PS4 PS4 Firmware 9.00 Jailbreak Update (Released)

"In this project you will find an implementation that tries to make use of a filesystem bug for the Playstation 4 on firmware 9.00. The bug was found while diffing the 9.00 and 9.03 kernels. It will require a drive with a modified exfat filesystem. Successfully triggering it will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. will launch the usual payload launcher (on port 9020). - via project's official readme"

PS4 Firmware 9.00 Jailbreak Released
(awesome work by chendochap & @Znullptr)
https://twitter.com/i/status/1470225946007556097​

​

9.00 Jailbreak Update
​

About (Original ReadMe Trusted Video Creators

• 
  
  Readme below via (also see link for most upto date):
  https://github.com/ChendoChap/pOOBs4​

  ---

  .PS4 9.00 Kernel Exploit
  
  Summary
  
  • In this project you will find an implementation that tries to make use of a filesystem bug for the Playstation 4 on firmware 9.00. The bug was found while diffing the 9.00 and 9.03 kernels. It will require a drive with a modified exfat filesystem. Successfully triggering it will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. will launch the usual payload launcher (on port 9020).
  
  Patches Included
  
  The following patches are applied to the kernel:
  
  1. Allow RWX (read-write-execute) memory mapping (mmap / mprotect)
  2. Syscall instruction allowed anywhere
  3. Dynamic Resolving (sys_dynlib_dlsym) allowed from any process
  4. Custom system call #11 (kexec()) to execute arbitrary code in kernel mode
  5. Allow unprivileged users to call setuid(0) successfully. Works as a status check, doubles as a privilege escalation.
  6. (sys_dynlib_load_prx) patch
  7. Disable delayed panics from sysVeri
  
  Short how-to
  
  • This exploit is unlike previous ones where they were based purely in software. Triggering the vulnerability requires plugging in a specially formatted USB device at just the right time. In the repository you'll find a .img file. You can write this .img to a USB using something like Win32DiskImager.
  Note: This will wipe the USB drive, ensure you select the correct drive and that you're OK with that before doing this
  
  
  
  When running the exploit on the PS4, wait until it reaches an alert with "Insert USB now. do not close the dialog until notification pops, remove usb after closing it.". As the dialog states, insert the USB, and wait until the "disk format not supported" notification appears, then close out of the alert with "OK".
  
  It may take a minute for the exploit to run, and the spinning animation on the page might freeze - this is fine, let it continue until an error shows or it succeeds and displays "Awaiting payload".
  
  Notes
  
  • You need to insert the USB when the alert pops up, then let it sit there for a bit until the ps4 storage notifications shows up.
  • Unplug the USB before a (re)boot cycle or you'll risk corrupting the kernel heap at boot.
  • The browser might tempt you into closing the page prematurely, don't.
  • The loading circle might freeze while the webkit exploit is triggering, this means nothing.
  • This bug works on certain PS5 firmwares, however there's no known strategy for exploiting it at the moment. Using this bug against the PS5 blind wouldn't be advised.
  
  Contributors
  
  • laureeeeeee
  • Specter
  • Znullptr
  
  Special Thanks
  
  • Andy Nguyen
  • sleirsgoevy - 9.00 Webkit exploit
• 
  Tutorial
  
  
  About the Jailbreak
  

Thread edited by Admin (added info)​

 

Is there any way to fix kernel clock? I took out the CMOS battery while i was cleaning the motherboard. Now the clock resets to 1970 every time i unplug the console from the outlet.

 

Anybody try this yet for 9.51?

 

It is exploit for 9.00 only.

 

It is exploit for 9.00 only.

Yeah I read more of the comments and saw that the kernal exploit was patched in 9.51. Regretfully I updated back in March after having successfully run the 7.51 goldhen jb, it was just too unstable and frustrating to implement, I quickly lost the thrill of having a jb ps4 due to all the crashes and random shut downs of the system.

Now that this newly released, more stable 9.00 jb is available, I am experiencing updater's remorse.

 

Hello guys, sorry if this is a noob question, but I did not find a proper answer: does this method work for a ps4 on version 9.04?

 

Hello guys, sorry if this is a noob question, but I did not find a proper answer: does this method work for a ps4 on version 9.04?

No there is not. If there was we would have such info here man. There isn't any known exploits above 9.00 right now. There are folks looking and trying every day but usually it is about a year or more between updates. Now last time was much sooner but as of right now no publicly known info or anyone with a working exploit.

 

Hello everyone, can someone help me? I have the problem that when I try to install the jailbrake via the browser, I always get the error message that there is not enough free system memory! How can I fix the problem? I've also tried another hard drive, inserted more memory and nothing works. Thank you for your help.

 

This is a common message. U need to try it 2-3 times and then the jailbrk will be successful.
In 5.05, i usually get 1 or max 2 memory errors before goldhen msg

 

guys which host do you recommend me in version 9.00?

 

I finally updated my 7.02 PS4 to 9.00 after hesitating for all this time.
I was fed up with random crashes and sometimes it would take ages to jailbreak.
So far after one week of use, no regrets, much more stable than 7.02, easy JB, no crash...
Good job to the team!

 

dead thread, but does anyone know if it's possible to jb a ps4 without any software currently installed, similarly to how you install ps3 hen? talking to someone right now ab their ps4 and he says it needs to be loaded with the software, so I just want to make sure before I mess something up and update to the latest official release or something like that.

 

I could've sworn at one point I saw something about no longer needing to remove the USB drive? I've been sitting on my 9.0 Pro for ages but haven't JBd it, finally considering doing it but the tutorial looks like it hasn't been updated in a long time. Wanted to see if there were any differences I should be aware of. Anyone know of any? Or is it still just do exactly as the original tutorial states?

 

9.03 is jailbreakable??

 

No. At least not yet.

 

Psfree nobody talk about this newhen?

 

@Naxil
It is only entry point. You need kernel exploit in addition or I didn't understood it right.

And BTW: I'm super happy that this project appeared. I still have Slim with dead ODD and fw v8.03 on which stuck. ^^

 

Question, I cant seem to find the right homebrew application for the option to install all your pkg files at once, i dont see the option in goldhen

 

I just got a sealed box which came with the firmware version 7.5 out of the box which I have upgraded to 9.00. I followed the tutorial with a USB already ready which works with another PS4 running GOLDHEN.
I am getting this error:

I have tried the following steps
1. Restarted the PS4 and tried again.
2. Tried a different Pendrive.

I am not able to find the exact error and solution for it over the internet. Someone may tell me the solution ? Please.
PS4 Slim
Model: CUH-2215B
Firmware: 9.00

 

I just got a sealed box which came with the firmware version 7.5 out of the box which I have upgraded to 9.00. I followed the tutorial with a USB already ready which works with another PS4 running GOLDHEN.
I am getting this error:
View attachment 42629

I have tried the following steps
1. Restarted the PS4 and tried again.
2. Tried a different Pendrive.

I am not able to find the exact error and solution for it over the internet. Someone may tell me the solution ? Please.
PS4 Slim
Model: CUH-2215B
Firmware: 9.00

Hi guys, so I have already solved the issue on this one. I was not waiting for a few seconds for the USB to be recognized by the console. First, wait for the USB to be activated and give a notification of "not supported" then press X on the controller.

 

I commented on wrong post and I had to edit