Jump to content


Conéctate para seguir esto  

182 archivos

  1. 5.05 Kernel Dumper

    Compile with your PC's IP listening on port 9023
    On PC you can do to listen:
        socat - tcp-listen:9023 > kernelDump.bin
    and to send:
        socat -u FILE:payload.bin TCP:"PS4 IP":9020
    you can then trim out the socket prints or you can adapt it with 2 sockets, one for dumping, another for logging.
    To compile for 5.05 you need to use an sdk with changes for 5.05 support, i have used https://www.dekazeta.net/foro/files/file/222-open-source-ps4-sdk/
  2. Android PS4 Exploit Host

    Aplicación que se encarga del servidor para alojar el exploit 6.72 de PS4 y el menú de Leeful74. Se trata de un método alternativo para lanzar el exploit a través de un dispositivo Android.

    by Saad-Alareqi.
  3. AppToUSB

    Payload desarrollado por Stooged que al inyectarlo en PS4 nos permite copiar nuestras copias de seguridad a un disco duro externo y cargarlos desde ahí.
  4. AutoBackPort

    Aplicación que permite ejecutar los juegos de PS4 que requieren el firmware 7.55, 7.51, 7.50, 7.02 o 6.72 en el firmware 5.05 aplicándoles un parche.
    Hay que tener en cuenta que si el juego utiliza alguna funcionalidad solo presente en un firmware superior al 5.05 este se bloqueará, incluso habiéndole aplicado el AutoBackPort.

    Como usar AutoBackPort:
    Seleccionar el .PKG  solo compatible con el firmware 7.55, 7.51, 7.50, 7.02 o 6.72. Seleccionar una carpeta temporal para entrar múltiples archivos. Seleccionar una carpeta para crear el parche .PKG. Hacer click en el botón de crear el parche y esperar que finalice el proceso. Pasar el .PKG a la PS4 vía USB y aplicarlo. Credits
    AutoBackPort has been developed by @RetroGamer_74 Parse_pkg has been developed by @Fabrebatalla18 Technical support by @fabrebatalla18 Unfself - DimosGsxRhttp Downgrade scripts - flatz Research about trophies fix by Sorrow446
  5. Automated Patch Repackager

    What is this tool?
    It re-marries the fake pkg update to the fake pkg game.
    When is this useful?
    This is needed when the game and the update were dumped on different PS4 consoles. And when you try to install such an update you will get an error. This tool fixes that.
    Does this work if game CUSA does not match update CUSA?
    It could, but in 99.99% cases it wont. Different CUSA games typically have different file structure (different regions/languages etc), but sometimes same exact game is released in multiple regions under different CUSAs, in those cases it will work, but Ive ever only heard of one such game. So as a general rule. No CUSA of update and the game have to match.
    Will this work with not fake pkg dumps of either update or game?
    It could, if you have secret information no-one outside of the game developer/SONY has. You need to know the password that the pkg was created with. No one knows this. Dumped fake ones use all zeros for password. So long story short, both game and update have to be fake pkg dumped from a hacked PS4.
    How do I use this tool?
    Simple. Run it, select update pkg, select game pkg, select output directory (a new folder will be created in this directory) and hit GO. Thats it.
    What are those extra options?
    Mouse over for tooltips.
    What platforms will this run on?
    Windows Vista and later, but it requires Microsoft .Net 4.6.1 (released in 2015) or later. If you are on Windows 7 or 10 and keep it updated through Microsoft you probably already have it installed, games will often install this automatically for you as well. You can get it directly from MS as well - https://www.microsoft.com/en-us/download/details.aspx?id=48130
    If you get a DLL error!
    Install Microsoft Visual Studio Redistributable. It is required to run programs written in C++. Just like .Net this is often installed by games, so most people will already have this installed. https://go.microsoft.com/fwlink/?LinkId=746571
  6. bad_hoist PS4 7.02 exploit

    This branch is based on the BHEU exploit and is not related to the bad_hoist exploit. It is only kept here to re-use utility scripts from the bad_hoist version without copying.
    Supported firmwares
    This branch is for firmware 7.02. The main branch supports firmwares 6.50 to 6.72.
    ROP compiler setup
    In order to run the ROP compiler you need to have dumps of WebKit, libc & libkernel.
    Run make and follow instructions to obtain the dumps.
    Dependencies: python3, gcc, ROPgadget
    Assembly-like ROP format
    This toolchain uses assembly-like ROP format that is briefly described below.
    Declare a label. Labels are global and should be valid Python identifiers.
    Find a gadget that looks like asm_instr ; ret and insert its address. Will error out if the gadget is not found inside the dumps.
    Note: after dumping you can find a dumps/gadgets.txt file.
    # comment
    For each line, every character after the first # is considered a comment.
    db <expr>
    (<expr>) must be a valid Python expression that evaluates to a collection of integers in range(256). The corresponding bytes will be written into the ropchain.
    Examples: db 1, 2, 3, db bytes(256)
    dq <expr>
    <expr> must be a valid Python expression that evaluates to an integer. The integer will be written into the ropchain as a 64-bit little-endian value.
    dp <expr>
    Same as above, but <expr> should evaluate to an offset from the start of the ropchain. This will result in an absolute address being written.
    For example, the commands
    pop rsp dp label_to_jump_to will perform a jump.
    <expr> should be a JavaScript expression that evaluates to an integer. The expression will be executed inside the exploited WebKit and the result will be written into the ropchain as a 64-bit little-endian value.
    Example: $infloop_addr
    Note: in JavaScript numbers only have 52-bit precision.
    <expr> will be inserted into the resulting JavaScript code literally.
    If <expr> reads exactly pivot(ropchain);, the final pivot statement will be omitted.
    $$function(some_params) $${ ...ropchain... $$pivot(ropchain); $$} See examples of this language in the rop/ directory.
    ROP compiler usage
    usage: python3 rop/compiler.py <rop_source> <gadgets.txt> > <rop_js>
    <rop_source> is the ropchain source code in the format described above.
    <gadgets.txt> should point to dumps/gadgets.txt (or an alternative gadgets file in the same format).
    <rop_js> is the resulting JavaScript file that should be executed.
    Running ropchains
    To run a compiled ROP chain, add the corresponding <script> tag to the end of index.html, then load that page in the PS4 web browser.
    by sleirsgoevy.
  7. Baikal PS4

    Cargador de Linux para PS4 con soporte para Aeolia, Belice y el SoC Baikal.

    by PSXITArch.
  8. Brain Splitter (PS4)

    Adaptación para Playstation 4 de Brain Splitter, un juego naves espaciales de scroll vertical cuya peculiaridad es que controlamos dos naves al mismo tiempo utilizando los dos sticks analógicos del mando. Incluye modo foto.
    Para ejecutarlo es necesario tener una PS4 jailbreakeada capaz de ejecutar código no firmado (firmware 6.72-7.55).
    La adaptación a PS4 de Brain Splitter ha sido realizada por Lappy.
  9. BwE PS4 NOR Validator

    This program is the full version of my PS4 NOR Validator, it is designed solely to validate the NOR flash of your PS4 console!
    Why would you need to do this? Well if your console has suddenly died and has what is called the 'BLOD', the NOR can be the reason why.
    Using my program will allow you to validate literally every single byte of the NOR (or 1782 specific areas) - allowing you to see where or if it is corrupted.
    The most common area of corruption that causes the BLOD is the CID. This is mostly full of perconsole data and thus cannot be repaired.
    BUT! My program will show you areas that are fillers and areas that are static (which are unchanging across consoles). You may get lucky!
    Other areas can be inter-changed between different consoles and are more suited for repair, the WiFi/BT module is a good example of this.
    So fundamentally, this program is for console repairers like myself. If you are indeed a repairer and run a business I can make a custom 'bulk' version for you!
    This is the internal revision number 84 (and the first public version, obviously), so hopefully there should'nt be any major bugs!
    If you encounter any errors or weird results - or better yet if your NOR is labled danger in any areas, but still runs fine - let me know!
    This program is NOT perfect, but it is much better than just using a hex editor or never truely knowing if your BLOD is caused by the NOR!
    This also goes above and beyond that of the psdevwiki page regarding the main flash of the PS4. When I have time, I will update it! 
    Have fun and good luck!
    Fun numbers:
    84 revisions 11210 lines of code 585 possible OK results 389 possible WARNING results 227 possible DANGER results 1782 offsets read 1423 if statements 289 regular expressions 2023 print F's by BwE.

  10. C40 TR Configuration Software

    La aplicación oficial C40 TR Configuration Software está diseñada específicamente para su uso con el mando Astro C40 TR y permite la configuración completa de todos sus ajustes. El software no detectará ningún otro producto Astro Gaming, así como el C40 TR no es compatible con la aplicación Astro Command Center, que es la indicada para la gestión de los headsets de la compañía.

    Instrucciones de uso
    Descargue el archivo haciendo clic en el botón de descarga correspondiente al sistema operativo. Ejecute el archivo una vez que se complete la descarga. Siga las instrucciones paso a paso en el instalador del software de configuración C40 TR. Conecte su controlador a su computadora usando el cable USB incluido o el transmisor inalámbrico USB. Asegúrese de que su controlador esté en modo cableado si se conecta mediante un cable USB, o en modo inalámbrico si se conecta mediante el transmisor inalámbrico USB.
  11. Check Game Firmware (CGFw)

    Check Game Firmware (CGFw) es una aplicación para Windows que nos permite saber que firmware se requiere como mínimo para ejecutar un juego de PS4.

    How it works
    This tool compares the game and the official firmware release dates then determine if a game is playable on selected firmware or not. This is not 100% accurate but it's pretty decent as this is still WIP.
    Built-in Search engine
    Took me over 500 lines of code and 48+ hours to implement a basic search engine for the offline mode and here's how it may become useful whenever you search.
    Search all by release date For games released in 2020 Search for 2020 For games released in November (Only type the first 3 letters of the month) Search for Nov Search all by genre For all Adventure genre Search for adventure For all Action genre Search for action Search all DLCs For all DLCs Search for dlc Search by Game ID (WIP, not all IDs are available) For Final Fantasy VII Remake Search for cusa07187 or Search for cusa16170 Noobs Tutorial
    Download file from the provided link and extract the file Always run exe as administrator Pick the desired firmware from top left hand corner type the Game Title then search by OfficialAhmed.
  12. Chiaki

    Chiaki is a Free and Open Source Software Client for PlayStation 4 and PlayStation 5 Remote Play for Linux, FreeBSD, OpenBSD, Android, macOS, Windows, Nintendo Switch and potentially even more platforms.
    Everything necessary for a full streaming session, including the initial registration and wakeup of the console, is supported.

    The following features however are yet to be implemented:
    Congestion Control H264 Error Concealment (FEC and active error recovery however are implemented) Touchpad support (Triggering the Touchpad Button is currently possible by pressing T on the keyboard) Configurable Keybindings Created by Florian Märkl.
  13. DiscDump 50X

    Copy content from discs to usb hdd.
    It's not very fast, but the files are transferred to a folder named Disc_Dump on a USB drive. Just insert the disc into the drive. then start the payload. If you are using a new game disc if it asks you if you want to update, just select cancel and then run the content.
    by stooged.
  14. Downgrade PS4 Files Pack (Sysglich procedure)

    User Manual & files for Downgrade PS4 through the Sysglich procedure
    R5F100PLA (for SAA and SAB) or R5F100LLA (for SAC, SAD ecc ecc) RL78 family stock E2 Lite Renesas Teensy 4.0 (sysglitch) Teensy 2.0++ (dump nor) Serial UART to USB TQFP 100pin 0.5mm Soldering station (my AOYUE 968A+) A lot of patience and a lot of passion

    1. SYSGLITCH wiring diagram by Wildcard
    This is the schematic for a R5F100PL which is SAA and SAB motherboards and has a 100pin pinout.
    While the R5F100LL chip for SAC SAD etc has 64pin and the schematic is
    2. Assemble the pieces
    Getting a Millefori Tablet (Bakelite) Amazon is your friend.
    Let's take teensy 4.0 and program with hex (glitch Marcan): Place the syscon on the board (only the desired pinout) So we begin to compose the circuit. For the pulldown we have to use a 4k ohm resistor and a small diode, I used a jumper so that when ready we start the glitch This is the final result 3. Dump SYSCON with REALTERM
    We connect the device via USB (the pulldown jumper must be disconnected) now we start. Realterm and set the band speed to 115,200 bps and choose the serial port now click on change. We choose where to write the dump and then click on Start: Overwrite. Well if you did everything right it should turn red and we can ”pulldown” the jumper to start the GLITCH the count of characters will begin, we arrive at about 4Mb and then we stop 4. Data analysis and payload preparation
    Let's open the dump with HxD and delete until we find the 2 hexadecimal values 94 94. Let's go to offset 7FFFF and delete everything else Let's go to File \ Save As In order for the dump to be read by the program, we need to convert it to the appropriate language. File \ Export \ Motorola S28 Records 5. Connect E2 Lite with stock RL78
    1. Let's take the pinout of the E2 Lite at 14pin, while we already know it for the RL78 2. This is the result: 6. Renesas Flash Programmer
    We connect the E2 Lite device via the USB cable and launch the Renesas Flash Program, create a new project with the following parameters: .Microcontroller: RL78 .Tool: E2 Emulation Lite .Tool Detail select 3.3v Select the file previously created with HxD with extension s28 and press START. If you've done everything right so far, writing your syscon backup will begin 7. NOR BACKUP with Teensy 2.0++
    Version SAA and SAB Version SAC, SAD etc. Soldering 10 testpoints or anyone with a TSOP avoids soldering I assume that the teensy must be set with HEX SPI, so we also start the dump backup of our Downgrade Credits
    Special Thanks to Wildcard
    by MaxLab81
  15. eap_hdd_Key Dumper Script

    Script que convierte las claves de blob almacenadas en sflash0 al formato eap_hdd_key, que luego puede usarse para recuperar datos de cualquier consola PS4 (retail, devkit o Testkit) a través de on volcado SFlash.
    Esto significa que a partir de ahora es posible leer datos del disco duro o SSD de una PS4 después de borrar la memoria, cosa que solo era posible hasta ahora mediante un exploit en modo kernel limitado a firmwares exploiteables. Eap_hdd_key es el equivalente al eid_root_key de la PS3.
    by Zecoxao.
  16. Easy Fake DLC / DLC without Extra Data Generator

    Easy Fake DLC / DLC without Extra Data Generator es un script escrito en Python que permite crear paquetes de DLC falsos sin tener que generar datos adicionales.

    Su funcionamiento se basa en la herramienta PKGTool de LibOrbisPkg,  incluyendo soporte para URL de PSS y la creación de FPKG para el firmware 6.72, y no solo para el 5.05.
    by TheRadziu.
  17. Easy PKG Extractor

    The Easy PKG Extrator tool allows you to extract the PKG files currently installed in your console to a USB device connected to it.
    It is possible to achieve the same thing using the FTP or PS4-Xplorer server, but it is not as simple as with this application.
    - Automatically determines which port the USB device is connected to (usb0 or usb1). - Displays a progress bar to know the percentage of your copy. - Allows you to cancel your copy at any time.
    by Lapy.
  18. El Pollo

    The controls of the game are very simple: keep pressing any button to go up and release it to go down, it is translated into Spanish and English. The game records the highest score obtained and has an anti-cheat system.
    Compatible with PS4 & PS4 Pro with firmware 5.05.
    by Lapy.
  19. ESP8266 Xploit Host

    ESP8266 Xploit Host para hackear las PS4 con firmware 6.72.
    SoftAP with DHCP ("ESP8266XploitHost", password "ps4xploit"). Web server ( DNS server FTP server on port 21 (user "ps4xploit", password "ps4xploit") Autoupdate (upload new binary, restart ESP8266 and it will update and delete the update file automatically. SPIFFS partition is untouched) Direct boot (choose any HEN payload to boot directly after opening the guide or browsing to without needing to choose anything in the menu) Options menu for PC/smartphone where you can upload files, set direct boot option, format SPIFFS partition, send binary payloads, set your own exploit to be launched from main menu, see device info, and change AP name and password. You can find it at Allows easy WiFi configuration in the console. Forced WiFi and CPU freq. to the limits of the ESP8266 for max speed. Gzip support (doesn't make such a big difference in loading times, but it saves space in flash tho). SD card support to store binary and HTML+JS payloads. Support for 4.55 and 5.05 (4.55 won't be updated anymore tho) Support for PS4, PS3, Nintendo WiiU and Nintendo Switch (HBL installer for 3.0 only) Supports autoredirection to the correct exploit menu for the console you are using to connect to the ESP
    Default settings
    This is for those who don't like reading manuals (or simply can't read). But i won't answer to anymore questions about anything in the manual, if you don't wanna read, i don't wanna answer.
    IP: AP name: ESP8266XploitHost AP Password: ps4xploit (you can change it from the tools menu for your phone/PC) FTP user: ps4xploit (you can change it from the tools menu for your phone/PC) FTP password: ps4xploit (if you change the AP password, this one will change too, it is the same for both AP and FTP). FTP Port: 21 Use easy WiFi settings, no need to enter any DNS or anything.
    Support for 4.05 is over (same on PiXploitHost). Also, won't add anything new for 4.55. I won't port or compile this for any other device which bigger or lower than 4MB flash.
    You can contact me on twitter @c0d3m4st4 for bug reports or support forums. I won't bother replying to questions like, what is the password for the AP and stuff like that. Read the manual! I won't reply to questions that have nothing to do with the exploit host either. Waste my time, and you are blocked. Clone my work without crediting me and you are blocked and exposed.
    No, i won't release the source code. Thank the cloners, i can name a few.
    Flashing the image
    Use NodeMCU PyFlasher-3.0 to flash the bin image.
    Serial port: whatever it's assigned to the board Firmware: "c0d3m4st4_ESP8266XploitHost_vXX.bin" file Baud rate: 115200 Flash mode: DIO (for clone NodeMCU. Use Google if you have a different board) Erase flash: yes, wipe it as we are flashing a full 4M image! Credits
    Thanks to all the beta testers, exploits devs and the huge EP8266 community. Exploits and payloads included in the ESP8266XploitHost are from the following devs:
    qwertyoruiopz flatz Open Orbis Team xvortex Stooged Specter m0rph3us1987 (Holy Grail) Zer0xF PS3Xploit Team PegaSwitch Team ReSwitched Team damysteryman derrek dimok789 FIX94 koolkdev plutooo smea [Truth] vgmoose Yardape8000 yellows8 by c0d3m4st4.
  20. File Manager for PS4

    Geator de archivos para Playstation 4.
    Funcionando en los firmwares 4.55, 4.74 y 5.05.

    Copy Cut Paste New File New Folder Rename Delete Settings Menu:
    Unsafe Partition R/W FTP Hide Local IP SELF Decryption  
    by LightningMods_.
  21. fpkg support to hen 4.74

    Patches and hooks to enable fself/fpkg loading for Hen 4.74 
    by Notzecoxao.
  22. FTPS4

    FTP server for PS4, with self dumping support
    idc Joon xerpi

  23. GameMaker Studio PS4

    by SilicaDevs.
  24. GayMaker Studio

    Aplicación para PS4 con jailbreak en 5.05 que nos permite crear PKGs, desarrollada por SilicaDevs.
    Run the program. and browse to a GameMaker Studio project file (.gmx). you can also change the images, Title. and TitleID and then your game will be "compiled" for PS4 and saved as a PKG to whereever you choose to save it
    All projects are compiled using GameMaker 1.4.1804 - the latest version that works on 5.05
    Packages are created using LibOrbisPkg, No changes made to the original source of the Libary.
    However some snippits where taken from the PkgEditor and changed to not read from clipboard / drag n drop
    Please show me any games you make with it! (though, please note i wont be too interested unless a girl dies)
    #Shaders When you compile a project that uses Shaders for the first time. you'll be prompted to browse to 'orbis-wave-psslc.exe' This file will then be placed into the GayMaker: Studio install folder and you wont have to do it again after that. Shaders will compile into the GXP format. which will then work on the console itself.
    Controller Mapping
    To Check DS4 Controls use the GamePad commands
    Here is what each control maps to:
    gp_face1 = CROSS
    gp_face2 = SQUARE
    gp_face3 = CIRCLE
    gp_face4 = TRIANGLE
    gp_shoulderl = L1
    gp_shoulderr = R1
    gp_shoulderlb = L2
    gp_shoulderrb = R2
    gp_select = SELECT
    gp_start = START
    gp_stickl = L3
    gp_stickr = R3
    gp_padu = DPAD UP
    gp_padd = DPAD DOWN
    gp_padl = DPAD LEFT
    gp_padr = DPAD RIGHT
    Thanks YoYoGames for GameMaker, "YOYO_DEV_ENABLE", and having a unsecured CDN Thanks To the devs of DnSpy for indirectly making this possible ? Thanks To MaxTon for LibOrbisPkg Thanks To ignacio1420 and Nagato for Testing! Thanks To flat_z for make_fself.py  
  25. Gentoo PS4

    La distribución de Linux Gentoo, portada para ser utilizada en PS4.
Conéctate para seguir esto  

  • Crear nuevo...