Renowned for his work in the PSVita scene, TheFlow has extended his contribution into the PS4 scene. Last night, he announced a new kernel exploit he found on the PS4 firmware 7.02. He further mentions that this vulnerability can be combined with a Webkit exploit for firmwares up to 6.72; hinting at the potential Jailbreak.

Here you are, https://t.co/cdVyvdqGZ6, PS4 kernel exploit for FW 7.02 and below. Vulnerability discovered on 2019-06-09.

This must be chained together with a WebKit exploit, for example https://t.co/1BYe1aFGCe for FW 6.50.

— Andy Nguyen (@theflow0) July 6, 2020

​

This exploit has, however, been patched in the PS4's 7.50 FW since TheFlow himself worked with Sony's HackerOne bounty program to expose this issue. For those looking for more technical details around the exploit, head to the HackerOne page right here to learn more.

SOURCE

 

[EaterComputer]

I'm glad the flow was paid ten grand for the exploit. He deserves it.

 

[linuxares]

Well he got paid so all well and good? I wish him all the best!

 

[eriol33]

Finally some people could play kingdom hearts 3, and Spider-Man

 

[MasterJ360]

Just dont jump the gun and update to 6.72 & 7.02 yet. Nothing usable is out

 

[Agusto101]

The ps4 scene is pretty much dead it is just so Slow maybe a 1 more year or 2 for full support on apps and games but for now it's better than nothing

 

[MasterJ360]

The ps4 scene is pretty much dead it is just so Slow maybe a 1 more year or 2 for full support on apps and games but for now it's better than nothing

You can thank the old devs for that its always an excuse to not release anything. If piracy was such a big deal then why do we have 5.05? All we hear is bounty every time something new is discovered. I wouldn't be surprised if they are getting paid to keep things in private. This was never the issue in the ps3 scene days.

 

[Croesus]

First of all, thanks to Andy Nguyen aka theflow0 for releasing kernel exploit.

I am really new in PS4 scene, and i want to ask a little thing. If kernel exploit is released, how long it takes to a release jailbreak utility?

 

[MasterJ360]

First of all, thanks to Andy Nyugen aka theflow0 for releasing kernel exploit.

I am really new in PS4 scene, and i want to ask a little thing. If kernel exploit is released, how long it takes to a release jailbreak utility?

Theres no estimated time. The ps4 hasn't had a K-exploit since 2 years ago. All we can do is wait and pray that Flow reconsiders leaving the scene.

 

[Croesus]

Theres no estimated time. The ps4 hasn't had a K-exploit since 2 years ago. All we can do is wait and pray that Flow reconsiders leaving the scene.

I hope he is not gonna leave, because he just saved whole vita scene.

Also thank you for your answer.^^

 

[Justinde75]

Welp I updated mine a while ago yikes

 

[antiNT]

Because the latest webkit exploit is FW 6.50 this means that we still can't exploit 7.02 consoles, right ?

 

[subcon959]

You can thank the old devs for that its always an excuse to not release anything. If piracy was such a big deal then why do we have 5.05? All we hear is bounty every time something new is discovered. I wouldn't be surprised if they are getting paid to keep things in private. This was never the issue in the ps3 scene days.

That's nonsense, are you telling me you would rather release something you worked hard on for free to a bunch of whiny leechers rather than get paid several thousand dollars to keep quiet for a year? The only thing that has changed is that Sony has realised that paying hackers is better than suing hackers.

 

[proffk]

In his livestream spectordev said finding a webkit for 7.02 now is going to be very hard because webkits have been xploited so much in the past decade. So 6.72 will be the target FW for a while.

Expect to see improvements in the PS2 emulation side theres ppl waiting to dump the newer PS2 emus. They are gonna open up more fixes & improved compatibility.

 

[MasterJ360]

That's nonsense, are you telling me you would rather release something you worked hard on for free to a bunch of whiny leechers rather than get paid several thousand dollars to keep quiet for a year? The only thing that has changed is that Sony has realised that paying hackers is better than suing hackers.

So its ok for devs to tease the community of their findings and put it in vault for profit? They have been telling everybody including you they didn't want to release it b/c of piracy or they didn't want to burn their exploit chain when in truth they were being paid to keep it under wraps. If they don't want whiny leechers then maybe they should tell them truth why its in private or just don't flex all over Twitter.... The PS scene was never about money hungry devs till the PS4 came. Now all of a sudden they getting salty b/c an outsider actually shared something.

 

[grey72]

That's nonsense, are you telling me you would rather release something you worked hard on for free to a bunch of whiny leechers rather than get paid several thousand dollars to keep quiet for a year? The only thing that has changed is that Sony has realised that paying hackers is better than suing hackers.

If you want to get paid for your hard work on exploits, you don't announce it to the scene, like most of the PS4 bounty exploits weren't.

 

[yusuo]

Hopefully. TLOU2 is said to be 7.5, so maybe there's a way to workaround that if ever

Ahhh yeah, just checked into that, it is which means ghost of tsushima will be the same as well. Either way with those being the last 2 exclusives left on the console that still opens up a massive library that us swashbucklers can take advantage of

 

[AlexMCS]

With the lack of emulators and/or interesting apps, PS4 KExploits are only useful for piracy, and I already got all the 4 exclusives I want from Sony.
Here's hoping for an actual EOL exploit, 10 years from now, so we can actually preserve the games.

 

[MasterJ360]

With the lack of emulators and/or interesting apps, PS4 KExploits are only useful for piracy, and I already got all the 4 exclusives I want from Sony.
Here's hoping for an actual EOL exploit, 10 years from now, so we can actually preserve the games.

I'm not gonna lie tho most of the time I just use 5.05 ps4 to watch the cracked CrunchyRoll app when im in bed. I use that app more than I play games lol such a weeb. I could get it on android, but the apkmod isn't permanent since it always updates.

 

[subcon959]

If you want to get paid for your hard work on exploits, you don't announce it to the scene, like most of the PS4 bounty exploits weren't.

I'd rather know that a vulnerability has been found and that it's just a matter of waiting for the non-disclosure period to end till it can be exploited.

The same thing happened with the Switch, although in that case it was leaked earlier than the suggested date of June 15th.

 

[nitrostemp]

god, im lucky im on 7.02