Category PS4 Jailbreaking       Thread starter PSXHAX       Start date Sep 5, 2016 at 2:46 AM       10,242       6            
Status
Not open for further replies.
Recently @IvarKarl started a PS4 MEMLAYOUT topic for PlayStation 4 developers to collaborate in, while ZiL0G80 hints on the existence of a PS4 E3Mode in addition to the known IDU Mode from his Tweets below.

In May of this year he Tweeted about a mini PS4 Debug Settings menu, and when asked if it's working on PS4 3.55 developer David Ackerman said probably but stated he is currently on PS4 1.76 Firmware so hasn't tested it above that version.

Also awhile back Phrack Magazine authored a piece from BSDaemon on hacking the Cell Broadband Engine Architecture using a PS3, and now argp and karl did an article on Exploiting UMA: FreeBSD kernel heap exploits (Download: phrack66.tar.gz), which according to @Warfareexpert is derived from CTurt's documented FreeBSD work with recent findings including a FreeBSD Kernel Exploit alongside a FreeBSD Compatibility Layers Weakness Analysis.

p$4 mini debug settings menu :)
besides idu mode there is something called e3mode on p$4 :)
P$4 registry -
Code:
IDUMode.Enable->UT.Registry.GetInt(42336512u, -1)
P$4 registry
Code:
IsDebugMenuEnable -> UT.Registry.GetBool(2013448449u, false)
IsShellCrashEnable -> UT.Registry.GetBool(2013448469u, false)
probably work on 3.55 but i am on 1.76 :)
everybody have kernel exploit on 1.76 :D
my last 2 post was about p$4 vsh (gui) registry settings , i dont know why people think it was about new kernel exploit LOL :D
i am sharing what i found while research it may work or not i am not here to teach people how this could be used ..
p$4 kernel (1.76) patch to disable ASLR in new created processes
Code:
*(uint16_t *)0xFFFFFFFF82649C9C = 0x63EB;
ASLR on 1.76 can be probably disabled permanently by settings this registry values to true 0x78028B00LL,0x78028600LL but i cant - error :confused:
p$4 kernel(1.76) patch to disable ASLR in new created processes
Code:
*(uint16_t *)0xFFFFFFFF82649C9C = 0x63EB;
IF you have knowledges use vitasdk and API ... no tuts sorry
Code:
uint64_t (*sceRegMgrSetInt)(uint32_t reg, int val)
btw shellui (vsh) process can be killed and then is automatically restarted w/o aslr :)
part of exec_self_imgact pastebin.com it probably dont past bootparam or sceSblRcMgrIsAllowDisablingAslr
Finally, cheers to @B7U3 C50SS for the heads-up in the PSXHAX Shoutbox!
PS4 Mini Debug Settings Menu.jpg
 
:idea: Reminder: Those without a Verified Badge yet on Discord to access the private areas we recommend Joining Us! Why? The waiting process takes a week for new Members, and there's a lot we're unable to share on public forums including the latest PS4 PKG Games. 🏴‍☠️

Comments

Status
Not open for further replies.

cakehonolulu

Developer
Member
Contributor
"Debug settings" requires a kernel exploit.
He did it on his 1.76 PS4, his code has to be released and tested on newer FW.
He will release the debug-menu activator source code ( Or that's what i think ).
For now, 3.55 doesn't have a Kernel Exploit, so nothing for us for now.
 
Status
Not open for further replies.
Recent Articles
PS4 Webkit Bad_Hoist 6.72 Exploit Port WIP by Sleirsgoevy & 6.72 Dumps
Proceeding his PS4 ROP 8CC Port and the 7.02 PS4 Kernel Exploit (KEX) release, PlayStation 4 scene developer sleirsgoevy added a work-in-progress (WIP) port of the PS4 Webkit Bad_Hoist 6.XX...
DiRT 5, Vampire: The Masquerade & Werewolf: The Apocalypse PS5 Trailers
Following the PS5 hacking-themed Recompile Gameplay footage, today we have some new PlayStation 5 video game trailers for off-roader DiRT 5, Vampire: The Masquerade - Swansong and Werewolf: The...
Sony Reveals PlayStation Now Games for July, 2020
Today Sony revealed the latest additions to their PlayStation Now video game streaming service for the month of July, featuring Watch Dogs 2, Street Fighter V and Hello Neighbor. :cool: According...
PS4 Kernel Exploit (KEX) for 7.02 Firmware, Wait for Jailbreak Before Updating!
As promised last month, PlayStation 4 scene developer theflow0 just dropped the PS4 Kernel Exploit (KEX) for Firmware 7.02 and below which was patched by Sony in 7.50 PS4 OFW (Current OFW is 7.51)...
Top