It is apparently possible to revert your PS4 to its previous firmware version, without any backup
This is probably one of those “so obvious nobody talks about it” things on the PS4 scene, but it’s only come to my attention right now. And to me, it is a big deal, but maybe I’m just late to the party.
TL,DR: Your PS4 keeps a working copy of its previous firmware (for emergency backup reasons) and it is possible (but difficult, as in, hardware sills required) to go back to it, without any other kind of backup or preparatory work. In other words, if you’re running e.g. on firmware 9.03, and your firmware before that was 9.00, it might be possible for you to come back to 9.00.
PS4 Downgrade to previous revision – The context
We recently wrote an article about Modded Warfare’s lengthy and detailed tutorial on how to “Downgrade”* a PS4. The process is very heavy as it requires hardware skills, and, more critically, preparatory work while you’re at the desired firmware. A typical situation would be to prepare a backup while you are on a jailbroken firmware (e.g. 9.00), then intentionally upgrade to the latest firmware (at the time of this writing, 10.01) in order to play online, and then go back to 9.00 (for which you had prepared the backup) later on.
Bottom line, most people looking for a PS4 Downgrade online will not have prepared such a backup, and are most likely already stuck on a high firmware by the time the learn about this technique.
Modded Warfare’s video re-kindled discussions on PS4 downgrades in the scene, and it came to my attention (thank to @Mohamme80484363) that a method to revert back to one’s previous firmware is basically possible with the same technique, except without the need for a backup.
Here’s why:
When you install a firmware upgrade on your PS4, the PS4 has a mechanism to “revert” (here’s that word again) to the previous firmware, in case anything goes wrong. For example, if I’m on 9.60 and attempt to install 10.01, but then the power goes off in the middle of installation, the PS4 can easily go back to firmware 9.60 (actually, it probably never went to 10.01 in that scenario, but you get the idea).
(I’m assuming a similar mechanism is used when reverting from a Beta Firmware to your previous firmware, by the way)
Modded Warfare touched on this in this video (and he credits Centrinouk LightningMods for the explanations on that): The PS4 constantly keeps 2 firmwares stored in different locations of the hard drive, and the syscon chip has a pointer to your current version.
By overwriting some specific values in the Syscon chip, it appears to be possible to revert to your previous firmware. This of course only works for that one specific previous firmware, for which your console kept an “emergency” backup. And it requires writing on the syscon chip as well, which requires pretty much the same hardware and skills as the technique described by Modded Warfare.
BetterWayElectronics, whose tool PS4 NOR Validator is used in the process, also mentioned:
This is done much easier with the help of my latest software. With it you can patch the Syscon and NOR to downgrade to the previous CoreOS slot, so whatever firmware you had prior to updating you can flip back to it. This also allows Service Mode switching and other neat tricks. You can also repair LoadBios errors. I think this guide is quite a useful thing for repairers to learn from, but I must say that my methodology to dump/patch/write the Syscon is infinitely easier and quicker, no need to edit/trim any files etc. I will be making a guide soon enough but I doubt I could ever make it to the same quality as this one. I really should learn… Anyways, you can dump the syscon on board if you simply want a backup and nothing else. As for programming the new syscon you can do it with TTL but you have to remember to remove the security that was originally in place, otherwise your new chip will be just as locked as the original. My program will validate the syscon, patch it and remove the security all in one. We are also working on removing the need for a new chip also, so the entire thing can be done without removing the chip eventually (hopefully). So in my opinion I would hold off on using this guide as it is very superfluous and intimidating for those new to this whole thing.
Hacker Darknesmonk on Russian scene website 4pda.to shared very specific details: (based on research from vlab.su)
All revisions with A0X-COLX chip are available for downgrade: (X any number)
(FAT 10,11,12; SLIM 20,21,22*; PRO 70,71,72*)
SLIM 22XX with SAF-003 and PRO 72XX board chip “SIE INC” WITHOUT A0X-COLX inscriptions cannot be downgraded.
How to find out your previous version of the software:
- In notifications, see the update history (if you did not clear the log)
- There are cases where the second firmware slot is already occupied by a pending firmware, in which case you won’t be able to downgrade
The downgrade itself is similar to what is done in Modded Warfare’s revert, in that you have to either overwrite the syscon, or replace it. Where it’s different is that you only have to replace a few values, instead of work with a full backup. The hard drive, also, remains untouched.
Although the hardware skills needed remain quite high, the obvious benefit of this technique is that it doesn’t require to have prepared a backup beforehand. It might be useful to people who mistakenly updated from 9.00 to a higher firmware.
I however remain convinced that (today) a much safer (and in many cases, cheaper) way to get a Jailbroken PS4 is to buy one. Which is not to say this isn’t super interesting information!
As you can see this thread on 4pda.to is already several months old, and according to Darknesmonk, it has been an open secret since Fail0verflow revealed their syscon hack back in 2018. Did I just miss this entirely? It’s likely (let me know in the comments if I’ve just been blind to something that’s very well known in the scene!)
All the details are here (in russian but google translate is your friend)
* Some folks on the scene really, really don’t like to call it a Downgrade, and prefer the word “Revert”, to really emphasize that you can only go back to a state that your console has been in before.
glory to mother russia
+1 washing machine has been added to your loot
Please stop war in Ukraine. Then it might be glory to new free Russia.
Stop war in Ukraine. I can also tell it to you. We have exactly the same level of control over this situation
+1
To me this is a big think as well, I’m sad that my unity is a 2215B, probabbly i’m out of that, but at least I still can do the backup method.
But by the way, isn’t possible to intentionally brick the verison B in a way that the PS4 detect and force enable the version A?
well, probabbly not, that’s a bit suicide even to try, lol;
Good question. I assume the revert can only happen under specific circumstances e.g. during install of the new firmware. I assume that if you brick “otherwise” the console will simply boot into safe mode and attempt a repair. Not sure really.
Say I update from FW 9.00 to FW 10. I could “revert” back to FW 9.00 right? When doing the revert, does it “reset” all my settings, saves and games? Or do I keep these?
Now I question: When I am on FW 10 and I install a game that requires FW 10 (or atleast higher than FW 9.00 in this scenario), and then I revert back to FW 9.00, would the game still be installed, and would I in turn be able to copy the game files? 😉
I think the answer to most your questions appears to be “yes”: your games from 10.00 would still be available from 9.00, because I believe they are on yet another partition of the drive. Now, some of them might refuse to start, if they have a higher firmware requirement.
don’t quote me on this, I’m not sure.
I bought a Ps4 on 9.03 but it was reset by the seller. In my case can I attempt a revert?
May or may not be how the latest games are being dumped, but let me not say too much.
it’s a great right and an amazing progression even with BwE working, shame these uC are completely unavailable and EOL. Of course it will be great to buy them and try to fix one of my slim models, but I’m somewhat skeptical.
Y si a una ps4 en 10.1 le cambió directamente la syscom por una que estuviera en 9.00? Al reiniciar estaría en 9.00?
There must be a way to trigger this “REVERT” via software without hardware modification, we need to find how does the PS4 send the panic trigger to REVERT to previous firmware and that should be the key
Secondus!This is gold.
Most eBay sellers, be they private owner/seller or commercial re-sellers tend to factory reset their Ps4’s or Ps’5 and then update to the latest firmware as part of “servicing” the console for sale, thinking that they are doing the buyer a favor.
This is where this revert becomes gold, coz for instance since my Ps5 is chillin’ in its box sealed waiting for HV hack and full JB, I’ve been trying to buy a Ps4 pro and every time I see a Ps4 in good condition from private seller I contact them for screen-shot of current firmware and damn, story is always the same:
‘They bought a Ps5 and have not used Ps4 in over 1 or 2 years…[so jackpot you say,until you read on]…so they turn on Ps4 to make sure it works, update to the Latest firmware and then list on eBay’
Same for commercial resellers: update, test console then list on eBay, although you can’t be sure here coz previous owner probably did the same steps so both firmwares could be recent.
So in the case of a private seller the older exploitable firmware could be available, opening up lots of eBay Ps4’s to a low firmware.
But I just don’t understand why the f**k they insist on updating on the behalf of a new owner!
Shouldn’t that be the decision and prerogative of the new owner ?
I mean everyone has inter-web and if they don’t then no sweat coz all PlayStation blu-ray’s since 2006 Ps3’s come with a firmware update embedded, very clever & sneaky on $ony’s part btw.
I think most resellers are not aware of the Jailbreak requirements, and it’s current practice to just upgrade to the latest and greatest before selling, to ensure you get a machine that “works” (can connect to Sony’s servers, etc…). I agree it’s annoying for folks like us 🙂
Under the “Heres Why” section for updating to 10.01 you wrote “(actually, it probably never went to 9.60 in that scenario, but you get the idea).” I think you meant to put “10.01” instead of 9.60 per the context provided. Otherwise, very good read. Interested to see how this goes.
Thanks! You’re right, I’ll fix!
I can now read and write the original syscon 🙂
Nice!
If the syscon points at a specific location of your hard drive in order to load the OS, it wouldn’t be possible to do something in the hard drive to interchange the location of the OSes saved into the hard drive, so it would load the previous firmware?
No, the hard drive contents are encrypted and can only be decrypted with jailbreak. Modifying the hard drive contents is off limits.
I have uploaded my own guide on whats required to downgrade on my GitHub 🙂
want to ask, lets say im using 6.72 firmware, then mistakenly update to 10.0.1, so it also have 6.72 “backup”?? so the system can revert if update process got problem?
Yes. In the example you describe, you would be able to go back to 6.72