No, Flatz didn’t just announce CFW for the PS5
I know, it’s easy to get confused. And it still happens to me regularly, so I’m not judging.
Today, PlayStation hacker Flatz announced some significant progress on hacking the PS5 CP Box, an “accessory” for the PS5 used by official developers and testers. Thanks to his findings, Flatz announced Custom Firmware is now possible…for the CP Box. Because that box is a PS5 device, and because it’s easy to get confused, I’m betting a bunch of people misread this as “CFW for the PS5”, which this definitely isn’t.
What’s the CP Box, and what is its EAP Chip?
The CP Box (Communication processor) is an external device with a USB C input, USB C output, ethernet and power cable, which connects to PS5 Test Kits. Its exact purpose is unknown on the scene, but the theory is that it is required for official Devs to authenticate on PlayStation’s Dev Network for testing purposes.
In that context, I’m assuming that the EAP Chip is in charge of handling Authentication via the EAP Protocol. Don’t quote me on that.
The usefulness of reverse-engineering this particular device for the PS5 hacking scene is still unknown, although it is clear some hackers expect to find juicy information within. Zecoxao has stated that this device has “lots of fun things inside”.
What’s now possible with the CP Box?
What FlatZ announced today is a full hack of the CP Box, explicitly stating that it is now theoretically possible to run Custom Firmware on the device. For the time being, that will be useful for the handful of hackers who actually managed to acquire such a device. What PS5-specific secrets they will unlock thanks to this companion box, remains to be seen.
✓ PS5 CP Box EMC and EAP cores pwned
✓ EAP encryption/signing keys obtained (yay, CFW)
P. S. Added CP UARTs pins on wiki— Aleksei Kulaev (@flat_z) September 3, 2023
Over the past few days, Flatz has also poured a lot of CP Box information into the PS5 Dev Wiki (links below)
My opinion: It is possible some authentication and keys could be leveraged in there, possibly to make a hacked PS5 behave as a TestKit for example. Keeping in mind that the CP Box seems to be specifically intended for communication with Sony’s development servers, it’s an area of “tinkering” I’d personally rather not touch. Sounds like exactly the kind of domain where one could easily get their console banned, or suffer legal repercussions. But who knows, maybe this will also unlock mechanisms to activate one’s console offline (ha, we can always dream).
Bottom line: this is definitely not CFW for the PS5 that got announced today, but it remains an awesome achievement.
Downloads
Additional Details on PS5 CP Box:
- https://www.psdevwiki.com/ps5/CP_Box
- https://www.psdevwiki.com/ps5/Codenames#Shakespeare
- https://www.psdevwiki.com/ps5/Keys#Communication_Processor_.28CP.29_EMC_Keys
- https://www.psdevwiki.com/ps5/CP_Box_Service_Connectors
- https://www.psdevwiki.com/ps5/CP_Box_Non_Volatile_Storage
- https://www.psdevwiki.com/ps5/CP_Box_Boot_Process
ps4 cfw first !!! in other news onto dfu iphones
or at least a boot exploit like enso with molecule systems
switch bootexploit run linux …
i other news thus …
openra1n windows libusbk howto
https://nopaste.net/PMBt9rdJdG
I was one of those who misunderstood
Then again I’m from the hood
Still my faith is strong
That the light will be seen before long
All my best to those who crunch the numbers
So that we ordinaries will soon se wonders
All this announcement about the PS5 and yet not even one about the Xbox one…one!..
Thats because no hacker has interest in doing those, since you can play all the xbox releases on pc, and they get cracked the same day.
That’s not why, it’s because it’s nearly impossible to crack the Xbox with the virtual machine layers they have… Also, you can run a retail Xbox in dev mode and load up emulators and what not.
I don’t think they crack the PS5 for piracy… Though that does always end up happening once a console is cracked. Its done to run custom software.
Finaly very big new for 7.61 cfw. Is also qlite cfw is amazin
please dont call it the cp box. new name pls. gonna get us in trouble or have people think wrong things.