PS4 Custom Home Menu, the early steps of PS4 unofficial themes?
Earlier this month, PS4 Scene member Senaxx published a screenshot of a PS4 Dev unit running firmware 1.76, with a modified icon on the main menu. No additional details were posted, and most of the scene websites just dismissed the post. So did I.
So I was kind of surprised to see this piece of news on many of the scene websites today. And now I feel like I have to mention it or people will call me out on this one.
What is this?
People running on firmware 1.76 have a way to customize some of the icons on their PS4’s main menu. This is apparently thanks to the (unencrypted?) SQL-based database that powers some aspects of the PS4’s interface and registry.
The process is not necessarily groundbreaking and not directly security or exploit related, but what made it newsworthy recently is that people have been able to reproduce it, and it seems to be reasonably simple, for PS4 1.76 owners.
According to fx0day on playstationhax, the file to edit can be found in /system_data/priv/mms/app.db. Just open it with your favorite offline SQL editor such as this one, and start digging for cool stuff you can modify, then reupload the file to its location on the PS4 with your favorite tool (PS4 FTP comes to mind).
This could be the very first step for user-customization of the PS4. We all know how much people love to customize their experience, so by digging into some of the unencrypted data of a PS4 running on Firmware 1.76, maybe we can expect more customization moving forwards.
In the meantime, enjoy a few screenshots, courtesy of the members over at playstationhax, + the original one from Senaxx.
source Playstationhax.it and Sennax, thanks to @sh21ab and logic-sunrise
Oh Snap Multiman!!
Its just an icon and some text that have been replaced.
Fun stuff
I can’t wait to get my hands on a custom firmware even if it doesn’t have piracy stuff
It would be cool to miss around
So just like the vita.
Has anyone looked into SQL Injection as an attack vector or escalation mechanism? :p What does the information schema look like and what processes access it?
replace “hash value” by “hash value or 1=1” ? too easy 🙂
So it uses an unencrypted SQL based app.db file which can easily have records modified. Same idea as the Vita then, that’s pretty easy to inject new icons to or change existing ones as you see fit.
so injecting ark or something similar could be possible in theory?
Pretty funny this get’s picked up now. This has been done on a debug console but can also easily be replicated on a retail 1.76. Use some kind of FTP binary (PS4LINK for example) to login to you ps4, and grab the app.db to your PC. Edit it with sql lite editor. You cannot add entries, but you can modify existing entries easily. Upload a new ICON0.PNG to your playstation 4 in the appdata (if i remember right) replace the app.db and reboot and profit.
But it actually doesn’t do anything… it’s just a text entry in a database and an icon that I replaced. I posted it up for fun on twitter since it’s not a big of a deal.
Thanks for the confirmation!
anyway, for me you have showed the most interesting progress for end users, thanks for sharing.