Largely since the advent of the third generation of games consoles in the early to mid 80s, adventurous users have been interested in making their machines do things they’re not supposed to.
In common with the 8bit games-capable computers that preceded them, much emphasis was placed on piracy, with people seeking to cut console games costs with copies of what would otherwise be expensive investments. Alongside, however, was a rapidly developing “homebrew” scene in which often amateur coders sought to utilize their purchased hardware for non-conventional means.
These days the process of digitally cracking open a device is much more complex and has given birth to the term ‘jailbreaking’. It can be applied to devices as diverse as iPhones and PlayStations but it all means the same thing – the removal of restrictions put in place by manufacturers in order to control what can be done with a device.
These restrictions mostly relate to the running of software, with the big manufacturers wanting people to not only use ‘app stores’ that they control but also to pay for the privilege. The jailbreaking scene often aims to undermine the former but despite many good intentions, it often gets dragged into piracy as a result.
Yesterday there was cause for both homebrew coders and pirates-in-waiting to celebrate with the announcement that developer ‘Qwertyoruiop’ had released the full code for his PS4 firmware 4.55 kernel exploit.
While the release caused much excitement, the kernel exploit still needs a usermode entry point. As reported by Wololo, that could come via the Webkit exploit previously released by Qwertyoruiop for PS4 firmware 4.07 a while back.
So, to put things into basic terms, while the new exploit works up to v4.55, the user exploit only works up to those with PS4s running v4.07, at least until another usermode exploit for later firmwares is released.
But with anticipation in the air, a few hours later yet more exciting news appeared on the horizon. Taking Qwertyoruiop’s v4.55 kernel exploit and running with it, developer SpecterDev announced on Twitter that he’d published a full implementation of the exploit on Github.
4.55 Full Stack https://t.co/mFQdmZlIt9 Enjoy :) Cheers @qwertyoruiopz @flat_z
— Specter (@SpecterDev) February 27, 2018
In other words, SpecterDev has released a fully-functional jailbreak of PS4 firmware 4.55, which opens up a whole world of opportunities for the homebrew scene – and beyond. That being said, he’s careful to note on Github that others will have to step up to fill in the gaps from here.
“[The implementation] will allow you to run arbitrary code as kernel, to allow jailbreaking and kernel-level modifications to the system. This release however, does not contain any code related to defeating anti-piracy mechanisms or running homebrew,” he explained.
Nevertheless, SpecterDev’s code has an inbuilt ‘ear’ that can take instructions (a so-called ‘payload’) and do something useful with them.
“This exploit does include a loader that listens for payloads on port 9020 and will execute them upon receival,” he explains.
Rumors suggest that there’s already some kind of payload being shared privately. We haven’t been able to confirm what it does yet but people seem excited by it.
Update: Confirmation of what it does from Wololo: “When run in combination with the recently released exploit for PS4 4.55, Holy Grail lets users install and run unsigned packages. In practice, this will let 4.55 owners install and run homebrews as well as, yes, pirated PS4 games.”
A video showing the jailbreak in action has been uploaded to YouTube and can be seen below.