PS4 hack: what we know of the kernel exploit so far

wololo

We are constantly looking for guest bloggers at wololo.net. If you like to write, and have a strong interest in the console hacking scene, contact me either with a comment here, or in a PM on /talk!

51 Responses

  1. Franky

    Can I get a woop woop!?

  2. musashiro

    black fin and THIS made my week. (i still hate the idea of dongles.. I mean it is a DRM device used to break DRM… crazy right? ).

    anyway, keep the updates coming!!!

    PS: Thanks for the PSN code wololo… 🙂

  3. nakedfaerie

    hope it doesnt lead to a dongle like the vita scene.

    the problem is $ony will just ban accounts more if they see any kind of exploits being ran. they did that with the PS3 and i bet the ban hammer will be worse with the PS4

    • Franky

      I know this might be a touchy subject, but when a device has kernel access or at least the ability to run backups in some way (Gateway and it’s unprivileged user-mode) I wonder why devs won’t utilize the exploit and make a backup loader.

      The trouble that geohot and bunnie got into might be the answer and I wouldn’t want to see devs go through what they go through just to give users complete access over the device they paid for and own not rent out like these companies seem to think. I honestly do view companies like Gateway a lesser evil than Sony and so on so I have no issue giving them money and paying for a second hand gaming console.

      It’s greedy business practices that’s going to destroy gaming (on disc dlc, rip off season passes, locking away features for the sake of monz/cause it was there and now it’s not) and consumer ignorance that buys into these horrible practices, not piracy. The day these corporate giants gtfo of the gaming industry is the day of great celebration.

    • FUALL

      you can barely call that a scene.

  4. Kreelz

    First!?

  5. z2

    so.. What are the ps4s that comes under 1.76FW?

    Are there any serial numbers to look on to the boxes?

    Appreciate your replies..

  6. dewitman

    Luckilyy I stayed on 1.76 with one of my PS4 systems 😀

  7. fame

    The problem with the “scene” it is completely wired for fame. Rarely people work openly, everybody races against an imaginary competition (there is almost no open source community). The exploit and any future exploits for more recent firmwares would land much quicker if the knowledge was shared. Instead, they disregard how much their work (exploit) and working environment (OS, PC) is actually based on openly shared knowledge software and code and don’t do the same. Instead, everybody needs to implement the same (troublesome) CVE … childish.

    • wololo

      I think you’ve missed some events that happened over the past 5 years. It used to be ok for hackers to share their findings back in the PSP days. Since then, Sony has sued hackers for their work on the PS3, and have made their consoles much more reliant on network connectivity and firmware updates.

      The result is twofold:
      – hackers worried of being sued
      – hackers worried that a leak of their work could result in an instant patch on the firmware.

      both these things lead to less public sharing of work, I think “fame” has close to nothing to do with it.

      • kernelleaker

        Actually fame another reason for the information being kept hush hush is because nowadays the group that comes up woth the code or hack or procedure or whatever to pirate or run a different os can be sold for a profit like gateway for the vita or the recent iphone jailbreak that went for a million dollars

        • fame

          I agree, which is even sadder. It’s either greed or fame, not fear.

          • fame

            Please also release my longer response to the wololo comment above, detailing why I disagree with the assessment that fear is a factor of importance.

      • fame

        The hack is (obviously) a (known) FreeBSD (+ others) exploit which was released already by the initial author long ago and ported. It’s not a zero day. People release all sorts of exploits every day (in this case for example the initial author), and in most countries they are absolutely allowed to do so. Look at failOverflow or individual security experts, you will find exploits publicly. This “fear” excuse is simply not true, esp. in most of Europe. Further more, you could just work anonymously (Tor) and open from the get go. You think Sony is gonna sue multiple github contributers and hundreds of forkers? Even Graf and Hotz hurt them more then end anything (or don’t you have a rebug?).

        Graf was harassed, because he was (rightfully) very pushy and political about it, but he didn’t loose in any way shape or form in court. Hotz was a mediocre loudmouth in a money-fascist country and gave in asap. because he was just interested to be in the news. I doubt he would have lost either in higher instances. (Both where supported and likely ended up with more money in the end then they had before, even with all the costs.)

        Your argument towards patches is also invalid in this case. The exploit has long been patched (which everybody knew from the get go – it was very obvious). So the only reason of working on it is to gain access to find further exploits (which Sony can’t patch until they are found). The only thing they “could” patch is code execution … and I am not sure they would, for obvious reasons. Even without a release, they can simply guess how that works … its obvious is you created the system.

        It’s all about the fame my friend, don’t get sold on the concept and cheap excuse of fear. And to those who actually buy into the fear: If harassment dictates your actions, you have lost already.

  8. wonre

    fw 1.70 was preinstalled in ps4 bundles at the precise date when european ps4 bundle last of us got released (i have that one it has 1.70)
    so ps4 bundles, still sealed, with a release announced around that date are interesting to hunt
    note that american and european ps4 bundles might not have been released at the same date at all

  9. umhumh

    I am running 1.51 🙂

    Let’s hope for a release then, since it is patched already i do hope they decide for a release.

  10. Darth Agnon

    Will this help the Vita hax in any way? Are there perhaps similarities in the architecture of the two consoles that could be leveraged to open the Vita?

  11. Trapstar30

    Can you say CFW for the ps4 I’m so hype I want to be able to run dreamcast, nes,Sega Genesis etc… on the ps4. I don’t care if I can get on online I have a second one for that this is just my fun box plus it would be cool to have one cfw ps3 and one ps4 side by side each other.

  12. ps4ree

    Man what I would do to have a ps4 just like the original xbox… redbox a game, copy it for later. as well as a boat load of awesome emulators like ps 1 2 and dreamcast

  13. ps4ree

    Man what I would do to have a ps4 just like the original xbox… redbox a game, copy it for later. as well as a boat load of awesome emulators like ps 1 2 and dreamcast all in HD on a 1tb (or more) ssd

  14. Franky

    Also, I do wonder if anyone would be interested in making custom drivers for Windows if you can install Windows onto the PS4 since the people working on this have access to the entire system.

  15. Manuel Eduardo Koegler

    Do newer games require you to update to latest firmware just like the ps3? Because if not I might just exchange my current ps4 for a different one if I can secure myself a kernel exploit.

    • nope

      They do, every game on just about every system does

      • Manuel Eduardo Koegler

        Thanks, is there a place I may be able to look up which games require what firmware? Couldn’t find it on google. In this case I might wait until a firmware spoofer is released.

  16. Arthur

    How do you keep having 1.76 FW? I mean the system does not allow us to use online feature if we stay on 1.76. Right? I have the latest firmware because I play most of the games online. If somehow PS4 got hacked and that CFW only worked on 1.76 then what would we do who have already updated their firmware? 🙁

    • Manuel Eduardo Koegler

      Either wait for the possibility to downgrade, which means it’s advised to not update further.
      Otherwise sell your current ps4 and get one with an older firmware, and again, don’t update.

    • nope

      The same exact thing that happened with literally every other system ever made, this is nothing new. It should be known that if you want the possibility of CFW or exploits you keep the firmware as low as possible.

      There are two whole generations of PS3’s that are unhackable for this exact reason. And ODE’s don’t count, those things were a waste of money.

      • Lucif3r

        Actually, its “only” 1.5 generations of PS3’s thats “unhackable” – All super slims and all slims 2.5k+ with datecode 1C or above.
        All fats, all 2k slim, all 2.1k slim and many 2.5k slims are able to run at least FW 3.56(3.56 is hackable through noFSM method).

  17. acidtalk

    waste of time and money. U don’t even know when an exploit would be released to public. could take a year or even worse.

    • Franky

      Eh, we had to wait until Geohot worked his magic in 2011/2012. 5-6 years after the launch of the PS3. Just stay determined!

  18. Dani

    Only killzone and infamous bundles have 1.76 older, are a lot of console with low firm but how to indentify?.

  19. bit

    At this moment we are waiting for Cturt news, but to the people who are waiting to develop some apps for PS4 could be grateful if some like a kernel dump (apparently I think that it’s his progress) or anything more complex is shown.

    Probably Sony will not fix this issue, they have done this work before, months before. And probably it’s not a kernel exploit for recently firmwares.

    I could understand this “quiet” if developers are seeking for other recently “break” in the last firmware to launch this exploit for all people (people who cannot use the webkit exploit to “call the hack”), but… I’m looking in laster commits into github for cturt ps4-sdk and he just has done a progress in file system calls (fchmod and msync) and networking (apparently start supporting ipv6).

    We are waiting for progress, instructions and news, but I think the currently situation is there are so much work to do and there is no so much work done. Anyway, there are more people like me than we want to help (I want to port a Kodi to PS4 some day).

  20. ghkh.v

    ccccc

  21. joao paulo

    Guys, good news for everyone, Cturt tweeted on Tweeter that Ps4 is now jailbreak !!!! you not imagine the happiness I doubt anyone can look on his tweeter ……

  22. joao paulo

    The Ps4 now is Jailbreak!!!!!!Thanks woolly,thanks Cturt…..

  23. Bit

    Extracted from twitter:

    Just broke WebKit process out of a FreeBSD jail (cred->cr_prison = &prison0). Guess you could say the PS4 is now officially “jailbroken” 😛

    Enough for me at this moment ;). Waiting for the real exploit

  24. Manuel Eduardo Koegler

    http://www.ps3devwiki.com/ps4/CUH-10xxA_series
    I leave you people this page here above.
    All units listed should come sealed with a < 1.76 firmware. Then there are also a few other bundles like the Last of Us Remastered bundle.
    Good luck finding one sealed for a reasonable price.

  25. Pierpaolo

    Who has already a ps4 can kindly post the model type ( the cuh – xxxxxx code) that can be found on the package, usually on the front on the right or left side, and the initial firmware version of the ps4?

  26. I couldn’t refrain from commenting. Exceptionally well written!