In PlayStation 5 News over the weekend Security Engineer theflow0 (aka TheOfficialFloW on Github) tweeted a screenshot via PS5Share of PS5 Debug Settings (normally intended for use with a PS5 Development Kit / PS5 Testing Kit) on a Retail PS5 Console, and as there won't be a CCC 2021 event this year where fail0verflow (Blog) has previously excelled they broke the news via Twitter with a secldr_oberon_c_dec.bin screenshot from the current PS5UPDATE v4.03 Firmware decrypted... revealing that Sony's PS5 secure loader isn't all that secure while confirming in a consecutive Tweet they've obtained ALL the symmetric PS5 Root Keys from software including the per-console root key!
Back in early 2020 Fail0verflow Implemented the PS4 Renesas RL78 Debug Protocol, while just last month a PS4 9.00 Userland / PS5 4.03 WebKit Exploit by Sleirsgoevy was released following a Use-After-Free Vulnerability found to affect the PS5 OSS WebKit although a PS5 Kernel Exploit (KEX) is Required for a full PlayStation 5 Jailbreak (PS5 Jailbreak Status).
As for those asking ETA WEN? for a public PS5 Exploit disclosure, with many sceners including SpecterDev and AbkarinoMHM still battling PlayStation 5 Scalpers to obtain a console to tinker on according to theflow0 there are "No plans for disclosure. No ETA."
However, since Sony introduced their PlayStation Bug Bounty Program developer TheFloW Vowed PS4 Disclosure and followed through on his word releasing a PS4 Kernel Exploit (KEX) for 7.02 Firmware alongside another PS4 Exploit Disclosed via TheFloW so he's not opposed to public disclosure in general, but there may be Sony-imposed / HackerOne-imposed conditions or other circumstances currently preventing it. To speculate: perhaps he simply wanted to prove it was possible while stepping back and allowing someone else into the spotlight... and $ony's radar.
In any case this level of sheer pwnage brings back fond memories of when Sony botched the PlayStation 3's security by utilizing an incorrect implementation of the PS3 ECDSA (Elliptic Curve Digital Signature Algorithm), and while the PS5Scene that saw an unexpected PS5 DevKit Leak earlier this year may have to wait for the goods to surface from another source at least everyone can rest assured of their existence knowing what has been accomplished thus far in private PS5 Dev circles.
Below is a brief article recap sorted by date with the oldest first, cheers to @sabalbo123 for the heads-up earlier and @JackFlap also earlier on this exciting PS5Scene progress!
Related Tweets, Videos & Method for Unlimited GameSharing PS5 / Previously Released Unlimited PS4 / PS5 Game Sharing Methods
Back in early 2020 Fail0verflow Implemented the PS4 Renesas RL78 Debug Protocol, while just last month a PS4 9.00 Userland / PS5 4.03 WebKit Exploit by Sleirsgoevy was released following a Use-After-Free Vulnerability found to affect the PS5 OSS WebKit although a PS5 Kernel Exploit (KEX) is Required for a full PlayStation 5 Jailbreak (PS5 Jailbreak Status).
As for those asking ETA WEN? for a public PS5 Exploit disclosure, with many sceners including SpecterDev and AbkarinoMHM still battling PlayStation 5 Scalpers to obtain a console to tinker on according to theflow0 there are "No plans for disclosure. No ETA."
However, since Sony introduced their PlayStation Bug Bounty Program developer TheFloW Vowed PS4 Disclosure and followed through on his word releasing a PS4 Kernel Exploit (KEX) for 7.02 Firmware alongside another PS4 Exploit Disclosed via TheFloW so he's not opposed to public disclosure in general, but there may be Sony-imposed / HackerOne-imposed conditions or other circumstances currently preventing it. To speculate: perhaps he simply wanted to prove it was possible while stepping back and allowing someone else into the spotlight... and $ony's radar.
In any case this level of sheer pwnage brings back fond memories of when Sony botched the PlayStation 3's security by utilizing an incorrect implementation of the PS3 ECDSA (Elliptic Curve Digital Signature Algorithm), and while the PS5Scene that saw an unexpected PS5 DevKit Leak earlier this year may have to wait for the goods to surface from another source at least everyone can rest assured of their existence knowing what has been accomplished thus far in private PS5 Dev circles.
Below is a brief article recap sorted by date with the oldest first, cheers to @sabalbo123 for the heads-up earlier and @JackFlap also earlier on this exciting PS5Scene progress!
- PS5 Share Factory Studio PKGs Surface
- How to Access the Hidden PS5 Web Browser
- PS5Prxy Proxy Server App & PS5 EMC UART Pinouts
- First PS5 Game Dumps by BigBlueBox
- PS5 Game PKG Update Links
- Bypassing PlayStation 5 Browser Protection
- PS5 Game Dumps Surface by PS5B
- Official PS5 Scene Group Rules
- PS5 SPI Flash Dumping and Flashing
- PS5 Server Project for ESP8266 D1 Mini Pro
- SMAP Bypass FreeBSD 12 Vulnerability May Affect PS5
- PS5 CP (Communication Processor) Box
- PS5 HD Camera Firmware / Files Dumped
- PS5 Power Supply Unit (PSU) Voltages Pinout Diagram
- PS5 Interface Demonstration Unit (IDU) Mode
- PS5 H2025K4702 IC Flash Chip Pinout Diagram
- PS5 DualSense Controller Firmware Dumped
- Potential AMD Secure Processor Glitch for PS5 Fuses
- PS5 WebKit Affected by Use-After-Free Vulnerability
- PS5 Userland Exploit for 4.03 Firmware
- PS5 NVS (Non-Volatile Storage) Documentation
Related Tweets, Videos & Method for Unlimited GameSharing PS5 / Previously Released Unlimited PS4 / PS5 Game Sharing Methods