Techno

PS4 Release DroidPPPwn is up to 1.4 With The Addition of Exploit Auto-Start

intuisi
DroidPPPwn

Techno, Intuisi Blog – Developer Deviato has released an updated version of DroidPPPwn an extension from the PPPwn PS4 exploit for Android phones. The tool is based heavily on its C++ port of PPPwn’s exploit (and consequently is fairly speedy to run).This program needs an phone that is rooted phone to be able to run the exploit. It also requires obviously the USB into Ethernet adapter (your phone’s usb port also requires to accommodate OTG).

Version 1.4 which was released on the same day, adds the ability to automatically run the exploit upon the time of start-up using a background.

What is PPPwn for the PS4?

PPPwn is a Jailbreak Chain that works on the PS4 developed from TheFloW. It is built on the quite old security flaw within one of the FreeBSD Network drivers (sppp). It appears that the vulnerability wasn’t addressed to the PS4 and was subsequently returned at some point. Information on how this vulnerability affects the PS4 specifically is available on hackerone.

PPPwn’s working all the way to Firmware 11.00 and the current implementations are being made available to Firmware versions 7.00 until 11.00 with. (People who are on 9.00 or lower can benefit from the earlier Jailbreak, pOOBs4).

As of the moment, PPPwn is a full Jailbreak option for PS4 11.00 and down as well as With the Custom Firmware GoldHEN which was recently ported users running Firmware 11.00 will now be able to reap all the benefits that come with a jailbroken PS4. For those running firmware 11.02 as well as 11.50.

PPPwn has experienced various enhancements since its initial release including an upgrade into C++ which has drastically improved the performance of the exploit and allowed it to use the exploit on many “attacking” devices, including Raspberry Pi as well as your TV , router as well as the small LuckFox Pico gadgets as well as a means to alter the PS4 to run the exploit during the beginning of.

PS4 PPPwn jailbreak using your Android Phone

PPPwn also has been swiftly transferred onto one of the biggest platforms available, Android. (when can we expect hack the PS4 with an cheese and ham sandwich, just as we could with the PS3 however? ).

However, this does come with some limitations or restrictions: you’ll need to have an unrooted phone for an Ethernet cable and your USB interface has to allow OTG (using USB as a host. If you already have the ability to connect external devices, such as a keyboards or mice to your phone using USB then you’re probably well-equipped).

DroidPPPwn: What’s new? 1.4

Version 1.4 was made available yesterday, with the changes listed below

  • The option was added to allow the device to launch the exploit upon startup in the background as a background process. You also have the option of deciding whether your device will be turned off after the attack has been successful. Note: You may have give permission to allow the application to run automatically according to the Android device’s system or operating system (e.g. for xiaomi go to Settings->Apps->Permissions->Autostart and check DroidPPPwn).
  • Clean up the code and addressed small bug

Many extra features have been added since the release of version 1.1. Specifically:

1.3.1

  • All stage2.bin files have been updated. stage2.bin files of the ps4-hen-vtx payload up to the latest version EchoStretch (PPPwn-1.0310).
  • Hen support has been included for 7.0x firmwares as well.

1.3

  • Updated the pppwn binary build to support Android architectures x86_64.
  • Support for PS4HEN has been added for PS4HEN for all remaining firmwares. The 7.0x versions have no payload support. However, they are only for the standard PoC.
  • Two options were added to the GUI for setting additional parameters, namely the -nw (don’t just wait for one PADI prior to starting) or -rs (use the CPU to determine sleep duration) to set PPPWN.
  • Corrected wrong build to work with x86 32 bit.
  • The installer is unification with one apk for the standard as well as 64-bit-only system.

1.2.3

  • Recompiled all binaries, updating them with the most recent version of pppwn_cpp. It lets you use PS4-slim that was previously inoperable.
  • The update also supports Linux payloads in the 11.00 firmware. This is done via the checkbox which allows users to toggle between goldhen stage2 standard as well as that of the LightningMods version. I prefer to use the default loader for payloads instead of incorporating the ps4-linux loader into stage2.bin and leave the option of 2gb, 3gb and 4gb options up to you. If you want to replace the payload with your own, with preferred hardcoded ps4-linux loader, overwrite the /data/data/it.deviato.droidpppwn/lib/linux.1100 file with your own stage2.

1.2.2

  • Updated stage2.bin files to the latest version. Now you can download GoldHen and also 9.60.
  • On the other systems, at present, these are the ones included stage2.bin with each firmware.
- From 7.00 to 8.52     ->  PoC by EchoStretch
- 9.00                  ->  GoldHen by Sistr0
- 9.03 / 9.04           ->  LightningMods + ps4-hen-vtx payload by Sistr0 (NEEDS TESTING)
- 9.50 / 9.51 / 9.60    ->  GoldHen by Sistr0 (maybe only 9.60 working?)
- 10.00 / 10.01         ->  GoldHen by Sistr0
- 10.50 / 10.70 / 10.71 ->  LightningMods + ps4-hen-vtx payload by Sistr0 (NEEDS TESTING)
- 11.00                 ->  GoldHen by Sistr0

 

  • In the normal way, you could place your personal stage1.bin and stage2.bin within the root directory on your external or internal storage (/storage/emulated/0 or whatever the symbolism /sdcard is referring to)

1.2.1

  • The method was changed to detect the device’s structure, which resulted in incorrect results on certain older devices
  • We have added a second binary to 32-bit armv7 and now have an Android 4.4 made with shared libc and another specifically for armv7lor armv8l on Android 5.0+. It also has static linked
  • Recompiled the binaries using actual static (there was a bug in the previous version)
  • Some minor enhancements

1.2

  • Support of Android x86 and fixed 32bit arm-v7a as well as 64bit armv8a build (no further bus_error)
  • Recompiled all binaries with android the NDK, instead of Termux (cleaner outcome)
  • The option was added to browse and choose the most appropriate network interface
  • Corrected the issue with the binaries not installing on devices running older Android versions.

Download and use DroidPPPwn

You can download the files from the github page at https://github.com/deviato/DroidPPPwn/releases

  • Download the most recent version from the repository, and then install it on your Android smartphone.
  • For your PS4 You must follow the directions in the manual PPPwn to set up the Ethernet connection.
  • Begin DroidPPPwn application and choose the PS4 firmware.
  • Click the the Start button within the app, and also press the X button on your controller once you’re at the test Internet Connection screen.
  • You must wait until the exploit has reached the stage4 level and the message will be printed onto your monitor
  • If the exploit does not work, click to start button once more to stop it. Repeat the process you did in step 1.
Post Views: 192
TAGGED: , ,
Leave a comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Exit mobile version