Time for our regular PSA on unhackable firmwares.

TL, DR: not much on the horizon.

PS4 Jailbreak: What’s needed

As a reminder, and at the risk of sounding like a broken record, a PS4 Jailbreak basically requires two exploits. That’s a bit of an oversimplification to be honest, but the idea is that you first need a way to run unsigned code by hijacking a running process on the console. That “way” can be some malicious javascript on a web page, or a cleverly crafted save file for a specific game. These inputs will trigger some bug in the application that’s running them (whether it’s webkit, a game, or something else) and give you some way to run code on the console. That initial entry point is typically referred to as a usermode exploit.

From there, you need a “privilege escalation”, a way to get to a higher level of authorization into the machine’s more secure pieces of code. That’s what usually known as a “kernel” exploit, because historically on consoles this gave us access to the firmware parts of the RAM, or the kernel.

Hence, two exploits required for a Jailbreak: the “usermode” exploit, or the entry point, and the “kernel” exploit, or privilege escalation.

PS4 Jailbreak: the current status

It’s been almost a year since the latest PS4 Jailbreak was released, for firmware 9.00. Anybody running a PS4 on firmware 9.00 or lower can enjoy the benefits of the Jailbreak today, but people on higher firmwares feel like they’ve been left in the cold. Although that’s the way the game is played, what hope is there today for people running firmware 9.03 or above?

Firmware 9.03/9.04

People on firmwares 9.03 and 9.04 have a dim ray of hope, with the BD-JB usermode exploit. Specifically, Sleirsgoevy has released a working implementation of the Blu-Ray exploit, which in theory should work for firmwares 9.03 and 9.04.

Details can be found here, but keep in mind that this is a usermode exploit. Although historically usermode exploits have allowed homebrew games and emulators to run, this has generally not been the case on the PS4, where it seems the scene doesn’t bother for anything less than a full Jailbreak. In other words, 9.03 and 9.04 are exploitable in usermode through the BD-JB exploit, but this won’t bring you much in terms of useable features. And there is no word on a Kernel exploit for these firmwares so far.

Firmware 9.50 and above (9.51, 9.60, 10.00, 10.01)

Firmwares 9.50 and above aren’t vulnerable to the BD-JB exploit, which adds to the fact that there’s not been any mention of a potential kernel exploit on the PS4 beyond firmware 9.00. These firmwares, for the time being, are tightly locked.

To summarize, as far as a full Jailbreak is concerned, nothing concrete has been announced or even rumored recently for firmwares 9.03 and above. 9.03 and 9.04 are vulnerable to the BD-jB usermode exploit, though.

PS4 Hacks on 9.03 and above: what are the leads?

Besides the bd-jb exploit we’ve mentioned above for 9.03 and 9.04, there are a few leads that are worth paying attention to (we of course at wololo.net are keeping our ears to the ground for any development on these):

Mast1c0re: PS2 exploit within the PS4

PS4 Hacker CTurt has recently released a writeup on a PS4 exploit within the PS2 emulator. He has stated that the latest firmwares are impacted (10.00 at the time, but we don’t see a reason 10.01 wouldn’t be impacted too), and that he would be providing a Homebrew environment for the hack. This remains usermode, but could be extremely interesting, if indeed it allows for homebrew to run. The exploit relies on a vulnerability in game Okage: Shadow King. This is a PSN game, and Sony could easily twart any release by simply pulling the game from the store. It’s difficult to recommend you buy, download, and install the game before anything concrete is released, but I personally did, just FYI.

libxml2 vulnerabilities in 2022

While most hackers have their eyes on Webkit vulnerabilities, the Google Project Zero team have disclosed vulnerabilities in the libxml2 library. That library is used by the PS4, and the disclosure is fresh enough that all firmwares up to 10.01 could be impacted. But tests remain to be done on that front, and it would be, again, usermode only.

I’m on Firmware 9.03 or higher. What can I do?

Based on the above, I can say there is no clear signal from the hacking community at the moment, that anything concrete is planned for recent PS4 firmwares. It’s not to say that nothing’s being worked on (hackers can be very secretive), but it could still be a while before any Jailbreak is released for firmwares 9.03 and above, let alone 10.00 and 10.01.

Because of that, I truly believe that your best bet if you want a Jailbroken PS4, is to buy a console running 9.00 or below. You won’t find those on regular retailers anymore, but second-hand marketplaces like eBay have them for reasonable prices. (Between $200 and $300 at the time of writing).

For the latest and greatest, be sure to bookmark our PS4 Jailbreak page.