Releases: Al-Azif/ps4-exploit-host
v0.5.0
v0.4.6RC2
v0.4.6a1
-
Various minor bugfixes
-
Various caching fixes and optimizations
- Theme cached by default
- Loading bar and notifications for caching
- Exploits cached on demand (By individual firmware or all)
- Caching buttons will not show up offline
- Fixed payload listening exploits while cached
- Preview for "Sticky Caching"
-
Default theme QoL improvements
- Fixed grey artifacts on buttons
- "O" will now go back
- If only one firmware is available it will autoselect
-
Added option gzip compression (Enable it in setting)
-
Settings (Your old settings will not work)
- More/better warning/import rules
- Reorganized
- UA_Check disabled by default
- Added DNS settings (Changing the port will not just work, if you change it you're on your own)
- Add default timeout for payload sender
- Add gzip compression level (Valid values are 0 through 9, from least to most compression, 0 is disabled)
-
You can now specify a payload to send from the exploit itself
Copy the "Original" exploit, in "index.html" change
ping("/success");
toping("/success/9020/15/test.bin);
to send "test.bin" (from the payloads folder) to port 9020 after successful exploitation with a 15 second timeout -
UA blocker now uses regex
-
Updated Readme and FAQ
-
App2USB rebuilt for release
v0.4.5
v0.4.4
v0.4.3
- 5.05/5.07 enabled by default
- 5.05 payloads/exploits included
- Fixed network test
- Fixed updater
- RPi issue fixed by @Vadammt
- Removed 4.05 spoofed UA in
settings.json
and default theme'sscript.js
(Even less reason to be on 4.05 now) - Block all Nintendo subdomains
- ARM Build/RPi Scripts coming by this weekend
v0.4.2
UPDATED FOR 5.05
Last change at 4:30am UTC on May 28th
Changelog
- Javascript/OSX Error fix by @alu0100845235
- Switched
#!/usr/bin/python3
back to#!/usr/bin/env python3
by @artik - auto_exploit fix by @MoserB
- Added HTTP_Port and Root_Check setting by @arioko
- Added version in menu header by @arioko
- Renamed
Interface
setting toInterface_IP
requested by @JanJastrow - Added
--settings
arg to specifysettings.json
file location requested by xeroxmalf#7646 - Updated README.md
- Added FAQ.md
- Add Host_Version into
data
javascript object to use in themes - Add Lang_Code into
data
javascript object, if available, to use in themes - Attempt to detect spoofer with default theme (New included HEN uses 5.51 spoofer... since 5.51 doesn't exist, yet, it's mapped to 4.55, likewise 5.05 is mapped to 4.05 as the full UA for 5.05 is blocked by default so if 5.05 is able to access the page it's actually 4.05, be aware 4.05 support is dropped)
- Fixed issue with menu not reopening after selecting "Don't send a payload"
- Renamed
DNS_Rules['Pass_Through']
setting toDNS_Rules['Pass_Through_IP']
- Renamed
DNS_Rules['Self']
setting toDNS_Rules['Redirect']
- Added
DNS_Rules['Redirect_IP']
to settings - Removed warning on empty setting, the default, for
Interface_IP
- Remove unused patch payload function
- Updated/Added payloads
- Removed majority of 4.05 payloads from release
- Add alias for URL
http://the.gate
while using DNS (Project likely being renamed due to the next bullets in this list and the announcement) - Nintendo Switch (3.0.0) support (Mostly Untested)
- Block Updates with DNS
- Redirect connection test
- No exploit included (nx-hbexploit in next release)
- PlayStation Vita (3.60) Support (Mostly Untested)
- Blocks updates with DNS
- Redirect User's Manual
- Updater support
- No exploit included (Henkaku in next release)
- More console support pending
- Removed some update settings... I'll build a standalone update deleter or something
- THE UPDATER NO LONGER CHECKS MD5 CHECKSUMS
Announcement
This project has been a little neglected since the 0.4.1 release almost a month ago as I've been working on another project since that release. I've haven't been hiding and posted a bit on Discord so this won't come as a surprise to some. It's a "modchip" for webkit exploits, mirroring the existing ESP8266 methods, just with more features/polish. The device can either create a network to connect to (No internet access), connect to an existing network (Works just like this host), or create a bridge (Enabling internet access though the device). It's a custom PCB that's about 25mm*18mm*4mm (Currently) so it should fit inside most consoles. The front end looks like my regular exploit host and you can view a demo (out of date) of the control panel here.
Features
- Control the device from your phone/computer over Bluetooth/Wifi
- Open API for developers to interact/control the device
- Press physical buttons on the console
- View/Download UART data
- Add, download, or delete exploits with one button click
- Custom filetype (Compresses exploits into a single file to install/share)
- Supports both Bin and JS payloads
- Includes application to compress/extract these files
- This is to save space and add to ease of use
- Web based firmware updates for this device (Need no physical access to device to update it)
- Basic usage without soldering (No buttons or UART)
- A secret feature that'll be revealed after it's working 100%
- If you do some snooping on the PCB you might be able to guess it
Hardware Info
- USB-C port (Custom pinout for internal installation, but can just run off USB power)
- SD card for exploit storage (GBs vs 3MB)
- User Expandable
- Custom Case for external use (Extender to turn a female USB-C to a male USB-A)
Testing process
- Software testing with ESP(8266/32) dev boards.
- Finish prototype PCB boards.
- Send out prototype boards. Will be a small batch, about 10 boards.
- "Finish" software, get feedback, make revisions to PCB as necessary.
- First batch of v1.0 boards. (Current bill of materials puts PCB cost @ $10 depending on interest, larger order sizes will make the board cheaper)
Beta Tester Info
It's currently in a working state, just using the API, with majority of the features are done (Currently the bluetooth controller & the admin panel HTML+JS are not 100%) and I'll be looking for testers (Bring your own board) within the next two week or so. Contact me on Twitter or Discord if your interested in testing.
To be a part of the first testing process you just need familiarity with the exploit process and familiarity with your ESP board (Be able to use the serial logger and flash the firmware).
To get one of the prototype boards soldering ability is a must. There are ~6 wires to solder, 2 of which being on the PS4 motherboard. I'll eat the cost for the prototypes.
If there is demand for prototypes, I may make a bigger order and will send them out at cost or make a bigger PCB order and send out PCBs with the bill of materials.
When all is said and done I plan to open source all the code/PCB info so others can help further development/produce boards for others. I want to have it at a 1.0 state before releasing before having others make incompatible software/PCBs.
v0.4.1
Some pretty big changes in this version, so I do expect some bugs, be sure to report them.
- Added qwertyuiop's webkit rewrite to all 4.55 exploits
- Updated all paylaods
- Added web dumper back... still doesn't really work but it's built from source
- New rule, I have to be able to see the source to include it a payload in a release
- Try to fix issues users were having when extracting release on top of an old release. Don't do this.
- Removed all args, replaced with
settings.json
- You can now delete updates, on any firmware version, by setting
max_update
in settings to be below your current firmware version (Must be higher thanno_update
). Make sure you do this before updating with the updater if you already have a official firmware update downloaded. - Added DNS pass through for devices you do not want DNS redirection on
- Added option to disable UA checks
- You can now delete updates, on any firmware version, by setting
- Added pingback to exploits that expect payloads (New payload menu trigger)
- There are also no longer print statements while the menu is open
- Added version check to warn users of an update for ps4-exploit-host
- Default theme now grays out firmwares that do not match UA (Can still be clicked)
- Added magenta theme by @mickyyman
All 4.05 exploits/payloads, besides "Update Enabler", will be removed in the next release.
v0.4.0.1
See #42 if you are considering using the updater
- Bug fix by @wolfmankurd
- Updated read me... please actually read it before posting issues/contacting me
- Exploits & payloads updated
For those having trouble with the web FTP download the FTP_Fix.zip and place the files in the exploits/4.55/FTP/
directory. If you downloaded after this was posted the fix is already applied.
Do not download Source code (zip)
or Source code (tar.gz)
they are auto generated by GitHub and are missing dependencies.
v0.4.0RC1
See #42 if you are considering using the updater
- Removed remaining 4.05 refs for 4.55 updater
- Add support for 1.76, 4.05, 4.55, and 5.01-5.05 (Only webkit for 5.0X)
- This is actually just multiple firmware support and more included exploits packages
- Added web "Holy Grail"
This is still in testing and is a pre-release.