People who are new to the PS4 scene and joining us on their shiny 9.00 PS4 seem to be a bit confused about how to run the 9.00 Jailbreak, and in particular how to inject payloads. Here’s a full guide on how to run the PS4 9.00 Jailbreak, from start to finish.

0. Upgrade your PS4 to 9.00

First of all, if your PS4 is not running firmware 9.00, you might want to upgrade it to that firmware. Check here our FAQ as to whether you want to upgrade or not, and once you’ve made your decision, you can update to 9.00 following our guide here.

Note: if you’re on firmware 9.03 or higher, you can’t go back to 9.00 and you will not be able to run the Jailbreak. So be careful not to update to 9.03 by mistake

1. Prepare the magic USB stick

Note: This step is only required once. You’ll need to use the USB stick every time you Jailbreak, but this preparation step is only needed the first time.

The PS4 9.00 Jailbreak requires part of the exploit to be injected from a specifically crafted USB stick. You’ll need a dedicated USB stick for this, as it will be required each time you jailbreak the console, so use one that you don’t need for anything else. You don’t need anything huge, the image you’ll copy there is 4MB.

1. Download the exfathax.img file from the pOOBs4 Jailbreak’s github.
2. Plug your USB stick into your computer. You don’t need to format it, as the next step will do that for you.
3. Download and install a tool to write the img file to your usb stick, such as Win32 Disk Manager
4. Write the img file you just downloaded onto your USB stick. See the screenshot from the Jailbreak’s github for reference:
5. Your magic usb stick is now ready!

2. Note your PS4’s IP Address

You’ll need to know your PS4 IP address in order to send payload to it. Before starting the Jailbreak process, go and note down your console’s IP address:

1. Note down your PS4’s IP address in Settings > Network > View Connection Status

3. Run the Jailbreak on your console

With your PS4 running firmware 9.00, and your magic usb stick in hand, let’s proceed to actually running the exploit.

1. point your PS4’s browser to any trusted host that has the exploit. This can be a local server that you set up yourself (you’ll need to put the files from the Jailbreak in there) or one of the public hosts we trust. For public hosts, two popular ones are:
   • https://cthugha.exploit.menu/ (by Al-Azif)
   • https://kameleonreloaded.github.io/900/ (by Kameleon)
2. When you reach the exploit page, you will see a loading screen
3. If the first step of the exploit (the webkit exploit) works, you will see a message asking you to insert the USB stick.
4. Go ahead and plug the usb stick (do not click the “ok” button of the dialog box!). A message saying “This USB Device Storage’s file system is unsupported” should pop up on the upper left of your screen
5. After that message has appeared, go ahead and click “ok” on the dialog box. You should now see a message saying “Awaiting payload”.
6. Your PS4 is now technically Jailbroken. Remove the usb stick from your PS4.

4. Inject a Payload

You will now be injecting a “payload”, that is, unsigned code that will run on your PS4. This can be something as simple as a bit of code that will be dumping some files from your PS4 firmware onto a disk, or run an ftp server on your PS4, or a full fledged Custom Firmware such as GoldHEN or Mira.

In this example, we’ll be injecting GoldHEN, but note that any compatible payload would work at this point.

Warning: Be sure that you download only payloads from places that you trust, and that you understand what they do, before injecting them. At this point, you have full control of your PS4 and this means you could permanently brick your console if you inject malicious software.

1. Make sure your computer is ON, and connected to the same local network as your PS4 (this should generally be the case as long as your PC and PS4 are connected to the same router, and unless you have a complex network configuration at home).
2. Download GoldHEN (for firmware 9.00) from the official gihtub.
3. You’ll want a way to send payloads through Netcat, from your PC to your PS4. You can use the utility of your choice, NetCat GUI by Modded Warfare is what we’ll be using here.
   • Note: The help image from NetCat GUI below says you should run the “binloader” payload. Technically the Jailbreak is already awaiting a payload so you can ignore this, this time (once you’re running e.g. GoldHEN though, you’ll want to run a binloader from the PS4 in order to accept more payloads)
4. Run Netcat GUI on your PC. Make sure the IP address is the one of your PS4, that the port is 9020, and load the .bin file for GoldHen that you just downloaded. Then click “inject payload”.
5. If everything works as expected, your PS4 should display that GoldHEN has been loaded successfully:
6. To confirm that everything is in order, you can go to the PS4’s “Settings” menu, and you should see GoldHEN in there:
7. That’s it! Now google around to see what cool stuff you can do with your Jailbroken PS4 😉