PS4 4.55 Kernel Exploit release followed by the PS4 5.01 WebKit Exploit, PlayStation 4 developer @SpecterDev made available on Twitter a fully implemented Cryptogenic PS4 4.55 Kernel Exploit akin to his previous one in that it doesn't contain code related to defeating anti-backups mechanisms... meaning most should take heed of @flatz's advice on Twitter and hold off updating from 4.05 to 4.55 OFW if you lack the necessary skills to port payloads or wait for other forks to surface as in 4.05 first before updating.
According to a screenshot (below) from @Mathieulh on Twitter, PS4 developer m0rph3us1987 shared a ps4_455_holygrail.bin (67.7 KB) private payload containing flat_z's Debug PKG and FSELF code which Rebug developer @Joonie replied to on Twitter with the file's MD5 hash of 38F5E677A543EF93FB9A75096F983F89 for those on the hunt... good luck!
In the midst of all the PlayStation 4 scene excitement today, PS4 developer qwertyoruiopz still managed to release a PS4Brew full 4.55 PS4 jailbreak followed by a bugfix update in 4.55 PS4 jailbreak v2 with some changes detailed.
@Andrew Marques let us know on Twitter that he tested a debug_settings.bin (16.2 KB) 4.55 port done by @2much4u with some enableWebBrowser455.bin (16 KB) and fullDebugSettings455.bin updates (REMINDER: DON'T GO INTO IDU MODE) via Twitter and video footage below.
Finally, Mikeads points out that PS4 developer @Al Azif earlier today changed 4.05 refs to 4.55 in preparation for PS4 Exploit Host updates which should now support 4.55 in this ps4-exploit-host.zip (4.81 MB) build... so to reiterate from CelesteBlue and Mathieulh, give scene devs time to port 4.05 apps and payloads to 4.55 before updating from 4.05 OFW to 4.55 Firmware unless you possess the skills to do it all on your own as nobody knows how long it will be before things like PS4HEN will be publicly available for 4.55 owners.
To quote from the README.md: PS4 4.55 Kernel Exploit
In this project you will find a full implementation of the "bpf" kernel exploit for the PlayStation 4 on 4.55. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This release however, does not contain any code related to defeating anti-backups mechanisms or running homebrew. This exploit does include a loader that listens for payloads on port 9020 and will execute them upon receival.
This bug was discovered by qwertyoruiopz, and can be found hosted on his website here.
The following patches are made by default in the kernel ROP chain:
- Disable kernel write protection
- Allow RWX (read-write-execute) memory mapping
- Syscall instruction allowed anywhere
- Custom system call #11 (kexec()) to execute arbitrary code in kernel mode
- Allow unprivileged users to call setuid(0) successfully. Works as a status check, doubles as a privilege escalation.
- Early stages, so no payloads yet, I may provide a debug menu payload later on in the day.
Massive credits to the following:
How to migrate from 4.05 to 4.55 OFW for those using PS4 Exploit Host quick guide by Fimo:
1. Download 4.55 retail OFW: https://darthsternie.net/index.php/ps4-firmwares/
2. Save it to your exfat32 usb HD: PS4/UPDATE/PS4UPDATE.PUP
3. Plug the HD on the right port of your PS4, on your PS4 go to settings, upgrade your 4.05 FW
4. On your PC, delete your old ps4-exploit-host and save the new one v0.4.0.1
5. On your PC, run ps4-exploit-host.exe
6. Go back to your PS4, settings/guide, run the 4.55 HEN exploit = done !
Full PS4 4.55 New Jailbreak Setup Tutorial
Cheers to @B7U3 C50SS, @Chaos Kid and @Wultra in the PSXHAX Shoutbox for the news tips today!