hit tracker

PS4 Jailbreak Exploit Forever - No need for an ESP or PC anymore!

Discussion in 'Underground PlayStation Scene' started by MeSonySpy, Jun 9, 2018.

By MeSonySpy on Jun 9, 2018 at 5:42 PM
  1. 128
    22
    3
    MeSonySpy

    MeSonySpy Staff Member MaxConsole News Team

    Joined:
    Jun 16, 2012
    Occupation:
    Special Encrypter
    Location:
    Sony HQ
    Home Page:
    @CelesteBlue123 - Reports that 'ps4dev' has figured how to use the 'web cache' on the PS4 to exploit your console!
    [​IMG]

    With a 'web cache' exploit, means you only have to load up 'payloads' via PC or ESP device once, then you are forever 'exploited' on your PS4 v5.05 unless you decide to 'wipe out the cache', nah, whom would do that silly idea, check out the details and video below:
    NEWS SOURCE: @CelesteBlue123 (via) Twitter

    (Our thanks to @Joonie86 for the news tip!
     
    crstofer and hitman43 like this.

Comments

Discussion in 'Underground PlayStation Scene' started by MeSonySpy, Jun 9, 2018.

    1. 946
      84
      28
      DSpider

      DSpider Loyal Member

      Did the video really have to be in French? Seriously, couldn't that guy just change his system language for one, fricken', video?

      And at 0:55, I've seen most payloads don't have that confirmation screen (press ok to begin uploading data to the NSA, lol), which begs the question: is this the "original" exploit? Or is the more stable "vortex" or 1.6, whatever exploit?
       
    2. 1
      2
      3
      Warez007

      Warez007 Loyal Member

      Joined:
      Jun 9, 2018
      My Mod offline Exploit 1.01 - 5.05
       
      crstofer and GaryOPA like this.
    3. 2
      1
      1
      NameSeven

      NameSeven Loyal Member

      Joined:
      Jun 10, 2018
      Tested with ESP8266 and with 4.05, works ok.

      1. If you are using the ESP8266 with arduino ide, you should have a project folder. In the project folder a .ino file and a data folder.

      2. In the data folder make a text file with extension .manifest save it as utf8 text file.

      3. In the manifest file add a list of the exploit files in the directory:

      Code:
      CACHE MANIFEST
      # v4 9-6-2018
      CACHE:
      index.html
      all.css
      browse.html
      browse.js
      expl.js
      fix.js
      ftp.html
      ftp.js
      gadgets.js
      hen.html
      hen.js
      kernel.js
      rop.js
      syscalls.js
      
      4. In all the html files change this line:
      Code:
      <html>
      
      to
      Code:
      <html manifest="cache.manifest">
      
      where cache.manifest is the file name of the manifest file.

      5. make sure the ESP8266 server knows how to process manifest files.
      open your .ino project file in arduino ide
      search for code which associates file extensions with content type
      lines which pair 2 terms like:
      ".html" "text/html"
      ".js" "application/javascript"
      if you don't see a line containing:
      ".manifest" "text/cache-manifest"
      add another line to the list with the same syntax as the others but use ".manifest" and "text/cache-manifest" for the values.

      6. save the changes. do tools-> ESP8266 Sketch Data Upload
      after that finished do Sketch-> Upload

      7. boot up ps4, use esp8266 to serve the exploit webpages. activate the browser if you haven't already.

      8. exit browser with ps button. power off ps4. unplug esp8266 from power source. start ps4. start browser. exploit pages should still load.



      notes:

      1. webkit source code specifies file extension of .manifest for content type text/cache-manifest.
      other browsers may use appcache extension.

      2. standards state a browser can ignore a manifest file if one of the files on the list is missing.
      command: dir /b > cache.manifest
      is an easy way to create the list, but remove the cache.manifest file from the list. the heading CACH MANIFEST must be present.

      3. any files with <html manifest="cache.manifest"> should automatically be cached even if not on the list, but it's ok to do both.

      4. assumes you have installed the drivers for the esp8266 and set up arduino ide.

      5. default port speed in arduino ide was 115200 but in device manager default was 9600. set them to the same value. no need to push any flash or reset button on the esp8266, at least not for nodemcu board.

      6. assumes somepayload.bin files have already been converted to somepayload.js files

      7. to update the exploit files, edit and compile as usual, but also edit the cache.manifest file. The browser should automatically check to see if an updated manifest file is being served to determine if it needs to update the cache. changing the version number in the comment line counts as being updated.
      # v1 9-6-2018 -> # v2 9-6-2018
       
    4. 946
      84
      28
      DSpider

      DSpider Loyal Member

      GaryOPA likes this.
    5. 2
      0
      1
      h0baz

      h0baz Loyal Member

      Joined:
      Jun 16, 2018
      Hello
      I have ps4 hacked with version 4.55
      When i run the ps4 it goes directly into recovery (safe mode) and can't update ,rebuild database,or reset default settings
      and gives error code such as Ce-30787-5
      Note: I have sent disable-update.bin when i hacked the ps4.
      Please i want your help
       
    6. 2
      1
      1
      NameSeven

      NameSeven Loyal Member

      Joined:
      Jun 10, 2018
      I don't know what means "so you can now shut it down completely:".
      I always shut down completely and disconnect the ps4 from the power outlet. The exploit remains in the cache and functions ok..

      I can't edit the typo my previous post.
      "heading CACH MANIFEST must be present."
      should be
      "heading CACHE MANIFEST must be present."

      sorry, I don't use update blocker. Probably it should be called pup blocker instead. I don't think you can install even the same version pup. I guess you have to put a different hard drive in it, but that is just a guess. Find out for sure before trying it.

      Here is modified hen payload that does not include the misnamed update blocker. It is vortex hen with only that minor change. The source code and compiled payload is included. You need his ps4 sdk to compile it yourself.

      nevermind, the forum won't accept me uploading a zip file
      just change line 315
      patch_update();
      to
      //patch_update();

      in the file \ps4-hen-vtx-405\installer\source\main.c
       
      catalinnc likes this.

Share This Page