PS4 Hack: Tools and resources if you want to hack your PS4 today
The PS4 Hacking scene has made significant progress so far in 2016 (sometimes in a painful way), and it is in theory possible to run native hacks as well as Linux on your PS4 today, assuming you’re tech-savvy. But fear not: the community is hard at work to help each other. Here are a bunch of tools and resources you can grab if you want to give things a try.
All of these assume you have a PS4 running on Firmware 1.76. The exploits that have been released or leaked have been patched in recent firmwares, and the common denominator at this point is firmware 1.76. It is doable to get your hands on a PS4 firmware 1.76, but not necessarily easy.
Running BadIRET on your PS4
- PS4 Playground by CTurt
- Wifi Loader by CTurt
- TCP-Dump by CTurt
- PS4-SDK by CTurt (start to see a pattern here?)
- BadIRET leaked exploit
There’s a great thread over at playstationhax.it (skip the first page which is basically some sort of flame war) where people are trying to get all the necessary tools up and running (and on windows too). Don’t mistake that thread for a tutorial though, as it’s being updated by people who learn as they go. But if you’re trying to run the PS4 Kernel exploit you might get some interesting insight from them.
Running the Webkit exploit will be your first step. You can run it through the PS4 Playground tools. You’ll need set up your own local apache server to run everything from there. extreme-modding have a page set up with some convenient shortcuts for those who want to try without having their own server. But ultimately you’ll want your own server.
CTurt’s Wifi-Loader will let you send some payload (ultimately, the badIRET exploit) to your PS4.
His other tool, TCP-Dump will let you download the messages sent to the PS4. The combination of the two tools should help you check that everything’s working correctly.
CFWProphet also released a Windows compiled version of the PS4-SDK here. He says it includes some bug fix from wildcard and himself related to the BadIRET exploit.
With the PS4-SDK, you can compile the leaked BadIRET exploit into a badiret.bin. This is what you’ll inject through the Wifi Loader. People say the leak is not fully functional:
— Abkarino (@AbkarinoMHM) March 3, 2016
A pre-compiled version of BadIRET.bin can be found here. I haven’t tested it so use at your own risk. Ultimately keep in mind that you’ll want to be able to compile your own version if you want to start doing useful stuff.
Once you have BadIRET saying “Entered Critical Payload” to your TCP-Dump process, you’re pretty much “done”: your tools are all set up and you can start playing.
Loading Linux on the PS4
CTurt added yesterday an update to one of his blog posts, explaining how to load Fail0verflow’s Linux port to your PS4. This is a recommended read to all of you who have managed to load the BadIRET exploit as explained above.
The easiest way to get these files into RAM is to copy them to a USB flash drive formatted as FAT32, which can then be read from once you’ve broken out of sandbox as explained earlier (
/mnt/usb0/). You could also download them over the network if you prefer.
You’ll also need to compile the ps4-kexec system call implementation as a relocatable binary and include it in your kernel exploit.
There are lots of unknowns at this point in the PS4 hacking scene, but all the tools are here and available for those of you who are interested. This is the early stages of PS4 hacks, if you’re interested in console hacking, this is your chance to be part of the few people who understand the PS4 from the inside out! For those interested, I’ve created a thread on our /Talk forum if you need help (or can provide help!).