PS4 (Rumor) Possible Exploit for 8.52

[cristi20tgv]

When do you think next jailbreak it's going be released..since March none...I think in one or two months ..

 

[pinky]

When do you think next jailbreak it's going be released..since March none...I think in one or two months ..

probably not for several months. the exploit isn't even disclosed on hackerone yet. plus, there's no webkit exploit as of now. the last one seems to have been patched on 8.00.

 

[cristi20tgv]

And for 8.03 still months?

 

[remlei]

And for 8.03 still months?

ill go it with a year or two (maybe more) just to be sure.

 

[pinky]

And for 8.03 still months?

yes, the kernel exploit hasn't been disclosed on hackerone yet, and we don't even have a webkit exploit for that firmware. this thread is more a warning to anyone who might update to 9.00. there's already a beta version 3 of 9.00, so the exploit might be patched once 9.00 is officially released, in which case you may never see an exploit. chances are that it will take many months for anything higher than 7.55, possibly even a year or longer depending on how long it takes to find a webkit exploit.

 

[Berion]

I think the erk on the ps3 is the eap key on the ps4.

Not really. On PS3, from ERK, disk keys (ATA Key + VFLASH Key) are calculated. HDD on PS4 is encrypted by EAP Key and user can mount it on PC, and read/write whatever he want if he have this key. That's why it is important to dump, since early 2019. ;p

you can dump it, but I don't know if you can really do anything with it presently.

https://www.psx-place.com/threads/hdd-reading.20760/

- - -
IDPS is used probably (blind shot) for Trophies encryption and PFS Key to internal PFS containers encryption. But I dunno, I don't have hacked PS4 (fingers crossed for 8.03 ).

 

[pinky]

that's what I meant! it's the hdd encryption key. I already mentioned you can decrypt any hdd on the ps4. the easy way is not possible unless you have an exploited system, but it should be possible regardless of firmware.

 

[cristi20tgv]

I don't think they choose to public release and refuse the bounty from Sony..the only reason that I've choosed Sony since PS3 it's for hackability...why those involved in PS3 project didn't move their work
To ps4?And why in some topics they mentioned 8.00 and it's only 7.55..I propose we make donation for xploit..and give first for who donated

 

[Checkity_CheckYoSelf]

I don't think they choose to public release and refuse the bounty from Sony..the only reason that I've choosed Sony since PS3 it's for hackability...why those involved in PS3 project didn't move their work
To ps4?And why in some topics they mentioned 8.00 and it's only 7.55..I propose we make donation for xploit..and give first for who donated

Probably too little reward versus too much risk...

 

[cristi20tgv]

Probably too little reward versus too much risk...

If you look at hackerone you will see they are moving really fast at least 2 in last 2 mounts for taking bounty..i wait since last December for xploit...

 

[c.link86]

8.52 is the current fw (or was if 9.0 is out of beta) i checked it is good thing i turned off auto renew for PSNow now my ps4 is collecting dust thank god

 

[remlei]

Probably too little reward versus too much risk...

yeah, you either submit the exploit to hackerone and sony reward you

or

you get the monies from community and get risked being sued by Sony.

If I were me, ill choose the safer one, which is the hackone, not only you ca n brag that you hacked the PS4, you also get monies and you dont get in legal trouble. Seriously people these days, why they cant just be thankful that they were getting exploits.

 

[pinky]

good luck getting enough donations for it to be of any interest for hackers. getting the donations just to buy aldo a new ps3 was like pulling teeth. plus, most hackers are aware that the vast majority of people who want the system hacked only care about piracy. personally, I couldn't care less if backups were playable. that's not the reason I exploited mine. I also wish more people were interested in actually learning about the system they intended to exploit. nothing with the ps4 is necessarily difficult, but it is time-consuming compared with the ps3 or psv. however, most people don't seem to know anything beyond "install package". I was going to write a backporting guide using example.bat and the balika loader plugin, but I gave up on that after hearing about the new mira that will make backporting obsolete. I figured why bother continuing my studies, especially if no one is going to read or use the guide?

 

[bguerville]

I don't think legality is automatically an issue guys, we could have a reward system that remains strictly legal.
Remember that with the ps3 to a large extent but even more so with the ps4/ps5, the kernel is freebsd, open source & it is perfectly legal to pay bounties on freebsd kernels vulnerabilities which can generally lead to a console hen exploit if you can find a way to run custom code in userland.
Similarly, s#ny uses a fair number of open source libraries such as openssl, libjpeg, libtiff, zlib etc.. so it's not just webkit but a large number of userland features that rely on open source code & could provide solutions for the community, those are also fair game when it comes to bounties.
On the other hand, PSN hacks, stuff like that, are of course better left alone.

And I agree that this community should adapt now or else it is at risk of becoming a shadow of itself sooner or later.
But it is like pinky said, it is not just with Aldo, very few donations overall no matter the stakes and in the end it's nearly always the same crowd of people donating too. Imho there would need to be a major shift in the community for some sort of bounty system to be viable, I doubt it will happen unfortunately.

 

[cristi20tgv]

good luck getting enough donations for it to be of any interest for hackers. getting the donations just to buy aldo a new ps3 was like pulling teeth. plus, most hackers are aware that the vast majority of people who want the system hacked only care about piracy. personally, I couldn't care less if backups were playable. that's not the reason I exploited mine. I also wish more people were interested in actually learning about the system they intended to exploit. nothing with the ps4 is necessarily difficult, but it is time-consuming compared with the ps3 or psv. however, most people don't seem to know anything beyond "install package". I was going to write a backporting guide using example.bat and the balika loader plugin, but I gave up on that after hearing about the new mira that will make backporting obsolete. I figured why bother continuing my studies, especially if no one is going to read or use the guide?

I don't think legality is automatically an issue guys, we could have a reward system that remains strictly legal.
Remember that with the ps3 to a large extent but even more so with the ps4/ps5, the kernel is freebsd, open source & it is perfectly legal to pay bounties on freebsd kernels vulnerabilities which can generally lead to a console hen exploit if you can find a way to run custom code in userland.
Similarly, s#ny uses a fair number of open source libraries such as openssl, libjpeg, libtiff etc.. so it's not just webkit but a large number of userland features that rely on open source code & could provide solutions for the community, those are also fair game when it comes to bounties.
On the other hand, PSN hacks, stuff like that, are of course better left alone.

And I agree that this community should adapt now or else it is at risk of becoming a shadow of itself sooner or later.
But it is like pinky said, it is not just with Aldo, very few donations overall no matter the stakes and in the end it's nearly always the same crowd of people donating too. Imho there would need to be a major shift in the community for some sort of bounty system to be viable, I doubt it will happen unfortunately.

I think that most of us wait for a release...and the truth is that the chance is near 0 because we don't want to pay ..for example if it was like 20 euro the exploit I've pay for it..but more people want it for free and Sony pays 10.000 for it..if psx-place make it possible to pay for xploit I think things will move faster ..

 

[bguerville]

I think that most of us wait for a release...and the truth is that the chance is near 0 because we don't want to pay ..for example if it was like 20 euro the exploit I've pay for it..but more people want it for free and Sony pays 10.000 for it..if psx-place make it possible to pay for xploit I think things will move faster ..

Lol
psx-place.com has never been able to raise enough to cover its own server costs afaik, never mind financing & running a bounty system.
It would be up to the admin to consider the idea but I think I know what he would say, we have enough to worry about with staffing & taking care of the forum, let someone else try that feat if they can/want..

 

[cristi20tgv]

The demand for xploit is high enough..don't you think it's gone be 500 person who will pay 20 euro?

 

[bguerville]

The demand for xploit is high enough..don't you think it's gone be 500 person who will pay 20 euro?

It's not really that simple either, a legal bounty system would not deliver a ps4 HEN directly, imho that would be looking for trouble even if it were on the right side of the law.

Say you get a kernel bounty paid, great you have an exploitable bsd kernel vulnerability with a poc but you also need a userland hack to use it, so here is another bounty for a userland library vulnerability.
Then perfect, after 2 bounties you have 2 vulnerabilities with exploit pocs, that's it.

Now you still need to work out not just how to put them together but also a way to trigger the userland exploit from a console feature. Without all that, there is no hen payload launcher & this last part might be more problematic to reward legally, good-will would have to take care of finishing the exploit development process.

Am not saying that it is not possible to do, just that expecting to get a lasting system that delivers ps4/ps5 hen exploits ready to go is not realistic.

I think the best we can hope for may be a reward fund for bsd kernel & userland libraries vulnerabilities compatible with PlayStation consoles. That would help create a bank of vulnerabilities for console devs to exploit & update their releases with, it would help maintain the scene alive, at least to an extent. And I am not saying it would be the best system ever either, only that times change, s#ny made their move to counter the recurrent exploitation of its consoles, now how the community adapts to this in the months to come might determine the nature of its survival in the next few years or decade.
I think there will always be exploits released here & there, no matter what, a number of hackers are not at all motivated by money but will it be sufficient to keep apps updated & offer a reasonable level of permanent jailbreak? It's more likely to be kinda even worse than it has been on ps4 so far imho, like I told you before, I am not very optimistic about the chances of seeing such things happen, regrettably so.

 

[cristi20tgv]

Still no news?nothing since March..just rumors...should we wait or buy games?

 

[pinky]

you should be buying games anyway. chances are high that the newest exploit will be very unstable. with each new firmware, it gets more and more unstable. that's why people, such as myself, stay on 5.05.