PS5 Exploit: Fail0verflow show decrypted PS5 firmware files (they already have the PS5 keys???)
What a day for the PS5 scene! After TheFloW shared what appears to be a PS5 Kernel Exploit on the latest PS5 firmware, the Fail0verflow hacking group came back from the dead with a screenshot of what appears to be a fully decrypted file, part of a PS5 Firmware update.
This would indicate that Fail0verflow have somehow gained access to some PS5 decryption keys, which is…errr, massive?
Update: Fail0verflow have confirmed in a follow-up tweet that 1) they have all the PS5 root keys, 2) those are symmetric (meaning encryption/decryption) and 3) they can all be obtained via software means. Which invalidates some of our guesses below. We keep the original assumptions below to stay honest, though 🙂
Translation: We got all (symmetric) ps5 root keys. They can all be obtained from software – including per-console root key, if you look hard enough! https://t.co/ulbq4LOWW0
— fail0verflow (@fail0verflow) November 8, 2021
What do decryption keys mean for the PS5?
This announce from Fail0verflow means two things as far as we understand.
First, that they have some pretty big hack that let them access highly secure locations of the PS5, in order to extract the decryption keys of their test devices. Knowing Fail0verflow, the hack most likely involved some significant hardware glitching, but the tweet doesn’t give any details, so we’ll have to wait for a writeup on their blog (if they feel like it). Whether they will share how to reproduce this hack, and whether it will be easily doable for people without their hardware skills, is another story. Bottom line, Fail0verflow probably have full control of the PS5, through a kernel exploit or most likely something even more potent than that.
Second, assuming more people eventually become able to reproduce their exploit, it means ultimately that decrypted firmware files will be available for hackers. This would make reverse engineering of the PS5 firmware possible, and from there, open possibilities for finding future exploits and/or write custom firmwares or Homebrew enablers.
Fail0verflow PS5 Jailbreak ETA wen?
In “recent” PS4 history, Fail0verflow have been waiting for a patch from Sony before fully disclosing any of their exploits. It is possible they will be doing the same for this, so there could be a significant amount of time between today’s reveal and any actual useful information for the scene. They could also choose to never disclose the exploit.
As always, whether they choose to disclose details or not is up to their team, but Fail0verflow have stated in the past that Jailbroken consoles are not worth it anymore since they are so close to computers in features and functionality.
Source: Fail0verflow
First
Wow. Damn thing hasn’t even been out for a year. And they crack it wide open, Guess that solidifies my decision to buy one. Sit it up and wait for the CUSTOM FIRMWARE….. HA HA HA. Take that SONY.
Nah.
Besides encryption keys, there are likely signing keys (assymetric) so one cannot create custom FW the way it was on PS3
We will never see this, way to early in the consoles life. They will pay the bounty I imagine at its highest limit. I had an extra console for research as a cyber analyst, now will have an extra to sell and make someone’s Holiday.
Not Fisrtus
Holy moly, it’s PS3 all over again.
Thats what i said. Whoohoo!!!
PS3 took a fair while though, 4 years. Then another year before we started seeing CFW.
The PS5 has been done in lightning time by comparison.
PS4 Protection >>>>>>> PS5 lol
References an 8 year old article about “Jailbroken consoles are not worth it anymore “. I’m pretty sure my hacked/jailbroken Switch was definitely worth it. Overclocking, changing game graphics settings, emulation, and a *** ton more.
Homebrew isn’t dead lol.
Who ever said anything like that ?
Some sweaty hunchback PC gamer I’m sure.
Is this why my console shuts off completely during game play? Especially when I get a kingslayer on COD?
Read the article again and maybe you’ll find out.
Its dead on Sony consoles.
I really would like use my ps5 as a desktop with Linux.
It’s apparently already been done. Chinese govt were rumored to have arrested a giant crypto mining operation. (Since apparently their gov outlawed all mining farms there) where they were alluding the govt because they weren’t using ASICS or gpu’s to mine. They actually were mining with thousands of used PS4’s all clustered in Linux and apparently there were a couple ps5’s spotted. As far as I know that’s not confirmed tho. But I do know you can mine ether on consoles since ps3
This is awesome! But i really would like to see an exploit on ps4 8.xx 9xx.
So I can test and develop my own homebrew 😉
will use same method on ps4 to bring cfw only then when enough games are out on ps5 year or so then consider it being released my call…
Whelp, the PS5 is doomed.
Can’t they just release new firmware update to fix it?
If FALilOverFlow doesn’t disclose the exploit here same as with the ps4 exploit theire holding back, how will Sony know what to fix.
They’re holding back probably because they want to see if Sony knows of those vulnerabilities and if they fix them. So theyre waiting for a few updates to pass by and look if any of them patches the vulnerability.
The flow will report to Sony for the bounty and they will patch it. Fail overflow may be doing the same.
Wow
nice, i guess
Nice done by Team fail0verflow.
Impressive work to make ARM run on a x86 Core
CVE-2021-26333
Huh? Arm on x86 core? Where are you getting that from? The ps5 isn’t ARM…. and neither was the ps4. People are terming the system setup incorrectly with the ps5…. it’s actually an AMD apu technically on a 7nm process with some expanded memory capabilities . Totally not ARM my friend. Or x86….
U are right, ps5 isn´t ARM. Fail0verflow managed to make some kown ARM code run on the PS4 and PS5.
In my point of view they spend a lot of time to compile that code for Gonzalo.
So its a impressive work.
Have a look @ CVE-2021-26333
Did you really look at the vulnerability you’re referencing?
That’s an information disclosure exploit/memory leak on AMD drivers for Windows (amdpsp.sys)…
So is it time to go grab me a ps5 and leave it untouched for a year or two until we see a functional exploit and payload or nah?, cuz I’m thinking if this news is legit then there will be a huge price spike for both new and used ps5’s, plus assuming the chip shortage isn’t coming to an end anytime soon which will make ps5s even harder to get, right??.
There definitely will be, once scalpers find out, the prices will skyrocket
blah blah I hope taht consoles ps5 and xsx will be never crfacked
blah blah i hope that consoles ps5 and xsx get hacked so people at sony and you cry
Shut up
Yeah, shut up
I can tell you it’s all true
Wonder if you could jb the PS5 and then install Linux to play Steam games via Proton. With the GPU prices these days PS5PC would be a pretty decent price/performance machine.
You think that would be possible?
Should I update my ps4 to FW 9.0 or stay 8.52?