Jailbreaking the PS4 with Free Lua Game Demos using revert method

jalal khan

How to use the free lua game demos to Jailbreak the PS4 by downloading them on the latest firmware then reverting back to the previously installed version. -------------------------------------------------------------------------------------------------------- Links:  Syscon Writer: https://github.com/AbkarinoMHM/PS4Sys...  PS4 We Tools: https://github.com/andy-man/ps4-wee-t...  Recovery Firmware: https://darksoftware.xyz/PS4/FWlist https://darthsternie.net/ps4-firmwares/ https://archive.midnightchannel.net/S...  Full Revert Mod Guide:    • How to Revert the PS4 to a Previous Firmwa...    Creating Japan Account:    • Preparing the PS4 & PS5 for Future Jailbreaks   -------------------------------------------------------------------------------------------------------- Timestamps: 0:00 - Intro 1:31 - Downloading Lua Demos 4:05 - Reverting PS4 12:46 - Jailbreaking with Lua Demos -------------------------------------------------------------------------------------------------------- Music Outro: Paul Flint - Sock It To Them -    • Paul Flint - Sock It To Them [NCS Release]   -------------------------------------------------------------------------------------------------------- Find my content on these other platforms: Odysee: https://odysee.com/@MODDEDWARFARE LBRY: https://lbry.tv/@MODDEDWARFARE BitChute: https://www.bitchute.com/channel/cZkN...

Transcript

00:00Hey, how's it going guys? Welcome back to another PS4 tutorial. So the revert mod has become more

00:05relevant than ever just recently because of a new development. Firstly, of course, the revert mod,

00:10if you don't know what this is, basically it's possible to actually revert a PS4 back to the

00:15previously installed firmware. So whatever firmware you were on before you updated,

00:20you can revert back to that firmware in most cases. Now this is relevant for two reasons.

00:25First of all, anybody on 12.50 for the most part should be able to revert their console back to

00:30a jailbreakable firmware, 12.02 or lower, which is great. The other big deal is that it's recently

00:36been discovered or made public anyway, that it's also now possible to get those free Lua game demos

00:42that can be used to run the jailbreak. You can download them on the latest firmware. And then

00:47when you revert back to a jailbreakable firmware, you'll be able to use those Lua demos to run

00:52the jailbreak without having to buy one of those physical copies of the game imported from Japan.

00:58So that is why the revert method has just become a lot more exciting. So I've done a full tutorial

01:03on how to set up the revert mod. It's not a trivial process. A lot of people send their consoles off to

01:09mod shops or repair shops to get this done. In my case, I did a whole tutorial showing how I set up my

01:14own revert mod as like a permanent hardware mod on the console. And that's the console I'm going to be

01:20using here to demonstrate this process. But obviously, I'm not going to, you know, show how

01:24to wire everything up again in this video, because I already have a full tutorial that shows that which

01:29will be left down in the video description. So if you're already on firmware 12.50, for instance,

01:34and you managed to get the Lua game demos when that was the latest firmware, then you can basically

01:39use this to revert back to a jailbreakable firmware, your previously installed version, so that you'll be

01:44able to use those games to run the jailbreak when you're back on the older firmware. That is the idea.

01:49If you're already on a jailbreakable firmware, like in my case, I'm on 12.02 right now. Let's say I

01:54don't have one of the Lua games that I can use to run the jailbreak, but I do have the revert mod

01:58set up. Then what I can do is I can update to 12.52 or whatever the latest firmware is, download the

02:04Lua demos for free, and then revert back to the previously installed firmware that was jailbreakable

02:09so that I can use them to run the jailbreak when I'm back on 12.02. So that's what I'm going to be

02:14doing here in this video. Now, ideally, if you're going to do it that way, you should really back up

02:18your Syscon and your NorFlash while you're on the older firmware before you update. But for the sake

02:23of time, I'm just going to go ahead and update straight to 12.52 and then revert once I have

02:28the Lua game demos. Okay, so now we're updated to the latest firmware, currently 12.52. So we can go

02:34ahead and access the PSN store now to download the free Lua game demos. And I've also gone ahead and

02:40signed into my Japanese account, which can be used to get the Lua game demos. If you don't know how to

02:45create a Japanese account on your console to get the free demos, then again, I have a video on that,

02:51which I will leave linked below in the description. So essentially, what we want to do here is first

02:55of all, download the Lua demos on 12.50. So what we'll do here, we'll go to search on the PlayStation

03:02store, and we'll go ahead and start downloading the demos. So we want Hamadashi creative demo. So

03:08we'll go ahead and grab this and download it to our PS4 here. So the other games you can get are

03:13Fuyu Kiss, IX, Sheetel, and Jinki Resurrection, the demo versions. Any one of those can be used to

03:20load the jailbreak, but you only need one of them to be able to load it. But we'll go ahead and just

03:24install all of them here just now. So there we go. So you can run each one of the demos, just make

03:29sure they're all working, at which point we should be all good. So if we head over to our settings,

03:34we want to go to account management, and make sure we activate as your primary PS4 for the account.

03:39So for the Japanese account that you're using to actually download the games, you want to make

03:44sure it's activated as your primary PS4. As you can see here, it says this PS4 is activated as your

03:49primary. If yours isn't, then make sure you select the option to activate here at the top, and make

03:54sure it is activated as your primary console for the account. Okay, so once that's done, we can go

03:59ahead and turn our console off. And now we just need to revert it back to the previously installed

04:04firmware. Okay, so I've got my revertible PS4 here. So to get it ready for the revert process,

04:10I've just got this switch on the top, which I just need to flick to on. So I switch all three

04:15of these little switches to on here. And then if I remove the kind of cover plate, you will actually

04:22be able to see the chip itself, which is just a TNC 2.0++, with a few modifications to it here that

04:29allow it to read and write to the Syscon and the Nord chip. So all I have to do is plug in a USB

04:33cable into that TNC between obviously the computer and the TNC itself on the PS4. And we should be

04:39ready to read and write to it. Again, I have a full tutorial on how to set up this mod from scratch,

04:45which again will be left in the video description if you want to, you know, see how to kind of create

04:49your own essentially mod chip for the PS4 to revert it. Okay, so the tools I'm using for this are the

04:55Syscon Writer from Abcarino and CGYCNQ and the PS4 WeTools from AndyMandev, which are both free

05:02pieces of software to do this. And I also need the TNC.exe, which is the programmer to program the

05:07TNC, so I can read and write to the Syscon and the Nord flash. So I'm going to open that up first

05:12of all, and then open up the Syscon Writer, go to the hardware, TNC 2.0++, take the hex file and drag

05:18it into the programmer, and then press the button on the TNC to enter program mode, and then click the

05:23program button. And then once it's programmed, we can hit reboot. And now it's ready to read and write

05:28to the Syscon. So I can now go to the PC folder and open up the PS4 Syscon application. From here,

05:34I can go to dump the full Syscon flash and click the three dots to browse. And the location I'm

05:39using for this is just going to be the PS4 WeTools folder. And we're going to call the file Syscon

05:43and press enter. We're going to take two Syscon dumps to make sure that they are the same,

05:48so that we have good dumps of the Syscon. So we want to take two dumps and then it will compare

05:53them to make sure they are identical. Okay, so files are identical, process done successfully,

05:57so we have good dumps of our Syscon. So that's the first step done. So next, we're going to go back

06:02onto our TNC flasher. I'll go into the PS4 WeTools this time and go to assets, hardware,

06:08SPI way, and then I'll take the hex file for the TNC for the NOR flasher and put that on

06:13and press the button to enter programmer mode, program the TNC, reboot. And now we are ready to write

06:20to the NOR flash or read from the NOR flash first. So now we're going to run the run.bat to open up

06:26the PS4 WeTools. If it's the first time using this application, you'll need to use Python. So make sure

06:31you install Python. And then there's two modules to install using the pip installer. So you can use pip

06:36install, py serial and py crypto dome, I believe. So those are the two modules that are needed to get

06:43this working. So once you have this application loaded, we're going to use option three, which is to

06:48the NOR flash using SPI way. So we're going to select that option and then select option one for

06:53com port. And we can see it identifies the NOR chip. So it looks like everything is good. And we'll use

06:59option one to read all to read our NOR flash. And then we just wait for this to complete. Okay, there

07:04we go. So the dump is complete. We're going to do it a second time. Again, it's the same thing as the

07:09Syscon. Take two dumps and then compare them to make sure they are identical. Okay, so now that we have

07:13two dumps of the NOR flash, we can use option S to select a file. And we can see them showing up here

07:18as number seven and eight. I'll use option C to compare the files in the current folder. And we can

07:24see that these two dumps here for the NOR flash have the same hash, which means they are identical.

07:30So we have good dumps of our NOR flash as well. So now we can basically select number seven, which is

07:37one of the dumps of our NOR flash. And you can see it loads up the information about the console here,

07:42showing the board ID as 1216B. It's important to note that down. We can also see our active

07:48firmware is showing as firmware 12.52, which is also good. Now UART is currently on. So if it's

07:55off for you, use option one, and then one again to turn UART on. Obviously, it's already on for me.

08:00So I'll just do it again to make sure that is on and then zero to go back. And now we're going to use

08:05option four to switch core OS slot for firmware revert. So we'll select option four. And then these are the

08:11different slot switch patterns. So obviously, I'm on a 1216B console that we identified before. So for

08:18me, it's going to be one of these two. I think the last time I reverted, I used option three. So this

08:22time it will be option four to switch back. So I'm going to use option four here. It says save as a

08:28separate file. Y for yes. Flash this to the IC. We'll say yes to flash it to the NOR flash. And then

08:33one to select our USB serial device. And then option three for PS4 core OS switch. We'll press enter.

08:40And that will write that section to the NOR flash. And you can see that is now done. So that's everything

08:45we need to do to the NOR to switch it over. So now we can go option one to the file browser. And now we'll

08:50select our Syscon, which is option 10. And then we'll use option two, which is for the auto SNVS patch.

08:58And then we want to select method A, which is option one, which is the last four records will be deleted.

09:04Now, some of these other options can actually override the licenses on the Syscon,

09:09which is why you don't want to use the other ones for the most part. Option A should be fine. Option B

09:14might work. I'm not sure. But option A is the one that definitely works. So I'm going to use option

09:19A. So number one and press enter. And that creates our Syscon patch. So now we should be good. We can

09:25go ahead and simply quit out of the PS4 Wii tools. We don't need to use this anymore. We've got

09:30everything done. And now we just need to basically flash the Syscon patch back over, which again,

09:35we can do by opening up the Syscon writer. Just first of all, getting the hex file copied back

09:40over to my Teensy. And we'll go ahead and program that back on so that we can use the Syscon writer.

09:47And you can actually use the PS4 Wii tools to write to the Syscon as well. But I'm just used to using the

09:52official application here. So that's what I'm going to use. And then we're going to use the

09:56Syscon process of writing the Syscon's NVS and SNVS only. Select that option and then browse for

10:03the Syscon patch that you created in the Wii tools. We're going to open that up, verify after

10:08write and then start. And that's going to write that section to the Syscon. And bam, we can see

10:14it is now done. So at this point, we can go ahead and unplug the USB cable and flick the switch on top

10:20of my console to off to disconnect the Teensy. So now we can plug the console back in and try and

10:25turn it on. And if it boots us straight back into the home menu, like nothing happened, then

10:30obviously you used the wrong slot switch option for the Norflash. So you'll have to use, I used

10:35option four, so maybe I'd have to use option three instead if that happened. Otherwise, if it's done

10:40correctly, it should boot you into safe mode. One other thing that's needed when reverting is a

10:45recovery firmware for the firmware that you're reverting to. So I'm reverting back to 12.02.

10:50So I need to download a recovery firmware for 12.02. So I'm using this website here. There's a few

10:57different sites you can use to download older firmware versions for the PS4. I'll leave them

11:02in the description. But basically, we need to download a recovery firmware, not a retail firmware

11:07here. So I'm going to go to the recovery firmwares list for 12.02, which is the firmware I'm reverting

11:13to. And I'm going to go ahead and download that right here. So once I have it downloaded, I need to

11:18put that on a USB drive that's formatted in XFAT format. We go to the root of the USB drive,

11:24right click and create a new folder called PS4 in uppercase characters. Inside that folder,

11:30we create another folder called update, also in uppercase characters. And then we copy the update

11:36file into that folder. So we'll just copy it in. And then once that's copied, we need to make sure

11:42it's renamed correctly to ps4update.pup in uppercase characters. And make sure you go to view show

11:50and show file name extensions, so that you can ensure the file name is correct, ps4update.pup.

11:56And then you should be all good to go. So at that point, we can unplug our drive and plug it into

12:01our PS4. Okay, so when we boot up the PS4 after slot switching, you can see it just takes us straight

12:07to safe mode. It says to connect the DualShock 4 via the USB charge cable. So we plug in the charge

12:13cable for the controller into the console and then press the PS button. And now it's saying connect a

12:18USB storage device that contains an update file for reinstallation of version 12.02 or later. So my

12:23previously installed firmware is 12.02. So that's what it wants me to reinstall. So I put the 12.02

12:29recovery firmware on the USB and connected it to my PS4. So I'll just select OK. And it should then

12:36reinstall from that update file. And it should start installing the 12.02 recovery firmware, which should

12:44get our system back on 12.02. Okay, so finally loading back into the console now that we're on

12:5012.02. So if we head back to our settings, we can see we're now on 12.02 firmware back where we were.

12:57And we do in fact have the Lua game demos that are still accessible now. So we can basically just run

13:03the game. Now, in my case, I already have a save file that I put on a USB drive for the Hamadashi

13:09creative demo to load the jailbreak. So we'll go ahead and I'll just quickly get that save on there

13:14for my USB. So save data on USB storage, copy the system storage. And this is the one right here for

13:20the demo version. So I'll go ahead and copy that over. And we should be good. Obviously, if you want

13:26to know how to create the save file, all of that stuff, I have full jailbreak tutorials on how to set

13:30up the jailbreak that you can check out. I'll leave it down in the description or at the end of the video

13:34here. But anyway, so let's go ahead and see. Obviously, these other demos should run just

13:39fine. If we try this one, you can see it should load. Yep, there you go. So the demo is in fact

13:44working. But I put the modified save file to load the jailbreak on this one. Let's go ahead and load

13:50it. And we should get the auto Lua loader to jailbreak the console without having to have a

13:56physical copy of the game. So here we go. Payload is already up to date. And there is Goldhen is now

14:02running. We've successfully jailbroke our console. So I took a console that was on 12.02. And you know,

14:08let's say I did not have a physical copy of the game, I can update to 12.52, download the demos on

14:15PSN, then revert while retaining the licenses so that I can then use these demos, these free demos to

14:21then run the jailbreak on the older firmware that I reverted to. So that is the general idea of how this

14:27works. Now, obviously, this is not going to be for everybody. Reverting is not a trivial process.

14:32The only reason it's trivial for me is because I set up this kind of hardware mod to make it easy

14:37to revert on the fly, which again, I have a full tutorial of which will be linked in the description

14:41if you do want to, you know, try and do something like this. But generally, you know, for most people,

14:47if you want this done, I suspect there will probably be services available on mod shops and repair shops

14:52to do this for you to get the Lua demos on there and revert your console. And if you're on 12.50 and

14:57you already managed to get these Lua demos back when 12.50 was the latest firmware,

15:02then you can just revert back to your previously installed firmware and be able to use them.

15:06Anyway, hope you guys enjoyed this one or found the information useful. If you did,

15:09please leave a like and subscribe. And once again, I'll hopefully see you guys in the next one.

15:13I'll see you guys next time.

15:18Bye.

15:27Bye.

15:28Bye.

15:29Bye.

15:30Bye.

Category

Transcript

Comments

Recommended