PS4/PS5 Mast1c0re exploit: PS4 10.50 confirmed, USB Elf loader released
Security research McCaulay Hudson has released updates to his implementation of the Mast1c0re exploit, slowly building a reasonable homebrew environment. People can run the exploit on the latest PS4 10.50 and PS5 6.50 (pending updates, it is likely PS5 7.00 will be compatible as well). Today’s release includes a ELF loader from USB.
What is the Mast1c0re exploit for PS4/PS5?
Mast1c0re is an unpatched vulnerability on PS4 and PS5, running through their PS2 emulation layer. The vulnerability was disclosed, and described with great detail, by PlayStation hacker CTurt in September last year, and a public reimplementation was released by McCaulay Hudson early 2023.
Some specific PS2 games for PS4/PS5 are vulnerable to buffer overflows, which allows us to run unsigned code on the PS4 and PS5. The currently only known exploitable game through this vulnerability is Okage: Shadow King, a PS2 game available for PS4 and PS5 on Sony’s PSN. By loading specifically crafted save files into this game, it is possible to trigger an exploit chain on PS4/PS5 running the most recent firmwares, to then enable some (limited) homebrew capability.
So far the most “user friendly” use cases for this vulnerability have been emulators, and PS2 Game ISOs.
PS4 10.50 Support for Mast1c0re confirmed
Mast1c0re works with the latest PS4 Firmware 10.50, as confirmed by McCaulay’s recent update of the repository. PS5 7.00 on the other hand, still seems to be pending confirmation.
Mast1c0re PS2 USB Game Loader
Until now it’s been possible to load PS2 Games from within the exploit, by sending them via a TCP connection. Although doable, it’s not necessarily the easiest way, and today McCaulay offers us a different way to load the games, via a USB stick. The USB stick needs to be formatted in exFAT, and have specific folders for the loader to work (see below).
Download and Install PS2 USB Game Loader
The PS2 USB Game Loader only works for PS4 at the moment. Specifically:
- PS4
- 5.05
- 6.72
- 9.00
- 10.01
- 10.50
Notes:
- we have a basic explanation on how to setup and run the hack here. Be sure to replace the hello world file with the mast1c0re-ps2-network-elf-loader.
- Once the elf Loader is ready, send the USB Elf Loader to it. It should then be ready to load games from USB
From the Readme:
- Requires the mast1c0re-ps2-network-elf-loader game save to load the ELF file.
- The USB drive must be formatted with exFAT and MBR.
- The USB root directory should contain a folder named “Games” which contains a single folder for each game, containing a file ending in a “.iso” file extension, and optionally a “.conf” file.
Michael Crump has a video showcasing the USB Loader in action, although that’s for an earlier version that used FAT32 instead of ExFAT:
I wish there will be other method instead of shadow king
there will be it’s a process to get jailbreak
Can’t Apollos save tool on jailbroken ps3 decrypt the save file instead of using a jailbroken ps4
Can it works on 9.60?
Yes and is possible to upload the save data with save wizard
Is it possible to run Apollo on an emulated PS3??
Just a quick update. I have installed RPCS3 on my PC, installed the firmware and added the Apollo Save Tool as a PKG. I can now run Apollo and get to the Apollo main menu. I”m still trying to find out if the Okage save which I saved to my USB from my PS4 can be moved over to RPCS3 on my PC but it’s late and my brain isnt working lol.
RPCS3 = PS3 ONLY and this Apollo Version is Ps3 Only, you need a PS4 whit JB and Apollo OR Save Wirz.
Can’t you install Okage on RPCS3 make the save there and put it on USB?
no, because RPCS3 IS ONLY PS3 and NOT PS4!!!!!!. you need a JB Ps4 for it or save wirz. ONLY THIS THINGS working!!!
can i use ps4 xploder to resign as its cheaper than save wizard?
Use ps4 emu no?
Is mast1core jailbreak for ps4 can you also play downloadable ps4 game
ps5 pkg magnetlink flood wen
I hope that ps5 will be never broken
Yes and is possible to upload the save data with save wizard
possible to play pgk ps4 games excuse my ignorance
one big 300mb tarball of mast1C0re tools ready for a wget makefile and a github repositories
mast1C0re-3D-Exploit-host-proxy
mirror1 https://fileport.io/DL2vrf8m6LtB
mirror2 https://www.sendspace.com/file/ms6wdb