Skip to content

Mistawes/FTPS4

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

58 Commits

exploit

exploit

 
 

kpayload

kpayload

 
 

librpc

librpc

 
 

payload

payload

 
 

tool

tool

 
 

.gitattributes

.gitattributes

 
 

.gitignore

.gitignore

 
 

Makefile

Makefile

 
 

README.md

README.md

 
 

build.sh

build.sh

 
 

send.sh

send.sh

 
 

Repository files navigation

FTPS4 + Jailbreak Kernel Patches

Features

  • Jailbreak
  • Sandbox escape
  • Debug settings
  • FTPS4
  • Decrypt eboot/self and sprx
  • Enable UART
  • Disable system update messages
  • Delete system updates
  • Fake self support
  • Fake pkg support
  • RPC server
  • RPC client in C#

I use the standard fake pkg keys, created by flatz.

General Notes

Only for 4.55 Jailbroken PlayStation 4 consoles!

The main jkpatch payload utilizes a port of CTurt's payload sdk (xvortex). This requires an environment variable PS4SDK pointing to your SDK. Alternatively, change the Makefile to have LIBPS4 point to the ps4-payload-sdk directory on your machine. I could have it referenced from the home directory but meh...

# change this to point to your ps4-payload-sdk directory
LIBPS4	:=	/home/John/ps4-payload-sdk/libPS4

If you decide to edit the resolve code in the kernel payload, make sure you do not mess with...

void resolve(uint64_t kernbase);

... as it is called from crt0.s. And changing this will produce errors.

See other branches for other kernel support. I will support latest publically exploited firmware on main branch.

RPC Quickstart

See either Example.cs or look at the RPC documentation.

You can read/write memory, call functions, read/write kernel memory, and even load elfs.

Here is a cool example of an elf loaded into COD Ghosts (forge mod made by me!) You can download the source code to the forge mod here. Have fun!

Coming Soon

  • General code clean up and refactoring
  • Hope to make standalone elf for FTPS4

How to use

You need to trigger the 4.55 FreeBSD BPF kernel exploit and send (netcat/socat) this file over your network, to your PS4s IP. Send the payload.bin to port 9020 and the kpayload.elf to 9023. Or simply replace the payload.bin and kpayload.elf in the app you're using (Memview, PS4 Trainer Utility, PS4 Cheater etc.).

I have personally configured Apache to use CGI scripts to automatically send these over when I navigate to a certain URL.

While running this payload, minimize the browser with the PS button to keep FTPS4 running in the background. I found it works best to close an application before opening a new one, when switching games. Otherwise there's a chance it may freeze and require a reboot.

Credits

Creator of JKpatch:

Twitter: @cloverleafswag3 psxhax: g991 golden <3

Merge with FTPS4 - Mistawes, xvortex, Xerpi

Thank you to flatz, idc, zecoxao, hitodama, osdev.org, and anyone else I forgot!

About

FTP server for PS4 with root access, UART, full debug settings - credits: WildCard, Specter, IDC, Shadow, Xerpi, xVortex, BISOON, xemio

Resources

Readme
Activity

Stars

21 stars

Watchers

6 watching

Forks

4 forks
Report repository

Releases 4

FTPS4-JKpatch - 4.55 Latest
Mar 31, 2018
+ 3 releases

Packages

No packages published

Languages

  • C 79.7%
  • JavaScript 9.8%
  • C# 8.3%
  • Makefile 0.7%
  • Assembly 0.7%
  • HTML 0.6%
  • Other 0.2%