Following up on his PS4 Memory Dumping progress, today Spanish PlayStation 4 developer JaiCraB announced the discovery of two PS4 UART Ports on an SAA-001 board alongside the introduction of JaiBrute v1 with details below!
Download: JaiBrute.zip
MD5: f7a7e0f970d5e86ef110d2d4ff0ed1b1
To quote, roughly translated: PS4 Tools UART - UART Ports on Board SAA-001
At the plate I found two UART ports for different purpose. One is used for the operating system. Should show charging of system and kernel.
The other port is discovered CXD90025G port (MediaCon). It closely resembles the UART port of the PS3 SYSCON.
Both ports TTL RS232 adapter is connected to 3.3v. RaspberryPi, any Pirate or USBtoSerial bus adapter. You only need 3 wires. RX, TX, GND. The configuration is also the same for both: 115200, n, 8.1
UART0 Console
Used by the system to show the charging process and record events core, such as a newly connected USB connection or action ACPI shutdown.
Everything goes reflected. But Sony has attempted to leave unused.
The port transmits data through the port. But all the characters originals are replaced by 0x20. The "space". Character So only we can see how it moves the cursor while the kernel is showing events. (It is useless).
The console if that reflects the echo of what is sent. The system receives commands from the port but not sure you ignore. The ECO system do what is sent is a good sign.
Console MediaCon
He accepts commands as happened with the PS3. The system of command and hash is the same. The sum of all bytes and applying & 0xff. Byte is added.
After hexadecimal command. For example errlog: CB. If we listen to the harbor and nourish the system appears within 10 seconds appears ... "OK 00000000: 3A" ... According to psdevwiki it means "Power applied (standby mode)."
It does not seem to work any command found in the PS3, except errlog command.
I have discovered a reply:
This program sends commands per minute to 800 and only records MediaCon different answers to "NG F0000006: 51". Public interest would be discovered all commands.
Download: JaiBrute.zip
MD5: f7a7e0f970d5e86ef110d2d4ff0ed1b1
To quote, roughly translated: PS4 Tools UART - UART Ports on Board SAA-001
Code:
## ###### ########
## # ## ## ## ### # ## ##
## ## ## ## ## # ## ## ## ##
## ## ## ## ## ## ## ## ## ########
## ## ####### ## ## #### ####### ## ##
## ## ## ## ## ## ## ## ## ## ## ## ##
###### ## ## ## ###### ## ## ## ## ########
* JaiCraB Web Site: jaicrab.org * Contact: [email protected]The other port is discovered CXD90025G port (MediaCon). It closely resembles the UART port of the PS3 SYSCON.
Both ports TTL RS232 adapter is connected to 3.3v. RaspberryPi, any Pirate or USBtoSerial bus adapter. You only need 3 wires. RX, TX, GND. The configuration is also the same for both: 115200, n, 8.1
UART0 Console
Used by the system to show the charging process and record events core, such as a newly connected USB connection or action ACPI shutdown.
Everything goes reflected. But Sony has attempted to leave unused.
The port transmits data through the port. But all the characters originals are replaced by 0x20. The "space". Character So only we can see how it moves the cursor while the kernel is showing events. (It is useless).
The console if that reflects the echo of what is sent. The system receives commands from the port but not sure you ignore. The ECO system do what is sent is a good sign.
Console MediaCon
He accepts commands as happened with the PS3. The system of command and hash is the same. The sum of all bytes and applying & 0xff. Byte is added.
After hexadecimal command. For example errlog: CB. If we listen to the harbor and nourish the system appears within 10 seconds appears ... "OK 00000000: 3A" ... According to psdevwiki it means "Power applied (standby mode)."
It does not seem to work any command found in the PS3, except errlog command.
I have discovered a reply:
- NG E0000004: 4E Bad Checksum
- NG F0000006 51 Command not found
- F0000001 NG: Incorrect argument 4C
This program sends commands per minute to 800 and only records MediaCon different answers to "NG F0000006: 51". Public interest would be discovered all commands.
