Category PS4 Jailbreaking       Thread starter PSXHAX       Start date Feb 28, 2018 at 12:07 AM       110,642       239            
Status
Not open for further replies.
Since the PS4 4.55 Kernel Exploit release followed by the PS4 5.01 WebKit Exploit, PlayStation 4 developer @SpecterDev made available on Twitter a fully implemented Cryptogenic PS4 4.55 Kernel Exploit akin to his previous one in that it doesn't contain code related to defeating anti-backups mechanisms... meaning most should take heed of @flatz's advice on Twitter and hold off updating from 4.05 to 4.55 OFW if you lack the necessary skills to port payloads or wait for other forks to surface as in 4.05 first before updating. o_O

According to a screenshot (below) from @Mathieulh on Twitter, PS4 developer m0rph3us1987 shared a ps4_455_holygrail.bin (67.7 KB) private payload containing flat_z's Debug PKG and FSELF code which Rebug developer @Joonie replied to on Twitter with the file's MD5 hash of 38F5E677A543EF93FB9A75096F983F89 for those on the hunt... good luck! :confused:

In the midst of all the PlayStation 4 scene excitement today, PS4 developer qwertyoruiopz still managed to release a PS4Brew full 4.55 PS4 jailbreak followed by a bugfix update in 4.55 PS4 jailbreak v2 with some changes detailed. <3

@Andrew Marques let us know on Twitter that he tested a debug_settings.bin (16.2 KB) 4.55 port done by @2much4u with some enableWebBrowser455.bin (16 KB) and fullDebugSettings455.bin updates (REMINDER: DON'T GO INTO IDU MODE) via Twitter and video footage below. (y)

Finally, Mikeads points out that PS4 developer @Al Azif earlier today changed 4.05 refs to 4.55 in preparation for PS4 Exploit Host updates which should now support 4.55 in this ps4-exploit-host.zip (4.81 MB) build... so to reiterate from CelesteBlue and Mathieulh, give scene devs time to port 4.05 apps and payloads to 4.55 before updating from 4.05 OFW to 4.55 Firmware unless you possess the skills to do it all on your own as nobody knows how long it will be before things like PS4HEN will be publicly available for 4.55 owners. :unsure:

To quote from the README.md: PS4 4.55 Kernel Exploit

Summary

In this project you will find a full implementation of the "bpf" kernel exploit for the PlayStation 4 on 4.55. It will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This release however, does not contain any code related to defeating anti-backups mechanisms or running homebrew. This exploit does include a loader that listens for payloads on port 9020 and will execute them upon receival.

This bug was discovered by qwertyoruiopz, and can be found hosted on his website here.

Patches Included

The following patches are made by default in the kernel ROP chain:
  1. Disable kernel write protection
  2. Allow RWX (read-write-execute) memory mapping
  3. Syscall instruction allowed anywhere
  4. Custom system call #11 (kexec()) to execute arbitrary code in kernel mode
  5. Allow unprivileged users to call setuid(0) successfully. Works as a status check, doubles as a privilege escalation.
Notes
  • Early stages, so no payloads yet, I may provide a debug menu payload later on in the day.
Contributors

Massive credits to the following:
:arrow: How to migrate from 4.05 to 4.55 OFW for those using PS4 Exploit Host quick guide by Fimo:

1. Download 4.55 retail OFW: https://darthsternie.net/index.php/ps4-firmwares/
2. Save it to your exfat32 usb HD: PS4/UPDATE/PS4UPDATE.PUP
3. Plug the HD on the right port of your PS4, on your PS4 go to settings, upgrade your 4.05 FW
4. On your PC, delete your old ps4-exploit-host and save the new one v0.4.0.1
5. On your PC, run ps4-exploit-host.exe
6. Go back to your PS4, settings/guide, run the 4.55 HEN exploit = done !

Full PS4 4.55 New Jailbreak Setup Tutorial
Cheers to @B7U3 C50SS, @Chaos Kid and @Wultra in the PSXHAX Shoutbox for the news tips today! :beer:
PS4Brew 4.55 Full PS4 Jailbreak, 4.55 Debug Settings Payload Ports.jpg
PS4Brew 4.55 Full PS4 Jailbreak, 4.55 Debug Settings Payload Ports 2.jpg
 

Comments

Status
Not open for further replies.

Mikeads

Senior Member
Contributor
#### Exploit/Payload Related
These are NOT related to this script in any way, but rather the exploits/payloads themselves:
-- Make sure your PS4's firmware is on 4.05 exactly. There is no downgrading. If you are above 4.05 you are out of luck for now.
+- Make sure your PS4's firmware is on 4.55 exactly. There is no downgrading. If you are above 4.55 you are out of luck for now.
- The PS4 can get a kernel panic and just shutoff. Physically unplug the power for a second (Or hold the power button forever), then power it back on.
- "Out of Memory" errors while loading the exploit page are normal, restart your PS4 if you get a lot of them in a row.
- The FTP servers can take a minute to start. Be patient and try again in a 30 seconds.
 

teuira

Senior Member
Contributor
Verified
Great work, incredible progress. these last days on the scene are full of BIG good surprises. Brother and sister, when all payload will be ported, we'll get to work for new games dump :p
Big thank you to all community and all the great devs who makes those great things happen:bananaman:
 

raphaeld82

Member
Contributor
Wow. Should have PS4HEN by tomorrow. Lol. These breakthroughs are happening at break neck speed. Time to get a few more 8 TB drives in the arsenal. Thanks guys for your hard work.
 

valenroy

Senior Member
Contributor
Speaking of large hard disk drives, how will the package installer be implemented this time round with the additional option of installing pkgs onto external HDD that's offered by fw4.55? Should we even bother with upgrading the internal ones now that 4.55 offers this option?
 

NaTaS69

Member
Contributor
Probably some noob\repeated questions:
1. If the webkit goes all the way to 5.05 (althou the kexploit is for 4.55) i'm guessing that kernel got patched somewhere between?
2. Or it have also something to have with keys?

Thanks to any whom reply. ☺
 

stooged

Developer
Senior Member
Contributor
@stooged
wich payload ? doing it via cable or wifi?
Any sort of payload as a test even a totally blank payload, after the exploit is "all set" when i send payload it errors.

Doing the same with the payloads from 2much4u it does not error.

So something with my compiles is wrong which makes me wonder if the dev kit needs a change to suit 4.55
 
Status
Not open for further replies.
Recent Articles
PS4Modding.net: PS4 Cheats and Modding Platform Trainers with Tools
Since the release of PS4 Reaper (debugger and trainer maker) the goal was to gather modders and gamers around one passion. Today we've come along way: 3 Universal Trainers (PC, Android, iOS)...
Orbis MSX Super Laydock: Mission Striker PS4 Homebrew PKG
Proceeding the MSXORBIS MSX Core from BigBoss and recent Resident Evil CODE: Vita PS4 homebrew game in development by @Markus95, this weekend @oneman123 shared on Twitter a shoot 'em up Orbis MSX...
Golem Gates PS4 Launch Trailer, Hits PlayStation 4 on May 28th
Arriving to PlayStation 4 later this month on May 28th comes Golem Gates, a post-apocalyptic sci-fi blend of action-strategy and card battler pitting conjured armies against otherworldly forces...
Everybody's Golf VR Tees Off in New PlayStation Games Next Week
Fore! Swing for the flag with your PS Move motion controller or DualShock 4 wireless controller in Everybody's Golf VR which tees off as part of the new PlayStation video game releases next week...
Top