged.jpg
 

Comments

I recorded simple video, I used ESP32-S2FN4R2 S2 Mini v1.0 Wifi, because it is easy and cheap to find in my country. Do not need to install any arduino ide on your computer.

Spoiler
 
dear @stooged and others, I have this board nanoESP32-S2 Development Board which has ESP32-S2-WROOM microcontroller which is very similar to ESP32-S2-Saola series but with 2 USB-C port (on for CH340 and another for ESP-32).. more details at: nanoESP32-S2

2022-04-06T02%3A09%3A20.368Z-%E4%B8%BB%E5%9B%BE1.jpg

As I checked the ESP32-S2-WROOM cannot simulate USB (please correct me if I am wrong!), but as it has another USB port, so I assumed no need for wiring.

But I flashed my board in different ways (Arduino, Web, NodeMCU-PyFlasher with predefined BIN files, etc in both AP and connect-to-home-wifi ways) but cannot do the jailbreak remotely.

Seems it can run exploit but whatever the issue is, related to loading ExFatHax. I just used the tutorial and flash my board, and test it on PS4 with following conditions:
  • connect ESP32 or CH340 port to power, use without USB disk and
  • connect ESP32 or CH340 port to power, and use USB disk in another free USB port
and both were not successful and get "failed to trigger exploit kernel heap might be corrupted, try again or reboot the console" after try to "Loading ExFatHax"

would you please let me know where the issue is? I think there is something wrong about flashing the board.
 
This is great work and I am jealous of your understanding of how to get this all functional.

Could you or someone please help me wrap my head around the //connect-to-wifi section?
Code:
//connect to wifi
boolean connectWifi = false;
String WIFI_SSID = "MySSID";
String WIFI_PASS = "MyPassword";
String WIFI_HOSTNAME = "ps4.local";
If I enter my SSID and the password for my network then change the boolean connectWifi to true does that make the ESP just another client on my network?

Does it make it a NAT proxy for the PS4? Or is it just so I can connect to the admin pages from my local network to the HTTP server on the ESP? My local network is a 192.168.X.X and the PS4_AP is 10.1.1.X.

Thanks all
 
Status
Not open for further replies.
Back
Top