PS4 Jailbreak Exploit by Chaitin Tech Echoes via SpecterDev

Many may recall the PS4 Firmware 4.01 Jailbreak by Chaitin Tech, their ROP Tool and the addition of Kaslr Support last year.

Following his PS4 4.0x WebKit Userland Exploit Documentation, JailbreakMe PS4 3.5x / 3.70 / 4.0x Exploit Ports and continuing research PlayStation 4 developer SpecterDev shared a tweet earlier today echoing Chaitin Tech's PS4 kernel exploit on 4.05 that was disclosed to Sony and patched in 4.06 official Firmware this past November.

The news comes after qwertyoruiopz's PS4 4.50 Kernel R/W Access announcement, PS4 4.5x Pwnage and confirmation of PS4 4.55 Dumped.

While @SpecterDev already stated he can't release it and as a result decided to remove the tweet, at least PS4 Developers who have been collaborating and examining it can rest assured that Chaitin Tech and Sony aren't the only ones privy now... here's to hoping someone else will also run across it and decide to share it with the scene.

From the PSXHAX Shoutbox for those following:

• Bultra: https://twitter.com/user/status/867489704295493633
• Bultra: Specter 4.05 kernel Exploit But not gonna release
• mcmrc1: https://twitter.com/user/status/867489704295493633
• B7U3 C50SS: https://twitter.com/user/status/867489704295493633
• B7U3 C50SS: Specter DEvs
• B7U3 C50SS: Status..
• B7U3 C50SS: is gone..
• SpecterDev: yea B7 I removed my status because I felt it rubbed people the wrong way
• SpecterDev: I didn't want to make a big deal out of it because I can't release it anyway so I decided to delete it
• SpecterDev: 4.05 and below, the one chaitentech disclosed
• SpecterDev: to Sony that is
• oneman123: SpecterDev: shae SceEapCore.elf
• SpecterDev: Haven't tried it

Cheers to @B7U3 C50SS, @Bultra, @mcmrc1, @oneman123 and of course @SpecterDev for the heads-up earlier today in the PSXHAX Shoutbox!

 

[Tustin]

Wow ! Specter? 8 months? This guy said few months ago : ps4 back to jail , It's the same guy yeah?

It was not a private conversation, it was an public announcement , So what was he expecting? Gratitude? for nothing?

Don't even know what you're saying in the first half. And no, it obviously wasn't a private conversation, but just because he posted it on Twitter doesn't mean it was going to be a release. He posted it because he was excited to finally get something working and he wanted to share his progress. After all, that's the whole purpose of Twitter in the first place.

Honestly I wouldn't blame someone if they sold their exploits back to Sony. You guys are way to entitled.

 

[vtaker]

Most countries don't have laws against jailbreaking game consoles. In the USA it's legal to jailbreak your phone just not a game console. The geohot case was a california/federal nazi trial. Other countries are more advanced and don't bow to corporate interests. So I don't think people are afraid to release jbs publicly.

I'm firmly in the belief that these hackers either don't have anything of use i.e. fake jbs, are trying to get a job/attention, or just being bug testers for sony.

If Sony and MS made free demos mandatory for every game, backups wouldn't be necessary until the generation is over. I can afford to buy games. What I can't afford is to waste money and time on crap games that were hyped up or falsely advertised see mass effect andromeda lol.

 

[hyndrid]

me too i have a kernel exploit 3.55 but blablablablablablablabla dont update blablablablablabla but no release because blablabla i am afraid of sony

 

[JackQ]

For some people that keeps claiming "he sold the exploit":

1. There is nothing to "Sell", Sony already know and patched it, And personally I wouldn't sell an exploit for Sony, it a sellout, no matter how you much you claim to "understand it".

2. He already claim it's for other reasons, like the exploit its not his and it's not ready yet.. I still hope it will get leaked, book the people who keep it private..

Hm.. why there is no edit button? I wanted to fix some spelling errors...

 

[PSXHAX]

Edit is only available for 5 minutes after making a post, but if you create a new one I can swap them for ya

 

[ArthurBishop]

For some people that keeps claiming "he sold the exploit":

1. There is nothing to "Sell", Sony already know and patched it, And personally I wouldn't sell an exploit for Sony, it a sellout, no matter how you much you claim to "understand it".

2. He already claim it's for other reasons, like the exploit its not his and it's not ready yet.. I still hope it will get leaked, book the people who keep it private..

Hm.. why there is no edit button? I wanted to fix some spelling errors...

"Sale" can be transformed into many ways. You can sell "no release" or delayed release.

I think that the balance that the scene needs is to unite us all and to look for exploits that we can develop, in that equipment not everything should be free, why ?

The developer who works also needs money, but here is the problem nobody wants to contribute a single dollar, that is why the pirates are betting to find these equipment and pay them their money, as these teams continuously as the same pages of psxhax are ridiculed And they call smoke to many things that pass through their noses.

I tell you that the same zecoxao has published things that have left me perplexed, but some do not value, forgive me but you have to recognize the work of the sceners to bring you something as a team and then That paid job, that we all enjoy something free, but paying the developers and researchers for their work, because it is their job "understand this scene is not going to take off until we unite and make rational use of what each researcher deserves for Your job, and then go showing all the advances in a free way I do not know if you understand me but I think it's the way to go, I for my part, but I've decided to do some In years I do what sony and microsoft do console based on computer hardware with a small software embedded of linux, they do it closed, I am doing it free !!

end the end I hope someday to gather the money without asking for anything To anyone and form my team of people to prove that you can do all this and those who are crazy please do not send me mp, and if I pay the developers, who wants to be part of the team that has knowledge in linux and embedded hardware I am willing to pay him to send his mp with his resume what he knows how to do since the equipment I have is reduced, but let's do something now !! And please do not call us beggars this should be free for all but recognizing the work of those who work day and night for this.

I think the community is ready to support financially , everyone can give a few dollars.

It gives us hundreds thousand dollars or more.

 

[HackYourPS4]

As I offered earlier we can start collecting money from all who want donate to first person who will make backups working. I hope bank can reach 50-70 k euros. For this kind of money there will be more competition and needs to release working stuff.

 

[FakeJailbreak]

As I offered earlier we can start collecting money from all who want donate to first person who will make backups working. I hope bank can reach 50-70 k euros. For this kind of money there will be more competition and needs to release working stuff.

Yes! Of course! On MY bank account. Or you prefer PayPal?

 

[masterj360]

Concerns about backups? Then what the point in exploiting the kernel? to play emulations that could be done on a PC or handheld consoles already?

backups shouldn't even be a concern considering its going to be a small fraction of people doing it based on Firmware requirement for the exploit. This scene is starting to become a joke with pointless updates

 

[HackYourPS4]

Yes! Of course! On MY bank account. Or you prefer PayPal?

Money can be collected on trustful person, sure we can find one.