- 2 days ago
Category
🎮️
GamingTranscript
00:00Hey how's it going guys, welcome back to another PS4 and PS5 jailbreak news update.
00:03So we've got a pretty big one here, the release of the new LAPS exploit by ABC,
00:08which of course is the implementation of the kernel exploit, the AIO exploit,
00:13that we've been covering in the previous updates here,
00:15which could lead us to new jailbreaks on the PS4 and PS5 on higher firmwares.
00:20So the release here coming to us from ABC,
00:23who was the person who I believe originally discovered this exploit in the first place,
00:27as I said in one of my previous videos, you know, we might be waiting a long time
00:31for an implementation if it has to be done from scratch,
00:34but more likely there's probably somebody who already has a working version of the exploit in private
00:39and is working on it for releasing it now that the information's out there.
00:43So that appears to be what has happened here, ABC has released a working implementation here.
00:48So this is the original post where ABC says that we're happy to release the LAPS exploit,
00:53a kernel exploit for PS4 5.00, 12.50 and PS5 1.00, 10.20.
01:00Caveats, it's minimal patches for PS4 8.0X only right now.
01:05Other firmwares must be ported.
01:07So the only implementation of this works on firmware 8.0 on the PS4.
01:12No other firmwares have been added yet,
01:14but it's most likely just offsets that need to be ported to get the other firmwares working.
01:18So that will happen, you know, over time, we'll get other firmwares supported.
01:23Then also kernel readwrites must be ported to PS5.
01:26So it's only working on PS4 right now.
01:28You can similarly walk proc p underscore fd,
01:32but remember that file description changed in FreeBSD11.
01:35So just about how to kind of port it over to work with PS5.
01:39And no HV exploits.
01:40Contributions for porting are welcome.
01:42We won't accept chaining with any hypervisor exploits.
01:45We'll leave the full PS5 exploit chain to forkers.
01:47Our repo will remain for demo purposes for kernel read and write.
01:52So yeah, ABC's just released this and letting everybody else,
01:55you know, create forks to port it to PS5 and other firmwares and all of that kind of stuff
01:59and chain it with maybe existing hypervisor exploits.
02:02If people want to run it on, you know,
02:04firmwares that have hypervisor exploits for PS5, then they can do that.
02:08So we now have the initial release.
02:11So we're going to start seeing a flood of updates for this,
02:13porting it to other firmwares and getting it working on PS5 next.
02:16You need to be on PS4 8.0 in order for this to work right now until it's ported to other PS4
02:22firmwares.
02:23So just to kind of test it out, I went ahead and reverted my revertible PS4
02:27down to 8.0 firmware and gave this a try.
02:31So if you want to test it, you just download the zip file here,
02:34open it up, which contains the files.
02:36Then all you have to do is just extract that to a folder
02:38and then run a web server in that folder that you can access on the PS4.
02:43And from there, I was able to run it.
02:44Now, whenever I run it, I just get these undefined errors.
02:48It looks like it's looking for a missing file, code underscore MGS, which it's not found.
02:53So I'm not sure if that is missing deliberately or not, but it's not able to get any further.
02:58But if I kind of freeze frame during the execution of the exploit here,
03:02you can see the full exploit as it's running there from start to finish.
03:06So that is the results that I had here running on my 8.0 0 system with this.
03:10Now, this is running through WebKit because it's using the PS3 WebKit exploit.
03:16And now this will not work above firmwares, I believe, 9.60 on the PS4,
03:20just because the WebKit exploit of PS3 only works up to that point.
03:25And then it was patched afterwards.
03:26So unfortunately, this particular implementation will not work past 9.60 on PS4,
03:32and it should not work past 5.50 on the PS5.
03:36So of course, if we want to get this working on higher firmwares,
03:39we'll need to chain it with a different user land exploit,
03:41which will of course be the Lua exploit,
03:43which works on the latest firmwares for the PS4 and PS5.
03:46So that will have to be used with this unless we get a new WebKit exploit some point in the future.
03:52So that is the situation with this right now.
03:54It's only working on 8.0 right now.
03:56It will get ported to other firmwares fairly quickly, I assume.
04:00And then of course, it needs to be paired with the Lua exploit
04:02to get it working on higher firmwares.
04:04So that's the situation right now.
04:06And then it also needs to be ported to PS5.
04:08So still a lot of work that has to go into this
04:10until we have, you know, a working jailbreak
04:12where we can run Gold Hen on higher firmwares on the PS4
04:16and obviously running things like K-Stuff and ETA Hen on higher firmwares with this on the PS5.
04:21So still a long way to go, but this certainly has opened the floodgates here.
04:25Now looking at this, it does make it look like it supports up to 12.50 on the PS4
04:30and 10.20 on the PS5, but it actually means less than 10.20 on the PS5
04:35and less than 12.50 on the PS4.
04:37So that would be 12.02 would be the highest firmware that this supports on the PS4.
04:41And of course, 10.01 would be the highest firmware it supports on the PS5.
04:45And as if that news wasn't good enough, it looks like Zekko has been teasing
04:49a potential new hypervisor exploit for the PS5 for 3.X and 4.X firmwares.
04:55So maybe don't think about updating your PS5 firmware version just yet
04:59if you're on 3.0 to 4.51 for now.
05:02So anyway, that's the situation with this news.
05:04I do have a bunch of other topics to dive into here in this video
05:07because I was planning a jailbreak news update video before this news came out.
05:12So let's go ahead and dive into some of the other topics
05:14that I also want to cover here.
05:16Most of this stuff here is for PlayStation 5.
05:18I'll try and go through these in more of a rapid fire fashion here.
05:21So we got a new version of K-Stuff from Echo Stretch that is version 1.5.
05:26It adds a few new features.
05:27The ability to disable ASLR by skipping the check by Buzzer RE,
05:31which is address space layout randomization.
05:34It basically kind of jumbles up where things are stored in memory each time that you load it.
05:39So if you're trying to find cheats, it can be kind of difficult
05:41because you can't just rely on a static memory address.
05:44To point to a certain instruction because whenever you reload the game or restart the console,
05:49things will be loaded into a different section of memory
05:51and therefore that address will no longer point to that instruction.
05:54So you have to use other techniques to get around that.
05:57So being able to disable this should make it easier for developing cheats on the PS5.
06:01We also have a PSVR 2 bypass by AlAziv,
06:04which should help trying to get PSVR 2 games working through K-Stuff
06:08and also added remaining offsets for 3.10.
06:11So if you're having any problems with K-Stuff on that firmware version,
06:14you might have better success with this new version.
06:16Also, this version has been included in a new build of ETA-Hen,
06:21which is ETA-Hen version 2.2b.
06:24This is just a test build at the moment.
06:26It's not an official release.
06:27So for the most part, the only real change is that it includes this new K-Stuff version.
06:32When we do get a official release of ETA-Hen 2.2b,
06:36it will most likely have more features included.
06:38But for now, anyway, you can use this test build,
06:40which includes the new version of K-Stuff to load along with it.
06:44And you can access this on Zeko's host here on zeko.github.io slash lua sauce,
06:50and you'll be able to load it from there.
06:52There's also been some improvements to the Blu-ray drive version of the exploit here
06:55on Victorious X's repo.
06:58So these developments come from benox underscore xd.
07:01So the main improvements is when you run the Pipeline Runner,
07:04which runs the full chain exploit of the kernel exploit,
07:07the elf loader, and then ETA-Hen for you,
07:09it will now automatically close the disk player for you
07:12on pretty much all the supported firmwares now.
07:16So instead of you having to close the disk player yourself,
07:18it just does it automatically.
07:19So you just have to load one option on the ISO,
07:22like the normal jailbreak or the all-in-one option,
07:25and then it will run the entire thing,
07:27close the disk player for you,
07:28and you'll end up back on the homepage with ETA-Hen running,
07:32and the console jailbroken.
07:34So pretty awesome stuff there.
07:35Now when you run the all-in-one option,
07:37it now checks the USB drive to see if you have any updated payloads on a USB drive
07:41that's connected to the PS5.
07:43So it will load those instead of any older ones that are on the disk.
07:47And then if you don't have a USB drive connected,
07:49it can also check the data folder on the hard drive for updated payloads.
07:53So you can also store them there as well,
07:54if you want to update the payloads for it to load,
07:56instead of having to re-burn the disk again
07:58to get updated payloads on the disk itself.
08:01So that's a handy feature that's been included in this version here,
08:04along with a few other improvements.
08:06Now there's also been a similar improvement to the Lua exploit,
08:09which allows you to run the full chain exploit
08:11without having to manually send the Lua files one by one from your computer.
08:16So this is from itsplk,
08:17and in here in the save data folder,
08:20we have this new PS5 Lua loader.
08:22You can put this folder on the root of a USB
08:24or again in the data folder on the internal storage,
08:27and it will prioritize the USB first,
08:29then the internal storage,
08:31and then the save file,
08:32because you can also have this on the save file itself
08:34and load it from there.
08:36So you can load it from these three different locations.
08:38So you have to basically update your save file
08:40for the Lua exploit with all of the files here,
08:43and then basically put this folder on a USB or the internal storage.
08:47And then from there,
08:48you can add whatever payloads you want to load.
08:50So by default, it has an FTP payload here,
08:52and this autoload text file has the name of the payload for it to load.
08:57So basically, you would just swap this out with like ETAHen
09:00and put the ETAHen payload in this folder,
09:03and then just get rid of the FTP server elf
09:05and change it to ETAHen.bin,
09:07and then you should be good to go from there,
09:09and it will load everything for you.
09:11In addition to that,
09:12Benox XD has also added this payload
09:15so that you can add the killluagame.elf,
09:18and this will do the same thing
09:19that the Blu-ray drive exploit does now,
09:21which is close the game once it's finished executing all of the payloads.
09:25So you can also add this payload as the last payload
09:27in the autoloader for the exploit to run,
09:30and then that way it can, you know, run, say, KStuff,
09:33and then after it runs KStuff,
09:35it will run the killluagame.elf,
09:37which will automatically close it.
09:38So it'll basically be an all-in-one option.
09:40You just run the Lua game,
09:42and then it will automatically load the save file,
09:45which will run the umtx kernel exploit,
09:47then the elf loader automatically,
09:49and then any payloads that you put in the autoload.txt file,
09:52like ETAHen or KStuff,
09:54and then once that's loaded,
09:55it will run the killluagame.elf,
09:57which will then close the game,
09:58and you'll have the exploit fully up and running,
10:01and all you had to do was launch the game.
10:03So another good improvement there.
10:05And the last thing that I want to cover here
10:06is that we have the first full release now of FPKGI,
10:10so version 1.0.
10:12All the previous versions were pre-release builds,
10:14but now we have the first full release from It's Jokers,
10:17and this adds a lot of support for PS5.
10:20So we have things like zip download support
10:22to add support for downloading,
10:24extracting, and installing zip files.
10:26PS5 dump extraction included PS5 dump extraction
10:29for items flow integration.
10:31Zip installation order,
10:32so zip packages now install alphabetically,
10:34prioritizing numbers and symbols.
10:36Jailbreak compatibility,
10:38improved compatibility using a whitelisted Jailbreak on PS5.
10:41And you can close the application by pressing circle twice.
10:45So this is a pretty big deal,
10:46being able to not just install PS4 fake packages using this,
10:50but you could also now use it to install PS5 packages as well,
10:54by essentially just having your PS5 game stored,
10:57I believe as a,
10:58maybe just the extracted folder or in a zip file,
11:01which you can then index with the JSON files in FPKGI,
11:04and then download them from your computer or your server or from the web.
11:09And you'll be able to just download them directly onto the PS5
11:12and integrate it with items flow,
11:14probably just scan for apps with items flow,
11:16and it will find the ones that were downloaded with FPKGI,
11:19and you'll be able to run them from there.
11:21So yeah,
11:22some big improvements there with FPKGI as well,
11:25now supporting PS5 game dumps,
11:26as well as your traditional PS4 fake packages.
11:30There's actually been a bunch of other updates,
11:31but I don't want to make this video too long.
11:33Obviously the main thing of course,
11:35is this new LAPS kernel exploit release.
11:37So we'll have to see where that goes.
11:39I'm sure we'll see lots of updates for this happening pretty rapidly.
11:42So I'll likely have another video coming very soon with the latest updates here.
11:46So anyway,
11:46hope you guys enjoyed this one or found the information useful.
11:49As always,
11:49I'll hopefully see you guys in the next video.
11:51We'll see you guys in the next video.
Recommended
0:45
11:27
14:33
8:20
15:51
11:59
10:38
Be the first to comment