PS5 Exploit: Fail0verflow show decrypted PS5 firmware files (they already have the PS5 keys???)
What a day for the PS5 scene! After TheFloW shared what appears to be a PS5 Kernel Exploit on the latest PS5 firmware, the Fail0verflow hacking group came back from the dead with a screenshot of what appears to be a fully decrypted file, part of a PS5 Firmware update.
This would indicate that Fail0verflow have somehow gained access to some PS5 decryption keys, which is…errr, massive?
Update: Fail0verflow have confirmed in a follow-up tweet that 1) they have all the PS5 root keys, 2) those are symmetric (meaning encryption/decryption) and 3) they can all be obtained via software means. Which invalidates some of our guesses below. We keep the original assumptions below to stay honest, though 🙂
Translation: We got all (symmetric) ps5 root keys. They can all be obtained from software – including per-console root key, if you look hard enough! https://t.co/ulbq4LOWW0
— fail0verflow (@fail0verflow) November 8, 2021
What do decryption keys mean for the PS5?
This announce from Fail0verflow means two things as far as we understand.
First, that they have some pretty big hack that let them access highly secure locations of the PS5, in order to extract the decryption keys of their test devices. Knowing Fail0verflow, the hack most likely involved some significant hardware glitching, but the tweet doesn’t give any details, so we’ll have to wait for a writeup on their blog (if they feel like it). Whether they will share how to reproduce this hack, and whether it will be easily doable for people without their hardware skills, is another story. Bottom line, Fail0verflow probably have full control of the PS5, through a kernel exploit or most likely something even more potent than that.
Second, assuming more people eventually become able to reproduce their exploit, it means ultimately that decrypted firmware files will be available for hackers. This would make reverse engineering of the PS5 firmware possible, and from there, open possibilities for finding future exploits and/or write custom firmwares or Homebrew enablers.
Fail0verflow PS5 Jailbreak ETA wen?
In “recent” PS4 history, Fail0verflow have been waiting for a patch from Sony before fully disclosing any of their exploits. It is possible they will be doing the same for this, so there could be a significant amount of time between today’s reveal and any actual useful information for the scene. They could also choose to never disclose the exploit.
As always, whether they choose to disclose details or not is up to their team, but Fail0verflow have stated in the past that Jailbroken consoles are not worth it anymore since they are so close to computers in features and functionality.