Yet another PlayStation 4 exploit has been found. While it may not be one that lets you run CFW, this bug has its own intriguing uses. Scene hacker Flat_z managed to come up with a code that exploits the PS4's Crypto Coprocessor interface. This can lead to being able to bruteforce certain specific keys from the console, such as the AES/HMAC PFS, portability keys, and VTRM, which can then be dumped. This exploit can be used on any PS4 on firmwares below 7.55, as that's when Sony apparently patched the issue. While this doesn't have much use for the end-user right now, we'll be able to see what developers can do with them and if they can further the PlayStation 4 hacking scene.

so, PS4 Crypto Coprocessor (CCP) interface in secure kernel had a bug that allowed us to dump (or better saying, bruteforce) key slots from SAMU,
that's how AES/HMAC keys from PFS, portability keys, VTRM keys, etc could be retrieved on unpatched firmware:https://t.co/6V1BFnKxuM

— Aleksei Kulaev (@flat_z) December 18, 2021

​

Source

 

[cearp]

I just want to be able to launch my already installed retail games without inserting a disc or dumping and installing them again.

does the regular piracy payloads not allow you to do that?

 

[kid sampson]

does the regular piracy payloads not allow you to do that?

My understanding is that you need to re-rip the games, convert them to a fake package, then reinstall each game, which would take a lot of time (and disc space) for something already on the hdd/console.

 

[Aheago]

My understanding is that you need to re-rip the games, convert them to a fake package, then reinstall each game, which would take a lot of time (and disc space) for something already on the hdd/console.

It’s still not the most ideal but external hard drives are cheapish nowadays. Couldn’t the fake packages just be installed to one of those ?

 

[godreborn]

My understanding is that you need to re-rip the games, convert them to a fake package, then reinstall each game, which would take a lot of time (and disc space) for something already on the hdd/console.

The system won't allow two of the same game, so you won't lose space.

 

[raxadian]

I really want to get a PS4 now.

 

[Marc_LFD]

I had left my HEN PS4 in rest mode a few hours ago, booted up now and had to reactivate the USB. Slight annoyance, but whatever.

Installing now all PS4 packages.

Tomorrow, I'll convert PS2 games to PS4. I can't wait to play Dead or Alive 2 on PS4, I love that game so much.

 

[x65943]

I am gonna end up being very disappointed I updated from 6.72 to 9.0 I can tell ;A;

 

[godreborn]

I've known about this for several months but I kept it quiet. I didn't know it had been patched though.

 

[anhminh]

Oh, I thought from the title that that they somehow found an exploit to mine crypto with PS4

 

[LeeNose]

Nice to see this kind of development in the PS4 scene, even if it is only for 7.55 atm. It would be nice to see the PS4 scene start breaking more ground, given how slow things have been.

Isn't it *below* 7.55?

 

[HarveyHouston]

Rock Band 4 customs for PS4 are coming... SOON...

 

[FurryVile]

Yeah, it’s called via a PS5.

there is a linux-exclusive emulator called spine that uses KVM and it can actually run games! just not well

 

[noobita029]

There's a big possibility that some or most of those keys we can dump are also used by ps5 due to backwards compatibility

 

[Imancol]

The question is because Sony gives the user access to configure a Proxy, knowing that it is an entrance to the exploits. They could have removed that and haven't, or asked for an update to access those options.

 

[MasterJ360]

Nice to see this kind of development in the PS4 scene, even if it is only for 7.55 atm. It would be nice to see the PS4 scene start breaking more ground, given how slow things have been.

The scene is doing much better compared to the 2yr gap of just having 5.05. During those time the devs only cared about showing off their findings on Twitter. Nothing was published or shared for testing unless it was a lesser webkit

 

[Tomtani1]

I really want to get a PS4 now.

Do it. I just bought a ps4 pro.

 

[urherenow]

If you find a PS4 Slim/Pro with 9.00 it's well worth buying. If interested, better hurry it up before Sony releases yet another "stability" firmware.

What do you mean "if"? 9.03 was only released December 1st, so there's no way you could actually find one on the shelf that's already above 9.0.

I had left my HEN PS4 in rest mode a few hours ago, booted up now and had to reactivate the USB. Slight annoyance, but whatever.

Installing now all PS4 packages.

Tomorrow, I'll convert PS2 games to PS4. I can't wait to play Dead or Alive 2 on PS4, I love that game so much.

There is a setting to keep it active in rest mode. Just search for 9.0 exploit videos on YouTube, and one of those vids explains it. I just *finally* got a PS5 a few days ago, so I haven't actually touched my PS4 in years (it's still on 5.05). Now I'm glad I didn't jump on 9.0 yesterday... I wanna dump keys first.

Anxiously waiting for news of a useable payload to do this. Then, I'll be happy to install 9.0.

 

[Marc_LFD]

What do you mean "if"? 9.03 was only released December 1st, so there's no way you could actually find one on the shelf that's already above 9.0.

People are too quick to update it as if there's anything special about a new FW.

I've bought Launch PS3s (2x) and they all had 4.88 when I was hoping/expecting something more like 3.50.

Didn't make that mistake while buying a PS4 Pro, I asked the seller and told her to check the FW (it's 8.53) and disconnect it from the internet otherwise the deal would be off. I wouldn't want a 9.0.3 console for myself.

 

[urherenow]

For now, you don't need to buy from a person. You can get a brand new one off the shelf, or go to any store that sells used. You will not find one above 9.0.

 

[Marc_LFD]

Buying a brand new one isn't worth it, imo. That's like what Xbox Series S goes for.