Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
PS4 Jailbreaking       Thread starter PSXHAX       Start date Dec 12, 2016 at 4:47 AM       36      
Status
Not open for further replies.
We covered the PS4 HENkaku Exploit Port awhile back, but the topic is still quite active on Spanish site Elotrolado.net where a work-in-progress (WIP) version of a UniversalFlash App to dump / read the internal PS4 Flash Memory (aka Sysconf, where updates are installed) was just released by HybridComputers that utilizes a Teensy board (remember a Teensy++ v2.0 can be used to downgrade PS3 consoles) to potentially downgrade and execute PlayStation 4 apps without a license required... with an indirect Kickstarter coming in the next few days. :extremelyhappy:

Download: UniversalFlash.rar (225 KB)

Previously we reported on the PS4 NOR Chip Dumping Process, a PS4 Flash Dumping / Unlocking Method, the PS4 1.76 Flash Dump Analysis and a PS4 SFlash Guide... could any of these techniques be used in the Egyption PS4 Jailbreak Method that recently surfaced if it's not just another gamesharing trick? :nocomment:

:arrow: Update: A better translated explanation of what's being discussed below can now be found HERE by @Crish who is KirtashTheShek (below) on ELO.

Anyhoo from HybridComputers, to quote roughly translated: "Dedicated hosting ... high price ... but we have already found a way to finance those who have teens and try this program, with the permission of universal team .. you buy this universal flash in the attachment.

The mythical "Calimba" I do not know if you remember a scener right here from Hades Team :-D... that gave beginning to the ode of ps3 is in that equipment... and besides that in PS4 Pro at the end there are datasheet of sysconf, .. which serves for a possible downgrade of consoles Super Slim... not Pro.

The Pro only up to 3.70 or model that comes from factory .. something that is worth gold if you can say... stay tuned to kickstarter is going to come out something that has to do with all this indirectly.

Ubuntu UniversalFlash v.01 some Universal functions available as Wii U... dump XBOne, 3DS.. PS Vita only available in the second version v.02... I was only allowed to publish this version v.01.. probably with Teensy.. this version is v1.0 in the second version is working on something that does not add padlocks since it supports for the sysconf to detect the exact consecutive and not generate padlocks in what we will call the apps.

Please do not talk about backups... use it for whatever you want. :beer::beer:"

Also from KirtashTheShek to quote, roughly translated: "Nothing is safe (For now) this program only serves to read the internal flash memory of the console (called Sysconf, which is where the updates are installed) then only time will tell... Salu2!"

:stop: Some other related points of interest for what they're worth, according to CVE logs via @SorenAlke the PS4 Pro 0Day Exploit is nothing more than a 'file dropper over metasploit' and @Chaos Kid notes it was patched, perhaps in the recent PS4 4.07 OFW update although it still won't protect current stock PS4 Pro v3.70 consoles from the vulnerability. :happyblush
Above are some videos from Andrew Paul on PS4 Controller Sync NOR Flash Corruption Repair and Building a Teensy Programmer, and thanks to @Crish, @Fimo, @TheOneAngel in the forum HERE, @VultraAID and @yourfakers in the PSXHAX Shoutbox for the scoop and translation assistance. <3
UniversalFlash App to Dump  Read PS4 Flash Memory (Sysconf) WIP.png
 

Comments

afaik the "PS3 teensy" was just a copy of service mode USB key but dunno about any for PS4...

even if it can "dump/read PS4 flash memory" they still have to find out how to write into or not?
 
Hello vultraid, I admire your job

This is the address of idps in the kernel 1.76 to decrypt what you want in terms of games or apply to homebrew

Offsset 0XFFFFFFFF833242F8 console id
ipdsfullkernel1.76universalflash.jpeg

This is the command:
Sysctlbyname ("machdep.idps", dest, & sizze, NULL, NULL)

This is the complete kernel in case you want to see yourselves
kernelfulluniversalflash1.76.rar

Greetings and I hope this helps in the advance of the scene.
 
Hello vultraid, I admire your job

This is the address of idps in the kernel 1.76 to decrypt what you want in terms of games or apply to homebrew

Offsset 0XFFFFFFFF833242F8 console id
ipdsfullkernel1.76universalflash.jpeg

This is the command:
Sysctlbyname ("machdep.idps", dest, & sizze, NULL, NULL)

This is the complete kernel in case you want to see yourselves
kernelfulluniversalflash1.76.rar

Greetings and I hope this helps in the advance of the scene.
Hello, Well thanks for the Gift..
I shall look over the files soon
 
Im on 3.55 atm, is there a way to update it to 4.05? I wanna play FFXV, but it cant be played on 3.55 :(
Do you think its wise to update it? You might lose the jailbreak. I don't know if 4.05 is possible since I know 3.50 to 4.05 is exploitable but I don't think 4.05 is possible unless I am wrong.

EDIT: We can't play Ratchet and Clank on PS4 since it require 3.15 to be playable but our PS4 is 2.57. So I refused to update it at all. We are patient. It will be worth.
 
Status
Not open for further replies.
Back
Top