PS4 release: PPPwn-Luckfox 1.2.0 adds webserver to easily change Jailbreak settings at runtime, Luckfox can be used as internal modchip
Developers 0x1iii1ii and harsha-0110 have released PPPwn-LuckFox 1.2.0 and a fork of this tool respectively. This one is for those of you running a PS4 on Firmware 11.00 and below, who are looking at nice ways to run the exploit on the “Luckfox pico” series of tiny devices and development boards. Additionally, Modded Warfare has a nice tutorial on how the Luckfox mini can be embedded inside of the console and run the exploit a launch.
What is the LuckFox Pico Device and why does it matter for the PS4 Jailbreak?
The latest PS4 Jailbreak relies on a PPPoE exploit, and as such requires an ethernet connection to a “malicious” device in order to trigger the exploit chain. Specifically, most of us use a laptopt connected to the PS4 in order to run the exploit. There are however, many other devices that you can run the exploit on, and which you can find more convenient than having a bulky laptop constantly chained to your PS4. You can run the exploit from a Raspberry Pi, an Android phone, or even a Smart TV, for example.
If you like tinkering, the Raspberry Pi is probably the most versatile of the bunch, as you’ll be able to use it for other projects eventually.
Another such device is the LuckFox Pico series (specifically, Luckfox Pico Plus, Luckfox Pico Pro, and LuckFox Pico Max – note, these links are affiliate links. You do not pay anything extra but I might get a small commission if you purchase through these links). These devices are significantly cheaper than the raspberry Pi, but have everything you need to run the PPPwn exploit, in particular since they all come with an integrated ethernet port.
Bottom line, the Luckfox Pico series is yet another cheap way to run the PPPwn exploit on your PS4 11.00.
What is PPPwn-Luckfox
You’ll need to load and run the PS4 11.00 Jailbreak exploit on this device of course, and this is where the work from developer 0x1iii1ii (as well as harsha-0110) comes into play: the developer has ported the exploit to this specific series of devices, with his tool PPPwn-Luckfox. From the readme:
An alternative low-cost Linux board for exploits PS4 on V11.00 or below.
Original work by theflow PPPwn and thanks to xfangfang PPPwn-CPP for an executable re-write of PPPwn in C++ and SiSTRo for his GoldHen, and lastly Stooged for his inspiration.Note
- Currently support version:
9.00, 9.60, 10.00, 10.01, 11.00
- The average PPPwned time is around
1min - 2min
sometimes it loads under1 minute
- Using
pppwn
nightly build from xfangfang PPPwn_cpp
harsha-0110’s version builds on top of that, and has the following features. From the readme of his fork:
An alternative method to 0x1iii1ii/PPPwn-Luckfox running PPPwn on Luckfox Pico Plus/Pro/Max with additional features.
- Hosts a web interface for configuring PPPwn, running pppwn and hosting payloads.
- Starts a PPPoE server to assign IP addresses to PS4.
- Supports PS4 firmware versions 9.00, 9.03, 9.04, 9.50, 9.51, 9.60, 10.00, 10.01, 10.50, 10.70, 10.71 & 11.00.
- Supports both HEN and GoldHEN, can be configured via config page.
- Supports auto run on boot can be turned on/off via config page (Note: It’s off by default)
It is worth noting that the latest version from 0x1iii1ii, version 1.2.0, has backported harsha-0110’s changes into the original. So feature wise, they should be identical at this point
Download and use PPPwn-LuckFox to Jailbreak your PS4
To install and run the Jailbreak you’ll need:
- A PS4 running Firmware 11.00 or below. (Our tips on how to find one)
- One of the Luckfox devices ( Luckfox Pico Plus, Luckfox Pico Pro, or LuckFox Pico Max – affiliate links)
- either Luckfox-PPPwn or its fork
The installation process can be found in the README here. Copy/pasted below for reference:
Before proceeding make sure to disable your anti-virus software or Windows Defender, it is a false positive and completely safe. If you are still concerned please don’t proceed any further!
-
Use SocToolKit to burn the buildroot image to your Luckfox and proceed to burn it by following the official Luckfox tutorial on how to Burning SPI NAND Flash Images.
-
Plug your luckfox to your PC via USB type-c port and wait a few minutes until you hear the device connect sound.
-
On your PC open
Control Panel -> Network and Internet -> Network and Sharing Center -> Change Adapter Options
. You will findRemote NDIS based Internet Sharing Device
. Right-click and choose Properties. -
Double-click on
Internet Protocol Version 4 (TCP/IPv4)
. Set the IPv4 address to172.32.0.100
and subnet mask to255.255.0.0
and click OK. -
MobaXterm Login
-
Download MobaXterm and unzip to use.
-
Open the MobaXterm remote login software, choose Session->SSH, and enter the static IP address of Luckfox pico as
172.32.0.93
. -
After filling it out, click OK, enter the login name, and login
root
passwordluckfox
.
-
-
At this point, you have successfully logged in to Luckfox pico. Download PPPwn-Luckfox from release pages or from GitHub repo, unzip and rename folder to
PPPwn-Luckfox
drag and drop the files in the highlight red rectangle there, it will copy the files to the luckfox. -
After finish copy, paste this cmd, and follow the instructions.
cd PPPwn-Luckfox
chmod +x install_NAND.sh
./install_NAND.sh
Once the Luckfox reboots pppwn will run automatically.
Installation in SD Card
An alternative option of PPPwn-Luckfox with more features for SD card install.
- Download Ubuntu. After you download, extract one of the zip files according to your Luckfox pico models.
- Download SocToolKit and unzip the burning tool. Burn the image onto an SD Card by following the official tutorial here.
- After done, follow instructions from steps 2, 3, and 4 in Installation in NAND Flash, for step 5 log in using static IP
172.32.0.70
login namepico
and passwordluckfox
. - After you logged in, follow step 6 in Installation in NAND Flash, then run the following commands, and follow the setup instruction
cd PPPwn-Luckfox
chmod +x install_SD.sh
sudo ./install_SD.sh
Once the Luckfox reboots pppwn will run automatically.
As always, Modded Warfare has a great tutorial on how to run the PS4 Jailbreak on this device:
Embedded luckfox inside of the PS4
If you want to take it a step further, have a look at this other video by Modded Warfare where he integrates a Luckfox device (a smaller version, the luckfox mini, without the ethernet port!) directly onto the PS4 motherboard, and with autoload of the exploit at the console’s startup, this is basically as close as it gets to a CFW on the PS4 nowadays:
yep ordered a luckfucks pico mini b and will install it internally :)))))
Just bought two of these, going to be testing this out for sure. This is almost CFW.
It’s simply amazing how far devs got with running exploits on PS4!
https://www.oligo.security/blog/0-0-0-0-day-exploiting-localhost-apis-from-the-browser
There is also this…Maybe it works for ps4 or ps5 too?
What are the difference between the three pico?
Amount of RAM (64, 128, and 256 MB)
https://www.wired.com/story/amd-chip-sinkclose-flaw/
PS uses also AMD CPUs…Maybe it is usefull for hackers…
Looks complicated, Im still waiting for something decent on ps5 5.05.
I need support it 8.52, who i can write to developer? Thanks
Just update to 9.0 or 11.00
Does not work!
DO not update!!!
I get 100% kernel panic and followed the intrustions to a T
On 9.0 using Luckfox Pico Plus (flash) tested with 0x1iii1ii pppwn. Tried a and b versions, ipv4 and ipv6 – neither works.
Not one succesful boot – tried for 10 hours