Earlier today, hacker TheFlow released a proof of concept kernel exploit for PS4 up to firmware 7.02 included.

Here’s the progress and what we know so far.

Stay on firmware 6.72 or lower if you can

Although THeFlow’s kernel exploit work up to firmware 7.02, it requires an entry point, like all privilege escalation exploits. That entry point is going to be a usermode exploit, leveraged for example through a webkit vulnerability. That’s where reality hits: so far, the only publicly known usermode exploit that’s still usable in recent PS4 firmwares is Fire30’s Webkit exploit bad_hoist, which runs up to firmware 6.72 included (note: compatibility with beta firmware 6.80 to be confirmed).

I have stated that a new webkit exploit shouldn’t be that hard to find for 7.xx, but I might have been very wrong. As a matter of fact, SpecterDev, in a very instructional stream (in which he attempts to reproduce and weaponize TheFlow’s exploit) stated that from his perspective, webkit exploits are difficult to find nowadays, and we might not see one for firmware 7.02 anytime soon.

Bottom line: until/unless a fully functional jailbreak is released, do not update your PS4, and stay on as low a firmware as you can!

Jailbreak 6.72 Not ready yet, but “soon” ™

SpecterDev has been hard at work trying to implement TheFlow’s exploit with Fire30’s webkit exploit, to get a functional hack. From there, a full Jailbreak, and a HEN should be “relatively” straightforward.

SpecterDev is not there yet, though. In a 3 hour stream today he showed his attempts at getting the exploit to work, with no success so far. These things take time of course, and it’s likely other hackers are trying to piece this thing together, so stay tuned. I personally want to say it’s a matter of days, not weeks, before we see some actual release. SpecterDev in particular has stated he will keep working on this exploit throughout the week, while streaming his progress.

On that topic, his stream is extremely instructional if you want to see how the hacking process works. And for those thinking it might be easy, this gives a lot of perspective. Here we have a person who has successfully hacked the PS4 before, has all the tools ready and running, has the full source proof of concept exploit, and still doesn’t make visible progress in more than 3hours of focused effort.

What about firmwares 7.0x?

Firmwares 7.00, 7.01, and 7.02 are vulnerable to TheFlow’s kernel exploit, but there is no public usermode entrypoint to access it. Although there’s hope for these firmwares, we will need to wait for a new usermode exploit (webkit or other) before a jailbreak is seen for those folks. Nobody has stepped forward so far to announce such a release.

I’m on firmware 7.50 (or higher), what are my options?

Firmwares 7.50 and above are patched for that specific vulnerability. There’s no saying when the next kernel exploit will be released, if ever, for the PS4.

Now might be the right time to get a second PS4. Try to get an older one, although as a general rule, it seems any bundle except for the “Last of Us Part II” will ship with firmware 6.72 or lower. Spider-Man bundle for example should ship with firmware 5.5x. The “Days of Play” special edition ships with firmwares 5.0x.  It is also likely the “Only on playstation” black friday bundle from 2019 ships with 6.7, or possible 7.0x (definitely not 7.50, which was released in 2020). Of course, do your own research before purchasing anything. Please note that PS4s are vastly out of stock these days, therefore expensive (up to twice the normal price, as far as I can find for bundles on Amazon), and that only bundles bought “new” can guarantee you a specific firmware.

Note: (the Amazon links above are affiliate links).

The post PS4 kernel exploit and 6.xx/7.xx Jailbreak: what we know so far appeared first on Wololo.net.