One year later, here’s what you can do with a hacked PS5: Things are getting exciting! | #hacking | #cybersecurity | #infosec | #comptia | #pentest | #hacker

It feels like yesterday that the PS5 Kernel exploit was released, impacting PS5 firmwares 3.00 to 4.51 included. Progress for hacked PS5s appeared to be slow initially, as hackers built up knowledge on the system and its multiple anti-hack mitigations. But it feels now we’re getting full steam with PS5 hacks, and what you can do with a hacked PS5, in particular on firmware 4.03, is now getting very close to what hacked PS4s allow. With more raw power.

A bit of PS5 Exploit history

Hacker TheFloW dropped a bomb on the PS5 scene back in September 2022, when he disclosed the first ever Kernel exploit for the PS5. Based on an older PS4 vulnerability that somehow managed to make its way to the PS5, this initially appeared to have fully unlocked the PS5. But it turned out that with additional security in place, the PS5 remained reasonably secure even after a Kernel exploit.

In concrete terms, the exploit gave us read/write in kernel data, but not in the kernel itself, due to eXecute Only Memory flags and tight control by the hypervisor.

There are exploits for earlier versions of the PS5 Hypervisor, but they are not public. Hackers have turned to bypassing its mitigations instead, and it seems Sleirsgoevy’s attempts are being the most successful so far, the hacker being able to find where critical functions are located thanks to clever guesswork, and patching them at runtime with his Prosper0 debugger and associated hooks.

While Sleir’s system currently only runs on PS5 Firmware 4.03 due to how the offsets have to be manually found in each firmware (a tedious work), there is hope that this could eventually be ported to other Firmwares. Specifically, Sleirsgoevy’s hacks now enable PS4 FPKG support on the PS5, which means PS4 Homebrew and err, PS4 “backups” are now a reality on PS4. This means you get to play PS4 games on the PS5, possibly with cool 60FPS (or even 120FPS) patches and other mods from the likes of illusion. Truly, it seems we’re that close to getting an equivalent of GoldHEN on the PS5.

Although FPKG support is limited to PS4 games at the moment, the 60FPS patches also work on PS5 games (provided you own a legit copy of the game, obviously, since PS5 FPKGs are not possible currently).

There’s also critical progress that’s been made on native PS5 Homebrew support aka “BigApps”, thanks to Astrelsky’s libhijacker (which also powers Illusion’s patches btw) and John Tornblom’s Homebrew enabler.

A lot of these tools are still being actively developed and are not all in “user friendly” territory yet, but we’re getting there!

PS5: Two versions of the same exploit

There exists two “version” of the PS5 exploit floating around. The Webkit version, and the BD-JB version. These two variants use the same kernel exploit, but rely on two different vulnerabilities as entry points (either a Webkit vulnerability in the PS5’s browser, or an exploit in the BluRay implementation of the PS5). Both have their pros and cons, although from most use cases they are pretty much equivalent. People with a Digital Edition of the console are of course constrained to the Webkit exploit.

Last year, the exploits had significant distinctions on which payloads they could run respectively, but generally speaking the discrepancies have smoothed out, and a lot of tools that run on one exploit will now run on the other. There are still exceptions of course, but generally speaking we’re in a better place than last year when it comes to compatibility between the exploits and the payloads/tools.

What’s possible with a hacked PS5 today

Here is a roundup of the tools that have been released for hacked PS5s:

  • The exploits themselves (John Tornblom’s implementation for BD-JB, SpecterDev’s implementation for Webkit), which turn off some of the security of the PS5 and allow to send a payload to the console, either as an ELF file, a raw binary, or a JAR file (BD-JB only for the JAR loader)
  • Both Exploits allow access to the Debug Menu on the PS5, a QA utility that lets you display interesting information about the console, and to install PS4 FPKGs (a feature that’s now useful)

New in 2023:



  • You can now load native PS5 Homebrew apps, either thanks to Astrelsky’s libhijacker, or John Tornblom’s Homebrew Enabler. There aren’t many actual PS5 homebrews yet though, although John’s enabler ships with a sample app.

Where to get a hacked PS5

As only PS5 Firmwares 3.00 to 4.51 are hackable, it’s become harder (aka more expensive) to find a hackable model. There’s of course always hope that future firmwares could get a hack (especially since TheFloW announced he has fresh vulnerabilities), but if you’re badly in need for a hacked PS5, your best bet is to find one now before they become truly expensive. I share a few tips here, but long story short you have to buy one second-hand:

  • Hunt for either a “new in box” Launch Edition PS5  or “new in box” CFI-10xx (CFI-10xx are what you’re looking for, CFI-11xx are risky, CFI-12xx are no go),
  • Look for a used PS5 console where the seller can explicitly confirm the firmware. Sometimes searching for the exact firmware, e.g. PS5 4.03 can yield results. Always double check!!!

The future looks bright for PS5 hacks!

We’re still far from  “full fledged homebrew environment” as you can see, but things have been moving quite fast in 2023, and I expect this could accelerate moving forward.. To stay up to date on future developments, check our PS5 Jailbreak page.

Any release we’re forgetting in the list above? Let us know in the comments!


Click Here For The Original Story From This Source.

National Cyber Security