Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
PS5 News       Thread starter PSXHAX       Start date Jun 25, 2021 at 1:43 AM       2      
Status
Not open for further replies.
We've seen PlayStation 5 DevKit Controllers, PS5 Development Kit Design Patents, PS5 DevKit 3D Renders, PS5 Dev Kit Prototype Images, PlayStation 5 Dev Kit Images, a PS5 DevKit Cooling System Patent and most recently a PS5 Software Development Kit Leak with ALIAXS70 via Twitter sharing some PS5 CP (Communication Processor) Box PlayStation 5 Dev Prototype Images with the PS5Scene to enjoy! 🤩

Initially disclosed in the Sony DFI-T1000AA Testing Kit for PlayStation 5 (FCC ID: CCAB20LP129BT4) patent, check out the new leaked PlayStation 5 Communication Processor (CP) Box pics below... according to the images the PS5 CP Firmware is 0.9.0.5 while the recent PS5 Leak includes DevKit versions 0.9.0, 1.0.0 and 2.0.0.

:arrow: Update: @rickylyh aka HI_Ricky on Twitter also shared a picture with the PS5 CP Firmware on 1.6.0.9 for those interested. :tup:
  • PlayStation 5 Suitest - Suitest supports a PlayStation 5 TestKit or DevKit. After setting up your PlayStation 5 console you will be able to run automated tests on HTML based applications (WebMAF and Media ***).
CP Box Dumps (no keys yet)
  • CP Box Dumps.7z (0.35 MB - includes ps5_cp1.bin, ps5_cp2.bin, ps5_cp3.bin, ps5_cp4.bin and ps5_cp5.bin)
the main firmware is protected by ps4 southbridge chip
added some photos to the ps5 wiki for the CP Box prototype CPB-010 and the accompanying board CDT-031
so VVildCard777 finally dumped ps5 cp box emmc. i'll share it soon
  • CARLO-K13 - CP Board of Prototype DUTP-DSN18AAK-W5
  • SANO-K12 - Mainboard of Prototype DUTP-DSN18AAK-W5
  • SM2-K12 - External M.2 Board of Prototype PS5 Devkit DUTP-DSN18AAK-W5‎‎
VVildCard777 at long last succeeded in obtaining the keys to the ps5 CP Box emc. they'll be added to the wiki shortly
CP Box Keys and Libhijacker Big App Not Crashing News
PS5 CP Box EMC Keys Discovered By Wildcard

  • PS5 Keys: Communication Processor EMC Keys
  • Use sum of diff to find region where key is being used (fill header with 00s and ffs and apply diff)
  • Use DPA on the (in this case decryption) last round of the first aes
  • Used DPA to find keyset (algo aes 128 cbc with zero iv)
  • Noise had to be removed
  • 2 new codenames for cp box, related with Shakespeare's work Tempest
  • Libhijacker does not hang anymore in app (work done by LM, illusion and astrelsky)
This was the program that was used to bruteforce the CP Box remaining key bytes.
good news: the communication processor that comes included in the ps5 devkit has the exact same keys as the communication processor box from ps5 testkit. this means that someone can exploit it and use it to interact with relevant components like TEE
many thanks to SocraticBliss for dumping the respective communication processor flash from devkit ps5!
you can find the tool on keys talk page. we're still missing one very important key, the emc header hasher key. flat_z is currently working to retrieve it.
communication processor on devkit and communication processor box on testkit can interact with MP3 and MP4 (see Devices) which can probably be exploited via this way to reach code execution with proper modifications
:arrow: PS5 CP Box CFW, UART Pins for EAP / EMC and Keys by Flat_z!
PS5 CP (Communication Processor) Box PlayStation 5 Dev Prototype Images.jpg

PS5 CP (Communication Processor) Box PlayStation 5 Dev Prototype Images 2.jpg

PS5 CP (Communication Processor) Box PlayStation 5 Dev Prototype Images 3.jpg

PS5 CP (Communication Processor) Box PlayStation 5 Dev Prototype Images 4.jpg

PS5 CP (Communication Processor) Box PlayStation 5 Dev Prototype Images 5.jpg
 

Comments

It's basically eye candy for those interested in pictures of development / prototype hardware that is normally only accessible internally.

Of course every once in awhile a development unit surfaces for sale on eBay, so if anyone manages to get hold of a PS5 TestKit with CP Box some of the previously leaked files may come in handy also. ;)
 
Status
Not open for further replies.
Back
Top