PS4 hack: The latest status for 5.50, 5.05 (and below) – updates from Qwertyoruiop
There’s been a lot of misinformation, or misunderstandings, about the status of hacking for firmwares 5.xx, or, technically, for any firmware above 4.55 (so yes, this includes 4.70).
Hacker Qwertyoruiop has somewhat clarified the situation, but some people seem to either read too much between the lines, or not enough in some cases. So here goes my attempt at clarifying:
OK, remember this part and get it through your hard skull
In order to fully hack a PS4, you generally need a combination of two exploits: 1) an entry point from one of the user processes, a.k.a a usermode exploit. This is typically a webkit exploit (but could also be an exploit in any other user app of the console, such as a game). And 2), a privilege escalation exploit (often referred to as “kernel exploit”), in order to get “root” access, in other words full access to the console.
The usermode exploit gives you enough access to run a bit of code: enough to run the kernel exploit which will unlock “real” access to the console.
Without both of these, you can’t really do much: A kernel exploit alone doesn’t give you anything, because you don’t have a way to actually activate it from anywhere. Conversely, a usermode exploit alone gives you some level of control on the console, but typically not enough to do anything “fun” (note that on that part, things could evolve with time: on some consoles, usermode exploits have led to great homebrew loaders such as *cough* VHBL *cough*)
The status of PS4 Hacking as of 3/2018
If you own a PS4 running firmware 4.55 or lower, congratulations, you can Jailbreak your PS4 and do a bunch of cool stuff with it.
If you’re above 4.55: Hacker Qwertyoruiop has stated that Sony patched his kernel exploit on firmware 5.50. This automatically implies that he is in possession of a kernel exploit that apparently works up to firmware 5.05 included, but not on 5.50. Clear enough?
In the exact same tweet, he explained that he has improved the recently disclosed Webkit exploit (remember: usermode exploit) and tested it on firmware 5.50. This confirms that webkit exploit is valid up to firmware 5.50 included. And you can actually play with it on your PS4 from the url provided by the hacker (http://crack.bargains/550/). Remember what I wrote above, though: a usermode exploit is fun, but does not give you much to play with without a kernel exploit.
Qwertyoruiop has also said he updated to firmware 5.50, and confirmed it by showcasing the Webkit exploit. He strongly implied that he is now looking for kernel exploits on the latest firmware.
see you on the other side pic.twitter.com/SCVmUZOaPJ
— qwertyoruiop (@qwertyoruiopz) March 8, 2018
i rewrote the public webkit exploit that worked on 5.50 so it doesn’t suck (should be 100% reliable), you can find it at https://t.co/99pveLopaM – old kexploit was fixed in 5.50!
— qwertyoruiop (@qwertyoruiopz) March 10, 2018
ready to pwn pic.twitter.com/2LxjmLFR9c
— qwertyoruiop (@qwertyoruiopz) March 10, 2018
Please note that to my knowledge, Qwertyoruiop has not stated anywhere that he would release his kernel exploit (the one that got patched in 5.50). So, although there is hope that such a thing could eventually be released (the hacker has a pretty good track record of releasing stuff on the PS4), there is no guarantee of that at the moment.
So let’s summarize.
Can I hack my PS4?
if (x <= 4.55) – If you’re on firmware 4.55 or below: Yes, your PS4 is fully Jailbreakable, check here for details.
if (4.55 < x < 5.50) – If you’re on a firmware above 4.55, but strictly below 5.50: There’s a public Webkit exploit you can play with (remember, it won’t bring you anything, as an end user). Additionally, we *know* there exists at least one kernel exploit for your console (Qwertyoruiop’s one, mentioned above), but no hacker has promised any release at the moment. Therefore you’ll often see it mentioned as a “private kernel exploit”.
if (x == 5.50) – If you’re on firmware 5.50: There’s a public Webkit exploit you can play with (Remember, it won’t bring you anything, as an end user). However, there is no public knowledge of a kernel exploit working for your console at the moment, let alone a promise of a release for it.
In conclusion, always stay on a firmware as low as you possibly can. In particular at the moment, if you’re on 5.0x or 4.70, do not update to 5.50: there’s more chance of a Jailbreak for you than for people on 5.50. If you want the best of both worlds, you need 2 PS4s. Buy a secondary one that you’ll keep on a shelf until a hack gets released. It could be weeks, it could be months, nobody really knows for sure.
first
great article, and a nice read for those who wants to know how,why and ..if ever.
Exiting times ahead…..please keep your heads above water and play it cool
STOP IT! DONT COPY PEOPLE! THATS STUPID!
Hey I have a crack PS4 v 5.05 and my dns value has become 0.0.0.0
And my internet connection does not failed, what to do now
The last pic in the post confirmed his newly acquired kernel exploit on 5.50. That means he currently owns another kexploit to play with in future firmwares, so the patched one should be released anytime soon.
Wrong
but uid = 1, and i thought 0 was root? surely this is something else, as much as i want it to be different
On the last picture is a usermode exploit, not a kernel exploit.
sick name.
that last picture is a kernel exploit. That’s why you see the root file system and a peek in memory.
lies, you can list directories from sandbox with webkit exploit only, and clearly it lists the sandbox as it shows the /folder that is random letters and numbers
Blah blah first?
And the reason for not releasing patched kernel exploit is… Uh, no reason to hide it anymore right?
yup same old PS4 scene – keep current FW jailbreak private until it is patched and then wait year or so until all new PS4s are updated…
now that the kexploit is patched in 5.50 there is no point for qwerty to not share it with us 5.05 users, so lets all wait patiently for master qwerty to released it in public. 🙂
Actually this guy gets off on teasing people, so you’re better off waiting for some anon to release anything worthwhile.
esqueçam que nao vai ter desbloqueio 5xx.
unico desbloqueio sera aternamente 4.55.
“This automatically implies that he is in possession of a kernel exploit that apparently works up to firmware 5.05 included”
Meaning? so 5.05 has a chance to be jailbreakable? in a future
It has been very strongly hinted at (maybe even explicitly stated) several times, so yes it has a very strong chance of a JB. When that might happen is another question, of course you get the usual “could be a week, could be never” response when you ask.
While he never implicitly stated he would release the patched kernel exploit. It would be pretty ridiculous not to seeing as it will never be useful again in future firmware versions.
not if the exploit will affect other devices and is still 0day on them
It was patched in Webkit. so anything ever that gets that commit will be patched, its no longer 0day for anything that hasn’t already reached EOL.
Yeah the last picture looks a lot like a kexploit because it seems to be doing a lot more after showing the webkit exploit result. I wonder, if he said the OLD kexploit was fixed, maybe he found a new one?
Yes his Day0 exlpoit has been patched, as he predicted. Should see a 5.05 release sometime soon. There is literally no reason to keep it under wraps anymore.
The last pic prices that he has a working webkit exploit for 5.50 and that he’s ready to look for a kernel exploit
In all the time I’ve been on this site I’ve never seen you directly insult your base. “Get it through my hard skull? No problem, ill hop over to another scene site
Comments opposed to wololo calling us stupid apparently get removed. I screenshotted mine so ill post it on Twitter lol. Noone needs to be called stupid, and calling you out gets censored? Lame stuff man. Hopefully you edit the article, you sound condescending
Did it occur to you that he was not directly talking to you but to annoying people who ask the same known stuff over and over again? If you don’t have a hard skull as you imply, maybe you could work on getting a slightly harder skin as to not be offended so easily. Also, I still see your first comment so it obviously was not deleted.
Well thanks for insulting me was a fan of the site for a long time but i guess i am will switch to pshax forever now
Good leave
Moondemon he makes no clarification there, and i simply stated that it was wrong to do. If you cant handle that feel free to ignore my post. It disappeared and came back, not sure if a glitch or what happened there. Generally one avoids insulting the reader, as it is the reader that generates traffic to the site.
You did not “simply state” it, you acted like a kid who got scolded. Also, I feel like I did “handle your post” just fine, but hey, we know now that you are easily offended so maybe my “handling” of your post was too much for you and you feel the need to tell me not to reply to any comment? Or just not to your comments? Oh well 🙂
I’m laughing at these guys complaining and saying they’ll go use some other website, and then staying here for HOURS later, still complaining. Didn’t you leave? lol
I don’t quite understand why these hackers don’t want to release their exploits, I get it when nothing has been released yet, you don’t want to be the one to open the floodgates to piracy and potentially get in trouble by the company, but exploits exist now…a normal average Joe can hack their PS4 and install “backups” and homebrew, so why even tell the scene you have an exploit if you don’t plan to release it, then what’s worse is that you complain when people bug you to release it…
Wow your a totally noob eh i think your too impatient on your statement This hackers has no benefit they dont make money or credit except they do donation and this PPL has a right to complain and say what they want they’re the one who manage this to become possible
and your just a crying bissh who knows nothing lets make a lil example why wont you try to become a hacker and im the impatient guy and lets see i will bug you for release what would you feel about it eh?
Well, my thick head says he did mention that would release…
Qwertyoruiopz: “if things are patched sure"
Twitter, May 30 2017
Instead of playing cat and mouse, we should think about how to implement exploits inside the firmware. Create a container from which it can be called up and run when the system starts, without external sources.. but you only care about pirate games .
I greet all the real ones. smutek110
Interesting idea but…
…how would you implement exploits into the firmware, when you have actually no access to the firmware?
If you mean implement exploits on already released firmwares… that would be possible but the hard part is to actually get the device to acknowledge the custom firmware (see henkaku enso 3.65 for that).
The flow (TN) managed to actually manipulate the new firmware on updating and probably RE-FLAWING it during the update phase.
That is why already updated devices cannot get hacked currently.
Running a cfw or a chain loader on boot requires at least a very early kernel exploit but better a bootloader exploit… look at the 3ds (sighax) or ntrboot if you want to name it.
Something similar is going on in the switch scene, they found a bootloader exploit. After that, you can do anything on the device and no security later down the boot chain could ever block you from any access.
Even newer firmwares CANNOT block you anymore, since you use a vulnerability so early at device start, that no firmware could interfere.
The only block that could potentionally occure is, if the bootloader is updateable and newer firmwares carry such an update with it.
BUT this is probably not possible on 99% of devices in the market (smartphones, consoles, computers,…) since the huge majority uses on die in silicon burnt bootloaders due to cost cutting and reliability.
Those E-fuses in certain devices are not for reprogramming but for the devices self diagonse which firmware version it should load.
If the amount of lit fuses does not match the firmwares expectation, it will trigger a kernel panic and a boot stop.
Again this is no reprogramming of the bootloader, so if a device has a bootloader exploit you can manipulate the loading firmware to believe everything is fine and dandy and the amount of lit fuses is correct.
Just a short summary here.
I, too, greet the greats.
Scene PS4 = Poo.
I will wait untill the end of the world for this exploit to be released.
Usually through here.
I’m happy that I didn’t updated my ps4 slim. Hope that I can jailbreak my ps4 someday!
its coming today
I’m on firmware 4.50 but didn’t login into an account and can’t use the internet browser without updating. Is there a way to do that?
Download the 4.55 pup update file from the web and update using a usb stick
There is a way to start a webkit instance through user manual feature and with DNS redirection (or proxy server), the manual can be redirected on an exploit host URL. Then, there is a payload which permanantly activates the true Internet browser even without PSN login.
Just talking BS, anyone can use this name….
Check Twitter for latest Updates
I don’t think so
Guys the exploit will release in 18 of March. Patrick’s day
Just. Wait my friend
What makes you say that? Do you actually have info or cuz its a holiday your betting on?
hello. is it possible for anything like save editing or applying with just the usermode exploit? anyone?
I’m on firmware 5.05, I will stay here till further notice.
Pls how long can it possibly take before a jailbreak for version 5.05 be released
How long can it possibly take before a jailbreak for version 5.05 be released… Please someone reply, am curious
Do you think a jailbreak for version 5.05 can be released within 2-3 months time… Please someone reply, am curious
Usually how it works is that they will wait for a few firmware releases to confirm that the Kernel exploit has been patch and once they are sure that was patch they release it, but a few firmware releases take about a year, but it could be sooner or later.
If I’m not updated past 4.5 can I get fortnite hacks for the PS4? I’m really bad at the game.
Hi I want to copy Discs in PS4. Can you tell me do I need to fully jailbreak the PS4 or just a single exploit will do?
Hi guys ::
for my hacked ps4 , how can I update my games ? im in 5.05 . I have downloaded the pkg file update ( fore example for Last of us remastered ) and I installed till 100% progression but after that , when I check the update version of the game , nothing has been changed and it is still version 1 . what am I missing ??
thanks than your team your your chang my life your GOD OF PS4
is there anyway to hack my ps4 but without the need to go to browser and load the exploit every time i boot up the ps4
i mean just hack it then install games then when you turn off and then turn on again no need to do anything cuz its already hacked
Is anyone working on a cfw like PS3 days? Now you have opened. We need decryption so we can flash and downgrade.
So it was helpful to me.
bro do you mean we can jailbreak 5.50 and install games?please answer fast