Linux on PS4: Fail0verflow showcase Linux on the PS4, run a Pokémon Demo (video)
As we guessed last week in an article entitled “Fail0verflow to announce a PS4 Jailbreak Next week?“, Fail0verflow announced today at the CCC that they owned the PS4 and have Linux up and running on the PS4. They did a very short presentation to showcase the hack, and ran a Pokémon game within Linux on the PS4.
The PS4 hack entry point runs through what seems to be a Webkit exploit. It is likely they are running the hack on a 1.76 PS4 because of that, but it is also very possible that their exploit runs on higher firmwares (and they’re just using the PS4 Webkit 1.76 entry point for convenience).
Fail0verflow hint at critical bugs in the southbridge of the GPU, but do not give more details on the exploit in their presentation, besides “NOP Command is broken on the GPU”.
Linux for PS4 – Release?
Fail0verflow promised in their presentation that they would release the Linux patches to compile for the PS4 soon. They however stated that people wishing to use Linux on the PS4 should “bring their own exploit”, adding “PS4 security is crappy enough that you don’t need us for that”. In other words, the exploit they found will not be released.
Other hackers, contacted about this announce, have told us that the Fail0verflow hack is probably hardware based and a release would not necessarily be convenient anyway. Update: we’re getting conflicting signals on that: it is also possible this is a software hack (a Kernel exploit in the PS4 firmware), running on top of the Webkit 1.76 exploit. Assuming a new userland exploit (similar to the webkit one) was found on recent firmwares, this whole thing could run on recent PS4 firmwares without any hardware mod.
So, yeah, Linux for the PS4 will be released in the short term, but this won’t be helpful for the majority of us, who don’t have the exploit to run it. At this point though, If you own a PS4 running on Firmware 1.76, it’s probably wise that you do not update (see here some links on where to get a PS4 running on 1.76).
Pokémon running on the PS4
Towards the end of the presentation, Fail0verflow ran a Pokémon démo on the exploited PS4. Although this was probably made ironically because it’s always fun to run Nintendo games on a Sony console, it was also a weird message to the homebrew community: “don’t bother writing emulators or homebrew games, Linux is all you need on your PS4”.
Emulator on ps4 – Pokemon on PS4
Biteyourconsole have extracted the presentation on youtube and you can watch it below:
You can check our PS4 Jailbreak page for more details on the latest PS4 hack developments.
Source: The original video and announce can be found on the CCC Relive page, the Fail0verflow part is at 1:31:30 in the video.
Thanks to all the people who have contacted me about this 🙂
I’ve tried looking for things which will help us narrow down the firmware and all I could find is that this is definitely being done on a firmware below 2.50. 2.50 updated the PSN icon, renamed that whole option playstation network/account management icon
http://cdn3.dualshockers.com/wp-content/uploads/2015/03/PS4Yukimura-01.jpg
Thanks, that’s good information
Hmm, so let me get this. Besides code execution (which seems to be on github) nothing is public yet, and there is no interest by anybody to release anything? And they expect their contribution of Linux patches to be useful how?
If you question gateway for their behavior, shouldn’t you do the same here? Or at least prove somewhat of a discussion to it.
Someone below further narrowed it down to being 1.72 or below, so this console they were using was definitely not on 1.76.
No need to read too much into it. If they hacked > 1.76 they would have said it. The entry point seems to be the same WebKit exploit since they didn’t have access to the browser (requires psn access) (and had to use the help trick).
Right, I figured as much. I was just bored and decided to see if I could try to narrow the firmware down even though it most likely is on 1.76.
So … Will we soon be able to play pirated games from an external hardrive on the ps4 or not ?
My crystal ball says go buy your own games
Does it say anything about that in the article? No >.>
you can play pirated games on an external hdd right now by doing this crazy hack called buying a PC it’s nuts man
tell me your method to run bloodborne, dude. hahaha
inb4 someone exploits the same weakness (or other) get the same privs, and when they find out, they make the kernel patches git private…
Doesn’t bragging about the exploit, giving not too much detail on how they did it and not releasing it properly in any form make them kinda showoffs? They’ve pointed other hackers in the right direction, I guess, but it doesn’t seem very “open source” if that makes sense.
Shut up be grateful we hacked it now
I fully agree. I need to work on an exploit (or wait for somebody who doesn’t suffer from your superiority complex) to join the Linux development? That’s your ideology and approach? What a failure! Release it or don’t but don’t bug us with your ego boosts (which are probably compensations for a lot of other things). What’s with the stupid closed society *** you failures.
Remember what they said at Console Hacking 2013? They don’t think anyone cares. Everyone only care about piracy. It’s not worth their risk and efforts to release anything.
Which is sad really, because piracy isn’t what I’m personally interested in at all. I would find Linux useful on the PS4 to run emulators and for Kodi so it could easily be turned into a proper media centre, not the poor attempt we have via the stock firmware. Linux with full network/USB support would mean it could stream from home NAS boxes and use an IR remote via something like FLIRC to make it a fairly decent home theatre solution.
There is something similar that can play emulators, run Linux with full USB, network and streaming support! It’s called a fu-ken PC!!! If youbreally eanted to do that.
But I guess is easier to lie to yourself that you want to do all those features in a machine that was designed for other purposes.
We all know what you want kernel access for, you don’t fool anyone here.
Hey Crzo – actually you have NO idea what my motivations are for wanting Linux on the PS4. But thank you for assuming you do 😉
I have a couple of PCs, laptops and a Fire TV all perfectly capable of doing emulation/streaming as it happens, my Vita does some emulation stuff too. I’m fully aware I can already do this (I have been able to in some shape or form for about the last decade), thank you again.
It’s not a case of needing it (in fact I have enough things to do most of those jobs already), I just think it would be amazing to see it used as a home theatre/emulation machine, taking it beyond the box that Sony keep it in. I can afford any PS4 games I want new or nearly new used (not that there’s many, still getting way more use out of my PS3/Vita) so I could care less about piracy. There’s no lying to myself here. Like the hackers who find the exploits, they might not NEED to do it, they just want to see if it CAN be done. And off the back of that I’d want to see if I could run Kodi on PS4 via Linux with working peripherals and streaming.
Maybe you should consider that you don’t know what people’s motivations are before you jump to conclusions like this.
To be fair, if you can run normal-ish x86 code, a whole slew of free and non-free things are readily available. Most homebrews in the scene were emulators anyway, but if you can just grab RetroArch it’s kinda pointless to try.
Cool that it’s confirmed, uncool they won’t release the exploit for BS reasons.
Yeah, being sued by Sony is a bs reason. We all know that’s what they’re really afraid of, after seeing what they did to GeoHot.
Yes it is. Nobody was ever found guilty by hacking a sony console. They either won or like GeoHot simply signed an agreement. Additionally, they got donations and job offers afterwards which probably yielded them more then they had before. Being sued is total BS. Additionally, they could just release it anonymously if they didn’t need to attach their name to it.
Nobody should care and simply walk away from their scream for attention making it clear that this BS doesn’t matter the slightest ^^
fully ignoring the fact that geohot had to take donations to pay off his legal fees, which weren’t exactly low
Nope, exactly as I said. That they got donations to cope with legal issues. In addition geohot got some fame (and the money that comes with it) and job offers. Which is neat, considering that he is more talk than skill.
In that case they should drop the tough guy act and at least own up to that being the case.
I can do Linux and emulators practically EVERYWHERE nowadays that’s pointless lmao
I don’t care about that I’m just gonna use this to pirate games that’s all were mainly after, I’m not afraid to hide it haha
And indeed you don’t need to feel guilt about it since it’s just breaking a temporary exclusive privilege, or a limited time printing monopoly.
It’s very sad that people don’t know this
so we can run Pirated games on ps4 by this jailbreak ?
today no, tomorrow!
so what that means ? tomorrow ?
they will release the jailbreak for free ?
and can we play all pirated games on it ?
Jesus f#ck no one on this site has a crystal ball. Chill your d!ck
hahaha
I think comments like this should be deleted.
“They however stated that people wishing to use Linux on the PS4 should “bring their own exploit”, adding “PS4 security is crappy enough that you don’t need us for that”. ”
Either release it fully or don’t bother at all. I don’t care about you bragging what you can do. These guys are a disgrace to the whole concept of any scene which is supposed to be about opening these consoles up freely and they are certainly a disgrace to the very heart and soul of what Linux is about
You are my man Ricky 🙂
You guys are all really harsh… They’re releasing linux for PS4 but leaving the method of how to get it to run up to us; I’d say they did at least 75-80% (maybe more maybe less) of the hard work already, up to us to handle the last little bit. And besides the most likely method they used to launch it is already public knowledge.
It’s true, at least they share their knowledge. And I applaud them for it. But how am I gonna contribute to, use and extend it? I need to implement bad iret to do Linux development … ? That’s useful how? The mentality is completely flawed. As soon as a larger group of people wanna contribute to a Linux on the PS4, you need a public exploit. There is no way around it. You think there is a way to filter the bad effects from the good ones? So Why not share it or leave the whole thing be? Ego! That’s what bugs me. This is a giant PR show, which isn’t about Linux either. They got an awesome opportunity to kick-start the whole scene into Linux. If they wait, the exploid will be used actively for the first time for what else? The whole approach is a mental fail.
And the problem with that ego PR trip is that it sends “ego PR trip is good” signals into the scene. Which it doesn’t need and which is Aldo-style unhealthy. Weirdly, I believe that these people and their approach to the topic actually furthers a pure copyright-violation mentality because they don’t send the right impulses.
I kinda like that they don’t release it. Baller as *** man. They proved they can do what they did and that’s all they’re out for, the challenge. They’re not out there to make any “scene” happy and they don’t care if some 14 year old console kiddies are thanking them or calling them based. They know it’s just some kids who want free games and it’s boring.
It’s not just an ego trip that people object to, it would be nice to know exactly how it was done so it could be easily replicated, the way it is now it’s not just enough to have a PS4 running a firmware many versions behind but you apparently need to know how to do the badiret exploit as well. So it’s a case of waiting until someone proves whether or not it’s a software and/or hardware exploit (probably both combined?), does that, gets and runs the build of Linux they supply and THEN leaks the whole method in full as proof of concept. That’s how I see it.
high hopes 🙂
does anyone else see this kind of thing.. ps4…it is almost pc.. i would take ps4 to boot up on virtual machine.. i see i can buy same power components cheaper on x86 machine than ps4….
Eventually this will be possible (boot to PS4) with a good amount of patching. However, the components you need to buy are not much cheaper (at the same level of performance). You can just look up consumer hardware to the same specs. I think, in 15 years somebody may tackle it on there nuclear powered quantum computer to play “old school” games from the past long gone (before the big war).
You’ll cry when they will publicly realease the trick of porting the exploit to higher firmwares (max is 3.10, still don’t know how sony’s found about it and corrected it on 3.11)…I will never understand why people email them about thing we find, if only they’ve had money for leaking…
I can tell you that this will only work on ps4 models cuh 1000-1001 the other later models were hardware revised preventing exploiting. This isnt new sony did the same with the ps3 model 3000-40xx models.Hardware and modding on the mobo is the only way to do some kind of hacking which is ashame.
This is quite simple, FailOver has found out that Marvell runs the GPU on HW mode, this means that ANY KIND OF PS4 GAMES can RUN/EXECUTE on a simple PS4 Linux system with the correct LIBS on it. So, there is no need for KEYS or to HACK anything else.
What this means:
PS4 is full hacked!
There is no way to SONY fix it, it is impossible due to a HARDWARE system.
Thanks Marvell to this ***!
everytime someone says “this can never be patched! no going back now, etc etc” they get proven wrong and an update fixes it and it’s back to the cat and mouse game. I remember people saying the same stuff about PS3. I could be proven wrong but I wouldn’t get overly sure
This is hardware impossible to patch, the way it was manufactured it is a simple double flash memory.
What I mean even with new cryptograph and whatsoever they cant change the hardware only the software layer. The CURRENT hardware will never be patched.
What the HACKER SCENE has found out is that BSD executables on PS4 are PURE HARDWARE DEPENDENT (HDS), so, in the actual scenario once the correct libs are PORTED to the linux or even FREEBSD 9, we will be enable to RUN any kind of PS4 PKG.
I do not agree that this can be patched, but I agree that they can redesign the BIOS/HDS/SWLayer, so all the run be exclusive on SW besides HDS.
The most important findout is the way executables run on PS4, as the AUTHORIZATION to the KERNEL level is being done by HW SOUTHBRIDGE, this is the exploit used to gain access to the KERNEL by itself. Also when you send the PKG to the HW it does not CHECK ANYTHING, only EXECUTE, so, WHAT IS FOR KEYS??? ONLY FOR SOFTWARE LAYER BS….
Compreende hermano? hahahaha
how can hardware run encrypted executable from pkg, i smell ***, the pkg needs to be unpacked first and executable needs to be decrypted before processor can run it. lol
First of all you’ll need an entry point for the exploit, sony will only need to patch those to (at lease ttemporarely) stop us all.
By the way never underestimate what bugs softwares can “patch” if you run them on a “closed system”
So playing pirated games is possible you say ?
Si hermano coprendo gracias for explaining Hermano
And they still can’t run linux on Vita. lol
@keko So this will work on all current ps4 models
Right nos they até working on a permanent solution for the flash memory. This is how everything boots up.
As it is the first time root access has been made, they need to study the flash memory that is BOOT. So this way further revision can be at least reverted to lower version fw.
Second the codes run in Hardware, so, the hardware does the trick, this is why no matter Sony does it will run all games released until NOW.
Psn access is another history.
They have root access on 3 levels.
Flash, Ram and Arm.
There are no more hacks, all hacks has been done.
Run signed or unsigned code doesn’t matter anymore, HDS runs everything just in a exec command.
What users doesn’t understand is that you do not need to run a executable but to send the executable to bend direct on the HDS. It does the trick to run and approve anything as the HDS recryptograph and sign the executable on the run.
Actually I buyed my ps4 for Linux , the pirated games is just a bonus (:
From my investigations the newer ps4 models will have problems getting exploited. Its best to wait and see what will happen. The worst that could happen is opening the console and using a gimmick hack like cobra ode or some sort of future device to enable the possibility.
Nice try Fox News.
WOW. With so many experts we will have CFW tomorrow. H00T Gaming time
This video gives us a lot of information:
– The guide is an HTML page, the webkit exploit is lauched: FW <= 1.76
– It runs the GPU bug to gain full access and everybody can see the log 🙂
I just hope a new exploit wiil be publshed soon for the newer FW.
they use a firmware under version 1.75. you can see the system message on the right side of the screen, sony changed the side in fw 1.75
Why they don’t release the hack? If you start something, finish it.
So why can’t the PS3 Super Slim not yet hacked?
They need to make a Ps4 jailbreak , it would be more important than all this ……
https://fail0verflow.com/blog/2015/console-hacking-2015-liner-notes.html
We also have no doubt that vulnerabilities in the latest firmware can be found without too much trouble. Incidentally,
for me, all of this is a lost time.
if i want to emulate something i will use some pc.
i think is more important to search about a new cfw like the ps3
What about Windows 10, anyone out there with technical skills know if it can be natively run and drivers be made so it run windows PC games???
I hope good things come from it
This is not cool. There are a ton of ways to release it without being caught and they know them for sure. People love the crackers because they are badasses who not only crack the console, but then spread the goods to us poor, ignorant bastards. They are our heroes. You don’t share it – then you no longer are awesome.
Failoverflow used java too load her linux on ps4 so is eventualy BD-j a still entry point for linux on higher firmwares
It is not my first time to pay a visit this web site, i am visiting this website dailly andd take nice
information from here everyday.
http://4kidz.ir/index.php/k2/category-1/item/4-donec-at-mauris/4-donec-at-mauris