Tutorial  Updated

PS4 Exploit Guide

WORK IN PROGRESS CHANGES BEING MADE: USE "DEPRECIATED" SECTION AT BOTTOM FOR OLD GUIDES!

With this guide you will be running exploits in just a couple of steps. It is important that you read and understand a few key points before you update or jailbreak in order to best decide which steps you will follow. Please take a few minutes to read through the Exploit Stability, Quick Info, and Important Notes sections at the very least before proceeding to the jailbreaking section.

EXPLOIT STABILITY:

9.00 (Stable Webkit/Kernel) pOOBs4
8.XX (Stable Webkit/Kernel) pOOBs4

7.5X (Unstable Web/Semi Stable Kernel)
7.02 (Unstable Webkit/Semi Stable Kernel)

6.72 (Semi Stable Webkit/Kernel)
5.05 (Stable Webkit/Kernel)

Mast1c0re: working on 10.70 (strictly PS2 homebrew only)

BD-JB 9.04 (Stable Userland)


QUICK INFO:

RESTORE FPKG IN DB: WORKS (UP TO 9.00 - USE APOLLO)
LATEST HEN (5.05-9.00): GOLDHEN 2.4b13
BEST HEN FOR EMU FPKGS: GOLDHEN 2.1.2
REST MODE: WORKS (GOLDHEN)
LINUX OS: WORKS
EXTENDED STORAGE: WORKS
EXPLOIT CACHING: WORKS
PSVR SPOOF: WORKS (GOLDHEN)
CONSOLE REGION: REGION FREE
REMOTE PLAY: WORKS (REN)
XLINK KAI/XBSLINK: WORKS
NOBD UPDATE: WORKS (4.74-9.00)
CEX2SEMIDEX: PARTIALLY WORKING
FW REVERT: REQ YOUR OWN SFLASH0 BACK UP (OR SYSCON POINTER MODIFIED TO PARTITION WHERE PREVIOUS OFW INSTALLED)
PS NETWORK ACCESS: NEVER
DOWNGRADE: NOT YET
>9.00 GAME/UPDATE: ONLY IF DECRYPTED BY PRIVATE EXPLOIT
LATEST OFW: 11.50 (13/03/24)
(NOTE: 8.50+ FORMATTED EXTENDED STORAGE HDD’S WON'T WORK ON <8.50 CONSOLES WITHOUT GOLDHEN)

LATEST OFW BETA: 11.50 B3 (21/02/24)
HIGHEST PUBLIC WEBKIT: 9.00 (13/12/21)
BD-JB:
9.04 USERLAND (10/06/22)
BO3 LAN: http://174.101.97.40/ SOURCE: HERE


RECOMMENDED HOSTS:

AL-AZIF WEB HOST:
DNS 1:
165.227.83.145
DNS 2: 192.241.221.79

https://cthugha.thegate.network/
https://ithaqua.thegate.network/

(USE WITHPAYLOAD GUEST)

NOMADIC20000 HOST:
DNS 1: 62.210.38.117

(Leave DNS 2 blank)

X-PROJECT (5.05): HERE
PS-PHWOAR (5.05): HERE
PS-PHIVE (6.72): HERE
EXPLOIT MENU (5.05/6.72/9.00): HERE



IMPORTANT NOTES:
  • *.PUP SOFTWARE "DOWNGRADERS" ARE FAKE!
  • DO NOT ASK FOR PIRACY OR SDK LINKS: IT IS AGAINST FORUM RULES!
  • ONLY GAMES THAT HAVE BEEN DUMPED & DECRYPTED CAN BE PLAYED
  • PKG's (FROM SONY'S SERVERS OR ANYWHERE ELSE) ARE NOT PLAYABLE WITHOUT THE LEGIT RIF
  • UPDATE PKG's FROM SONY SERVER CAN BE INSTALLED, BUT TO THE A LEGIT GAME (DISC/DIGITAL)
  • SAVES BACKED UP (FTP OR DB/SG PAYLOAD) CAN ONLY BE RESTORED TO THE SAME USER/CONSOLE(TRY APOLLO INSTEAD)
  • IF THE BD IS BROKEN & YOU CAN NOT UPDATE YOU WILL SEE "E-801809A8" ERROR. (5.00 WILL BRICK IF TRYING TO UPDATE!! 4.74-7.5X CONSOLES SHOULD USE https://orbis.repair/)
  • PUP UPDATE/RECOVERY FILES MUST BE PLACED IN USB:/PS4/UPDATE/PS4UPDATE.PUP
  • 5.07 AND NOBD USERS: KEEP A CLONE OF YOUR PS4 HDD TO AVOID BRICKING!
  • DO NOT USE ONLINE DNS IF YOU HAVE LEGIT PSN CONTENT ON YOUR CONSOLE: IT WON'T BLOCK SONY 100% & CAN DEACTIVATE IT



BEGIN HERE:

YOU WILL NEED:
  • A PS4 running <=9.00 FW
  • A USB (2.0 or 3.0) HDD formatted as exFAT 64GB or bigger is recommended for the biggest games, but at minimum, you can use a 2GB stick just for 5.05/6.72/7.02/7.55 update/recovery update)
  • An internet connection or a PC/Mobile Phone/Raspberry Pi on the same network as your PS4


NOTES:
  • If you have a PS4 console running 5.01 or lower, follow the below section to upgrade to 5.05 via USB. If you have a PS4 above 5.50FW you should aim to update to the next closest firmware that supports jailbreaking: 6.72/7.02/7.55, or lastly 9.00. The lower the better!
  • If whilst on 5.05 or below you have ever run Update Blocker payload: you must use Update Unblocker first or FTP into your PS4 (port 1337) and delete the PS4UPDATE.PUP.temp.net and the PS4UPDATE.PUP folders in the /update folder.
  • If you are on 1.00-8.52 and have a pending update, then update via SAFE MODE
    To enter SAFE MODE, shut down your PS4, hold power to turn it back on and keep holding until you hear the second beep. Now update via option [3 Update System Software]
  • If you are on 5.05/6.72/7.02/7.55/9.00 and have a pending update try this: FTP in and delete the PS4UPDATE.PUP file in the /update folder, run update blocker, change your DNS to the ones at the top of this guide, reboot. If this doesn't work a full factory format will be required to remove the pending update nag.


Safely Update PS4 to 5.05/6.72/7.02/7.55/9.00 via USB:

On PC: Format your stick to EXFAT using any suitable formatting tool.
(or on PS4: [Settings] > [Devices] > [USB Storage Devices] > [YOUR DEVICE] > [Options] > [Format as exFAT]).
Make a folder on the root of your USB stick called [PS4], inside that a folder called [UPDATE], and put the [PS4UPDATE.PUP] for your chosen firmware in there (PUP's are found below).
MD5 CHECK ANY PUP FILES BEFORE INSTALLATION! - HERE
Remove the USB from your computer and plug in to the PS4
On PS4: Remove any discs, go to [Settings] > [System Software Update] and update via USB.

CHOOSE YOUR JAILBREAK:

5.056.727.027.559.00


  1. You will need:

    5.05 PUP: HERE (MD5: f86d4f9d2c049547bd61f942151ffb55)

    Netcat GUI 1.2: HERE
    (Unzipped *.EXE MD5: 5212C2A6844D26D4DB8660D04A9DC1EC)

    GoldHen Latest: HERE
    (2.2 5.05 MD5: B6BB9C43B48C376430148C7BADE9A957)

    Recommended Tutorial (BASIC ONLINE METHOD):

    Go to [Settings] > [Network] > [Set up Internet Connection] > [LAN / WIFI] (your choice) > [CUSTOM]
    Set IP as AUTOMATIC, and set DHCP as DO NOT SPECIFY.
    Set one DNS to: 165.227.83.145, set the other to: 192.241.221.79 (This prevents system updates).
    Back out of network test with CIRCLE.
    Go to [Settings] > [Network] > [View Connection Status] to get your IP address ready for further on.
    Open the browser or user guide and you should see AlAzif's exploit host.
    Run BIN LOADER for 5.05 > send the latest GOLDHEN *.BIN to your PS4's IP address and port 9020 using Netcat GUI.

    NOTE: ALT HOSTS/METHODS COMING SOON!


  2. You will need:

    6.72 PUP: HERE (MD5: f3a31f64d894dc06040498cd7383bec2)

    Netcat GUI 1.2: HERE
    (Unzipped *.EXE MD5: 5212C2A6844D26D4DB8660D04A9DC1EC)

    GoldHen Latest: HERE
    (2.2 6.72 MD5: 348921459661612D2FB66B92FE7184E0)

    Recommended Tutorial (BASIC ONLINE METHOD):

    Go to [Settings] > [Network] > [Set up Internet Connection] > [LAN / WIFI] (your choice) > [CUSTOM]
    Set IP as AUTOMATIC, and set DHCP as DO NOT SPECIFY.
    Set one DNS to: 165.227.83.145, set the other to: 192.241.221.79 (This prevents system updates).
    Back out of network test with CIRCLE.
    Go to [Settings] > [Network] > [View Connection Status] to get your IP address ready for further on.
    Open the browser or user guide and you should see AlAzif's exploit host.
    Run BIN LOADER for 6.72 > send the latest GOLDHEN *.BIN to your PS4's IP address and port 9020 using Netcat GUI.

    NOTE: ALT HOSTS/METHODS COMING SOON!


  3. You will need:

    7.02 PUP: HERE (MD5: 352103a9c78fef4dd4ffd2d317544cec)

    Netcat GUI 1.2: HERE
    (Unzipped *.EXE MD5: 5212C2A6844D26D4DB8660D04A9DC1EC)

    GoldHen Latest: HERE
    (2.2 7.02 MD5: 904756341FC7EA792A0053456704D57A)

    Recommended Tutorial (BASIC ONLINE METHOD):

    Go to [Settings] > [Network] > [Set up Internet Connection] > [LAN / WIFI] (your choice) > [CUSTOM]
    Set IP as AUTOMATIC, and set DHCP as DO NOT SPECIFY.
    Set one DNS to: 165.227.83.145, set the other to: 192.241.221.79 (This prevents system updates).
    Back out of network test with CIRCLE.
    Go to [Settings] > [Network] > [View Connection Status] to get your IP address ready for further on.
    Open the browser or user guide and you should see AlAzif's exploit host.
    Run BIN LOADER for 7.02 > send the latest GOLDHEN *.BIN to your PS4's IP address and port 9020 using Netcat GUI.

    NOTE: ALT HOSTS/METHODS COMING SOON!


  4. You will need:

    7.55 PUP: HERE (MD5: f70be91d56123074e7be3ca0748d1300)

    Netcat GUI 1.2: HERE
    (Unzipped *.EXE MD5: 5212C2A6844D26D4DB8660D04A9DC1EC)

    GoldHen Latest: HERE
    (2.2 7.55 MD5: 1072B2CE6483D261419B14E9869F5212)

    Recommended Tutorial (BASIC ONLINE METHOD):

    Go to [Settings] > [Network] > [Set up Internet Connection] > [LAN / WIFI] (your choice) > [CUSTOM]
    Set IP as AUTOMATIC, and set DHCP as DO NOT SPECIFY.
    Set one DNS to: 165.227.83.145, set the other to: 192.241.221.79 (This prevents system updates).
    Back out of network test with CIRCLE.
    Go to [Settings] > [Network] > [View Connection Status] to get your IP address ready for further on.
    Open the browser or user guide and you should see AlAzif's exploit host.
    Run BIN LOADER for 7.55 > send the latest GOLDHEN *.BIN to your PS4's IP address and port 9020 using Netcat GUI.

    NOTE: ALT HOSTS/METHODS COMING SOON!


  5. You will need:

    9.00 PUP: HERE (MD5: e923e6d210399f236177e332843e2754)

    Netcat GUI 1.2: HERE
    (Unzipped *.EXE MD5: 5212C2A6844D26D4DB8660D04A9DC1EC)

    GoldHen Latest: HERE
    (2.2 9.00 MD5: 646166FD2E871224C91378030A429EE6)

    Exfathax.img or Exfathax_pico.img: HERE
    (Exfathax MD5:75FC0FDA0EB02F887C4391E45CC845DF / Pico MD5: 7998B5C4042B355E6FE47F2B1662BCF1)
    (Note: Either is fine to use, Exfathax_pico.img is simply smaller in size)

    Etcher: HERE

    Recommended Tutorial (BASIC ONLINE METHOD):

    You will need a dedicated USB stick with the EXFATHAX *.IMGimaged onto it in order to exploit 9.00 firmware:
    THIS CANNOT BE AVOIDED, IT IS REQUIRED FOR THE EXPLOIT!
    (Minimum 8MB USB stick is recommended, USB 2.0 is preferred over USB 3.0)

    On PC:
    Open Etcher, select the Exfathax or Exfathax_pico *.IMG file, plug in your USB stick, click flash, wait until done and eject USB.
    (This USB cannot be used for anything else now unless formatted back to blank)

    On PS4:
    Go to [Settings] > [Network] > [Set up Internet Connection] > [LAN / WIFI] (your choice) > [CUSTOM]
    Set IP as AUTOMATIC, and set DHCP as DO NOT SPECIFY.
    Set one DNS to: 165.227.83.145, set the other to: 192.241.221.79 (This prevents system updates).
    Back out of network test with CIRCLE.
    Go to [Settings] > [Network] > [View Connection Status] to get your IP address ready for further on.
    NOTE: From here you can use any exploit host that supports 9.00 firmware exploiting.
    Open the browser or user guide and by default you should see AlAzif's exploit host.
    Run 9.00 exploit, insert Exfathax USB only when prompted, click OK, finally remove Exfathax USB only when prompted.

    If using other hosts (LEEFUL/PRB/KARO etc) you may have already auto loaded GoldHen, if not: using Alazif's DNS,
    Run BIN LOADER for 9.00 > send the latest GOLDHEN *.BIN to your PS4's IP address and port 9020 using Netcat GUI.
    NOTE: ALT HOSTS/METHODS COMING SOON!


Recommended Host Menu:

You can also use @Leeful & @Prb 's Exploit Menu Essentials for 5.05/6.72/9.00:

Host + Trainer: http://prb123.ir/index.html
Trainer only: http://prb123.ir/leefultrainer/index.html
Thread: HERE


Or @Leeful ’s PS-Phive for 9.00: https://leeful.github.io/ps-phive/v1/index.html

Thread: HERE

(Remember: 9.00 will always require a USB dongle, this cannot be bypassed!)

Congratulations, you have just learned how to run kernel exploits and HEN on your 5.05-9.00 console!

Note: remember to enable rest mode application suspending to allow HEN to remain through rest mode.
([Settings] > [Power Saving] > [Set Features] > [Keep Applications Suspended])



This will hold current payload information for safety:

PayloadFirmwareMD5Description
App2USB3.50-9.00549A2BE7FC7FBCC1E14AFEF062DC4DB7Move shit
App Dumper3.50-9.00EBED2F459A1A840AD218B01EB2BADE1BDump shit
Back up3.50-9.00F8ADC869A100189267CD54586895901FBack up shit
Disable ASLR3.50-9.00F0353086EB4A944662C314932B348AD8Disable shit
Disable Updates3.50-9.00DFAC9CBC9F1F3278B2FFB2ED0D6968C2Disable shit
Enable Browser3.50-9.00B9C04AADA04829BDC01F591F2BDFEC44Enable shit
Enable Updates3.50-9.004529482169283CFD032C53FFCE90A20BEnable shit
Exit IDU3.50-9.002CAFA6F5BEEDCB0A07642F6FE1A082B3Exit shit
Fan Threshold3.50-9.00265C4E44B983F2FA8000F08929863E45Fan shit
FTP3.50-9.00E9F3F16CF7ED13478A3B732B8197AECBFTP shit
History Blocker3.50-9.00D7BFB64E665FE50F879983F996322EB3Block shit
Kernel Dumper3.50-9.00A2F5CF292DD335D328D8AA5EED027FE9Dump shit
Mira Loader9.00DE63CC60E7B1BC9CF0AE140B3731BD20Load shit
Mira Loader Elf9.00EB1069434D61A71ADB6A02ED7D29631BElf shit
Module Dumper3.50-9.000525A7A8BA80972A14BE7FBBBC7DEB97Dump shit
Perma UART3.50-9.00586764ABE951D39D743655798401857AUART shit
Restore3.50-9.00CC5B37A107E56FF1B532EE0CE3DE8423Restore shit
Rif Renamer3.50-9.00C57645F7A90B1EA27C1D91FF92F55D83Rename shit
Todex3.50-9.007198DFACE6CD5509BEAA61F1A5BE795CTodex shit
https://github.com/Scene-Collective/ps4-payload-repo
3.50-9.00: https://anonfiles.com/78k6Ee0cva

This will hold current homebrew info:

HomebrewFirmwareAuthorLink
Apollo Save Tool5.05-9.00Bucanerohttps://github.com/bucanero/apollo-ps4
PS4 Cheater5.05-9.00ctn123https://github.com/ctn123/PS4_Cheater



5.05 PUP: HERE (MD5: f86d4f9d2c049547bd61f942151ffb55)
6.72 PUP: HERE (MD5: f3a31f64d894dc06040498cd7383bec2)
7.02 PUP: HERE (MD5: 352103a9c78fef4dd4ffd2d317544cec)
7.55 PUP: HERE (MD5: f70be91d56123074e7be3ca0748d1300)
9.00 PUP: HERE (MD5: e923e6d210399f236177e332843e2754)
Make sure which even you will be using is named: "PS4UPDATE.PUP"
Latest version of my 5.05 SELF HOST EXPLOIT PACK: HERE
or Latest version of Al-Azif's PS4-exploit-host-win-X.X.X.zip: HERE (FAQ HERE) ~ OR USE AL AZIF DNS = WORKS ON 5.05 as does http://crack.bargains/505k/

On PC: Format your stick to exFat through windows 7/8/10 built in formatting tool
(or on PS4: [Settings] > [Devices] > [USB Storage Devices] > [YOUR DEVICE] > [Options] > [Format as exFAT]).
Now make a folder on your USB stick called [PS4], inside that a folder called [UPDATE], and put the [PS4UPDATE.PUP] in there.
MD5 CHECK ANY PUP FILES BEFORE INSTALLATION! - HERE
Now remove the USB from the PC and plug in to the PS4
On PS4: go to [Settings] > [System Software Update] and update via USB.

On PC extract the files from the zip archive you got from Al-Azif's github to your desktop and run (as ADMINISTRATOR) the ps4-exploit-host.exe within, taking note of the DNS IP it gives you. You can put any additional payload BIN files in the [PS4-Exploit-Host] > [Payloads] folder.

First go to [Settings] > [Network] > [Set up Internet Connection] > [LAN / WIFI] (your choice) > [CUSTOM]
Set IP as AUTOMATIC.
Set DHCP as DO NOT SPECIFY.
DNS PRIMARY: 165.227.83.145 / DNS SECONDARY: 192.241.221.79
(Primary/secondary order does not matter)
Do not use Proxy Server.
When "Test Internet Connection" appears hit Circle to back out.
Go [Settings] > [Network] > [View Connection Status] to get your IP address ready for FTP or other payloads.

Now open your browser or user guide and you should see the exploit host.

(This method is RISKY if the DNS is down for any reason)

Grab THIS PACK, extract and place on root of SD card: https://gbatemp.net/threads/aio-ps4-exploit-guide.497858/#post-7858030
Connect PS4 to the card (Password is "88888888")
Open PS4 web browser, and navigate to "ezshare.card/index.html"
You can now bookmark this for ease of access.

Grab THIS PACK, extract and place on root of USB stick: https://gbatemp.net/threads/aio-ps4-exploit-guide.497858/#post-7858030
Connect PS4 to the USB stick access point.
Open PS4 web browser, and navigate to "172.25.63.1"
Select the "index.html" file to load the host.
You can now bookmark this for ease of access.
(Thanks to @mech for the explanation)

HFS Host With Instructions
Grab THIS PACK, extract and place on root of USB stick: https://gbatemp.net/threads/aio-ps4-exploit-guide.497858/#post-7858030
Alternatively you can use: Apache, Nginx, Lighthttpd, Python SimpleHTTPServer package, or anything that can open a TCP socket and is listening on port 80.

Official X-Project Android host - by Stooged:
https://github.com/stooged/xPloitServer/releases

PS4 Serve3 LATEST (Stooged)
PS4 Tool 1.20 - Reazer
  • Create hot spot on your android phone.
  • Connect PS4 to hot spot.
  • Open web browser to the IP given in the host app.

On PS4 disable automatic updates and rest mode features:
First go to [Settings] > [System] > [Automatic Downloads] > Uncheck the boxes next to every option.
Then go to [Settings] > [Power Saving Settings] > [Set Features Available in Rest Mode] > Uncheck [Stay connected to the Internet].
Now go to [Settings] > [Network] > [Set up Internet Connection] > [LAN / WIFI] (your choice) > [CUSTOM] (must be on same network as your PC)
Set IP as AUTOMATIC.
Set DHCP as DO NOT SPECIFY.
Set Primary DNS and Secondary DNSs as the ones specified by Al-Azif at the top of this guide.

Do not use Proxy Server.
When "Test Internet Connection" appears hit Circle to back out.
Go [Settings] > [Network] > [View Connection Status] to get your IP address.

post.net.playstation.net;*get.net.playstation.net;*fus01.ps4.update.playstation.net;*feu01.ps4.update.playstation.net;*deu01.ps4.update.playstation.net;*ps4updptl.eu.np.community.playstation.net;*tmdb.np.dl.playstation.net;*themis.dl.playstation.net;*sf.api.np.km.playstation.net;*asm.np.community.playstation.net;*artcdnsecure.ribob01.net;*api-p014.ribob01.net;*apicdn-p014.ribob01.net;*t-prof.np.community.playstation.net;*ps4updptl.eu.np.community.playstation.net;*ps4.updptl.sp-int.community.playstation.net;*ps4updptl.jp.sp-int.community.playstation.net;*ps4-eb.ww.np.dl.playstation.net;*dus01.ps4.update.playstation.net;*ps4.updptl.np.community.playstation.net;*ps4updptl.jp.np.community.playstation.net;*http://djp01.ps4.update.playstation.net;*fjp01.ps4.update.playstation.net


ALT SET: (thanks @MostlyUnharmful)

fuk01.ps4.update.playstation.net
fjp01.ps4.update.playstation.net
fus01.ps4.update.playstation.net
feu01.ps4.update.playstation.net
fkr01.ps4.update.playstation.net
fuk01.ps4.update.playstation.net
fmx01.ps4.update.playstation.net
fau01.ps4.update.playstation.net
fsa01.ps4.update.playstation.net
ftw01.ps4.update.playstation.net
fru01.ps4.update.playstation.net
fcn01.ps4.update.playstation.net
huk01.ps4.update.playstation.net
hjp01.ps4.update.playstation.net
hus01.ps4.update.playstation.net
heu01.ps4.update.playstation.net
hkr01.ps4.update.playstation.net
huk01.ps4.update.playstation.net
hmx01.ps4.update.playstation.net
hau01.ps4.update.playstation.net
hsa01.ps4.update.playstation.net
htw01.ps4.update.playstation.net
hru01.ps4.update.playstation.net
hcn01.ps4.update.playstation.net
asm.np.community.playstation.net
us-prof.net.community.playstation.net
gs-sec.ww.np.dl.playstation.n
gs2.ww.prod.dl.playstation.ne
commerce1.api.np.km.playstation.n
static-resource.np.community.playstation.n
al02.cdn.update.playstation.net
a01.cdn.update.playstation.org.edgesuite.net
playstation.sony.akadns.net
a192.d.akamai.net
api-p014.ribob01.net
apicdn-p014.ribob01.net
artcdnsecure.ribob01.net
asm.np.community.playstation.net
cfss.dunbar.scea.com
crepo.ww.dl.playstation.net
get.net.playstation.net
post.net.playstation.net
ps4-eb.ww.np.dl.playstation.net
ps4-eb.ww.np.dl.playstation.net
ps4.updptl.sp-int.community.playstation.net
ps4updptl.eu.np.community.playstation.net
ps4updptl.jp.sp-int.community.playstation.net
sf.api.np.km.playstation.net
t-prof.np.community.playstation.net
themis.dl.playstation.net
tmdb.np.dl.playstation.net
zeke.scea.com
ps4updptl.jp.np.community.playstation.net
elb001-p4ci01.p4ci.usw2.np.cy.s0.playstation.net
nsx.sec.np.dl.playstation.net
event.api.np.km.playstation.net
any.updptl.np.community.playstation.net.edgekey.net
ps4-system.sec.np.dl.playstation.net
us.np.stun.playstation.net
ps4.updptl.np.community.playstation.net
static-resource.np.community.playstation.net
ps4.updptl.np.community.playstation.net
ps4updptl.uk.np.community.playstation.net

If you are using Al-Azif PEH or DNS or ESP device: Go to [Settings] > [User Guide].

If you are self-hosting: Use the web browser to access the index.html

When the exploit has loaded always hit the PS button to get back to XMB.

There is no need to enable the web browser in 5.05-9.00 as it is auto-enabled by default.

You can now disable internet setting on PS4 [Settings] > [Network] uncheck the box next to [Connect to Internet].
Don't forget to re-enable after you restart your console to launch exploits!

Go to [Settings] > [Debug Settings] > [Game] > [Package Installer] to install a game. (Game PKG must be fake signed and must be placed on the root of the exFat formatted USB stick)

To start a fake signed game, HEN must be running otherwise they will not load.
NOTE: Non-fake signed PKG's aka downloaded from PSDEVWIKI, PS4DATABASE.IO, ORBISPATCHES or ORBISMODDING will not run on HEN as they are NOT fake signed!

NOTE: remember to enable rest mode application suspending to allow HEN to remain through rest mode.
([Settings] > [Power Saving] > [Set Features] > [Keep Applications Suspended])

Congratulations, you have just learned how to run kernel exploits and HEN on your 5.05-9.00 console!


Below is an index of other things you can do to further enhance your console:
CACHE YOUR EXPLOITS


Change line at the top of the index.html from:
Code:
<html>
To:
Code:
<html manifest = "offline.manifest">
Then make the file (txt) containing all file names you want cached, for example:
Code:
CACHE MANIFEST

index.html
vtxhen.html
vtxftp.html
vtxdump.html
css/style.css
Save as "offline.manifest" in the same folder as index.html.
  • Each exploit page needs to be listed in the manifest, as well as its sub files/folders, but you don't need to include the name of the manifest file.
  • You can name your manifest anything you like such as: CACHE.CACHE, offline.cache, whateveryouwant.something.
  • Once cached no need for self host device again unless you want to update the files in anyway.
  • If you are payloads are out of date: Delete your cache, and input DNS or sort your own files out and re-cache.
Dumping and repackaging your games:


CHECK GAME FIRMWARE DATA: HERE

NOTE: Your disc/psn games can be updated to latest 5.05/6.72/7.02/7.55/9.00 compatible update before dumping to dump the updated game (use https://orbispatches.com/homebrew to install directly to console)
NOTE 2: Running HEN payload followed by dumper payload has been proven to speed up the dumping process massively (Thanks @Leeful)
NOTE 3: You can select the dumping mode in dumper.cfg (place it on your exFAT USB root):
0 - Do not split app and patch, dump into the CUSAxxxxx folder (split=0)
1 - Dump only app into the CUSAxxxxx-app folder (split=1)
2 - Dump only patch into the CUSAxxxxx-patch folder (split=2)
3 - Dump app and patch and split it into different folders (split=3)


IMPORTANT: IT IS UNIVERSALLY RECOMMENDED TO USE SPLIT=3 FOR EVERY DUMP!

Full CFG is here: https://github.com/xvortex/ps4-dumper-vtx/blob/master/dumper.cfg
  • Insert an exFat formatted 64GB stick into your PS4 and power the console on.
  • Open User Guide and launch HEN first, then reload and launch DUMPER payload or send the payload to BIN LOADER (port 9020)
  • (Alternatively: open the browser and launch HEN followed by DUMPER payload via browser or self host).
  • Press PS button to minimize the browser.
  • Start your game/disc and get to the main menu of the game.
  • Press PS button to minimize the game.
  • When the console turns off: this means its done dumping. (It's normal)

FAKE PACKAGING DUMPED GAMES + PATCHES

Files needed:

GENGP4 (cannot be linked here)
ORBIS-PUB-GEN (cannot be linked here)
Your dumped game files (CUSAXXXXX-APP & CUSAXXXXX-PATCH folders)

Start Here:
  • Using GENGP4 > Select directory for your CUSAXXXXX-APP folder > hit generate GP4 > then hit save gp4.
  • Using GENGP4 > Select directory for your CUSAXXXXX-PATCH folder > hit generate GP4 > then hit save gp4.
  • Using ORBIS-PUB-GEN > Select the CUSAXXXXX-APP.GP4 you just made > build > select output directory > select build > when its done close PUB-GEN
  • Using ORBIS-PUB-GEN > Select the CUSAXXXXX-PATCH.GP4 you just made > build > select output directory > select build > when its done close PUB-GEN
  • You can now delete the CUSAXXXXX-APP & CUSAXXXXX-PATCH folders.
You now have a Fake Signed PKG ready to install (See step (4) above)

PROPERLY REPACKING FAKE UPDATES

If you get errors installing your FPKG updates even though the CUSA ID matches perfectly, then this section will teach you how to avoid errors and enjoy more time playing games! Many thanks to @Chrushev for the tools and the tutorial :)

UPDATED (21/07/2018):
https://gbatemp.net/threads/release...ackager-by-duxa-aka-chrushev-v6-22-18.508723/

OLD:
Files needed:
Your original V1.00 GAME Fake PKG you made (see above) or obtained.
Your update PATCH Fake PKG (with matching CUSA ID to the GAME) that isnt installing, that you made or obtained.
GENGP4 (cannot be linked here)
@Chrushev aka DUXA's PKG REPACKAGER: HERE
ORBIS-PUB-GEN (cannot be linked here)

Start Here:
  • Using PKG REPACKAGER tool > Type in the games 5 digit ID from CUSAXXXXX & hit Enter to confirm > Tab to the games PATCH PKG & hit Enter to confirm > Enter to use all 0's as pass & hit Enter to confirm and it will proceed to unpack your Fake PKG update file to a CUSAXXXXX-PATCH folder.
  • Once unpacked close PKG REPACKAGER.
  • Using GENGP4 > select directory for your CUSAXXXXX-PATCH folder > hit generate GP4 > then hit save gp4 > close GENGP4.
  • Using ORBIS-PUB-GEN > Open the CUSAXXXXX-PATCH.GP4 you just made > go to Command > Project Settings > Patch > Select the original Full V1.00 GAME Fake PKG you have. NOTE: If your v1.00 GAME fake PKG is in the same directory you are building in then it should be auto recognised.
  • Now go to Command > Build Image > Select directory to save to > Click Build.
You should now have a FPKG update that is guaranteed to install to update your v1.00 GAME Fake PKG!

DUMPING DLC FOR FPKG



Files needed:
FAKE PKG TOOLS 3.38 (you must find this yourself)
PS4 FTP SERVER 1.3 ZIP: HERE
Filezilla: HERE

Instructions:
On PS4:
Load (to the main menu) the game you want to dump your DLC from (know the games CUSA ID), press PS button to minimise, load VTX FTP via browser, note down the PS4 IP address, leave the browser open.
On PC:
Connect to the FTP server using the PS4 IP address and port 1337, go to /MNT/SANDBOX/PFSMNT/ locate and copy off the "-AC" directories associated with your games CUSA ID. Use PUB-SFO and make a new SFO:
  • Core Settings > Category: "PS4 Additional Content"
  • Core Settings > Content ID: < your games id> (format: "EP0123-CUSAXXXXX_YY-ZZZZZZZZZZZZZZZZ-ac")
  • Title Text > AC Title: <the games name>
  • File > Save (Save to "EP0123-CUSAXXXXX_YY-ZZZZZZZZZZZZZZZZ-ac/sce_sys/param.sfo")
Open PUB-GEN, click File > New Project > Additional Content Package With Extra Data > Double click Image0 > drag and drop your DLC directory into this > close window > Click Command > Project Settings > go to Package tab > set Content ID (same as: EP0123-CUSAXXXXX_YY-ZZZZZZZZZZZZZZZZ) > set Passcode and Entitlement Key to "00000000000000000000000000000000" (32 x 0's) > click Command > Build Image > specify output path > click Build.
On PS4:
Install the PKG via debug settings.

Useful Info:
  • DLC requires specific UPDATE version of the game to be installed, as the UPDATE often contains the DLC elements to play.
  • DLC unlockers dont always work. Try and test which do and which dont.
  • DLC can be dumped and used on LEGIT GAMES, however HEN is still required to be run for the DLC to run, not the LEGIT game disc.
CUSTOM FAKE UPDATES:


Files needed:
FAKE PKG TOOLS V 3.87 (Build 3.87.7549.35163) (you must find this yourself)
A FAKE SIGNED (GAME or PATCH) PKG that you want to modify (you must find this yourself)
Notepad
Hex Editor.

Instructions:
Open the F-signed game PKG with PUBCHK (pkg pass should be: 32x "0"'s), extract the IMAGE0/EBOOT.BIN and the entire SC0 folder to a memorable location.
Drag the SC0 folder into the IMAGE0 folder, and rename the SCO folder to "sce_sys".
MODIFY YOUR PKG CONTENTS HERE: swap textures, edit eboots/files: do what you like!
Use GENGP4 to make a gp4 of the project (if modding a PATCH pkg make gp4 after the modification of the SFO file)
Open the GP4 in notepad and change "<volume_type>pkg_ps4_app</volume_type>" to "<volume_type>pkg_ps4_patch</volume_type>" &
"digital50" to "digital25".
Open PARAM.SFO in hexeditor, search for and change "1.00...........gd" to "1.01...........gp" and save. (GD = game disc, GP = game patch)
Open the GP4 in PUBGEN, go to PROJECT SETTINGS, set passcode to the same as base game/patch pkg had: this must match) > in PATCH tab select the original base PKG you used > then build the modified PKG.
Install through DEBUG settings on PS4.
OBTAINING & FSIGNING DLC



Files Needed:
FAKE PKG TOOLS V 3.87 (Build 3.87.7549.35163) (you must find this yourself)
Python 2.7: HERE
EZ_FAKE_DLC.PY: HERE

Instructions:
On PC:
Find the Content ID of the DLC you want.
Put EZ_FAKE_DLC.PY in your FAKE PKG TOOLS DIRECTORY, Open CMDline and type: ez_fake_dlc.py EP0123-CUSAXXXXX_XX-YYYYYYYYZZZZZZZZ"<your games name here>", the unlock files will be generated in the FAKE_DLC_PKG folder.
On PS4:
Install the PKG via debug settings.

DUMPING THEMES FOR FPKG



Files needed:
FAKE PKG TOOLS V 3.87 (Build 3.87.7549.35163) (you must find this yourself)
PS4 FTP SERVER 1.3 ZIP: HERE
Filezilla: HERE

Instructions:
On PS4:
You must own and apply the theme you want to dump, load VTX FTP via browser, note down the PS4 IP address, leave the browser open.
On PC:
Connect to the FTP server using the PS4 IP address and port 1337, go to /MNT/SANDBOX/PFSMNT/ locate and copy off the "-AC" directories associated with your THEMES CUSA ID. Use PUB-SFO and make a new SFO:
  • Core Settings > Category: "PS4 System Software Theme"
  • Core Settings > Content ID: < your themes id> (format: "EP0123-CUSAXXXXX_YY-ZZZZZZZZZZZZZZZZ-ac")
  • Title Text > AC Title: <the themes name>
  • File > Save (Save to "EP0123-CUSAXXXXX_YY-ZZZZZZZZZZZZZZZZ-ac/sce_sys/param.sfo")
Open PUB-GEN, click File > New Project > System Software Theme Package > Double click Image0 > drag and drop your THEME directory into this > close window > Click Command > Project Settings > go to Package tab > set Content ID (same as: EP0123-CUSAXXXXX_YY-ZZZZZZZZZZZZZZZZ) > set Passcode to "00000000000000000000000000000000" (32 x 0's) > click Command > Build Image > specify output path > click Build.
On PS4:
Install the PKG via debug settings.
OBTAINING & FSIGNING DLC/THEMES


Files Needed:
PSDLC by Stooged: HERE
FAKE PKG TOOLS V 3.87 (Build 3.87.7549.35163) (you must find this yourself)

Instructions:
On PC:
Locate the LEGIT THEME PKG you want to unlock and download it to your desktop or working directory.
Copy the EXT folder and PUB-CMD from FAKE PKG TOOLS to your desktop or working directory, start pdDLC.exe, type in the CUSA ID of the theme you want (search for CUSA ID online: Playstation Store), click on the THEME file you want, click create PKG to generate 128kb unlock file in the "FAKE_DLC_PKG" folder.
On PS4:
Install the LEGIT THEME followed by the THEME UNLOCK PKG using debug settings.
CHANGE DLC REGION:



Required:
Lmans PKG viewer: HERE, PUB SFO: (you must find this your self), https://ps4database.io/search for regional game ID's.

Example game (GOW):
USA: UP
9000-CUSA07408_00-PO00010000000000
EUR: EP9000-CUSA07410_00-PO00010000000000

Instructions:
  • Open DLC PKG with PKG VIEWER, click extra tab, click LIST CONTENTS, Right click on the CUSA ID of the game and extract to a location you will remember.
  • Open the SFO in the folder with PUB SFO, edit the first 2 characters of the CONTENT ID (EG: change UP9000 to EP9000 if converting USA DLC to work on EUR game), edit the GAME ID from the EU ID to the USA equivalent (For example: CUSA07408 -> CUSA07410), save it to IMAGE0/SCE_SYS/PARAM.SFO.
  • Open PUB GEN, click File > New Project > Additional Content Package with Extra Data, double click IMAGE0, move the modified SCE_SYS folder into there.
  • Click back, Click Command, Click Project Settings, enter the entire new PKG ID you converted (For example: EP9000-CUSA07410_00-PO00010000000000 ) & set the pass code to all 0's, then click OK.
  • Click Command > Build Image > select the output path > click Build.
  • When done: Use debug settings to install the PKG with the now matching region. (Some DLC with extra files will not work)
You have now DUMPED & FAKE PKG'D games!
HOW TO USE LEGIT SAVES ON FPKG GAMES


Take your disc dump, use PUBGEN to creat a fake pkg as normal, but select the option to allow the fake pkg to be modifiable.

Inject the keystone from your dump into the pkg by using PUBCMD:

orbis-pub-cmd.exe pkg_file_add --passcode 00000000000000000000000000000000 --force X:\Games\PS4\CUSAXXXXX-app\sce_sys\keystone sce_sys/keystone
X:\Games\PS4\<GAME NAME>.pkg

PROFIT!
(Credit: magicbluemonkeydog)

UPDATE: Alternatively use keystone injector GUI v0.11 HERE

REMOTE PACKAGE INSTALLATION


Files Needed:
GOLDHEN (LATEST)
Remote Package installer: https://twitter.com/flat_z (find it on here)
PKG Linker latest: HERE

Instructions:
On PS4: Run HEN on your PS4, go to settings > debug > game and install the RPI PKG, then go to settings > network and get your IP address, finally start REMOTE PACKAGE INSTALLER PKG.

ON PC: Start PKG Linker, enter your PS4's IP address, double click the directory box, and browse for your PKG's on your computer, Click "START SERVER".
Pick a game from the list to install or uninstall. You will get a notification on the PS4 when it starts to install.

INSTALLING GAMES DIRECT TO CONSOLE


WARNING:
RISKY WHILE ONLINE. TAKE PRECAUTIONS TO BACK UP YOUR CONSOLE (SAVES/PROFILE ETC), AND BLOCK SONY ALL URLS FIRST.


IMPORTANT:
PKG's added to the .JSON file must be named in EPZZZZ-CUSAXXXXX_XX-YYYYYYYYYYYYYYYY.PKG format.
HEN is only needed for FAKE PKG's, Installing LEGIT PKG's like updates & demo's does not require HEN.
IDU mode is NOT required for this process.


Files needed:
FAKEDOWNLOADER.ZIP "EP9000-NPXS21005_00-FAKEDOWNLOADERXY-A0100-V0100.pkg" (You must find this on your own)
V0.2 PS4DOWNLOADER.RAR HERE

Downloading Games:
  • On PS4 launch VTX HEN then FTP+R/W payload (note the IP), go to Debug Settings &install FAKEDOWNLOADER.PKG to access the ★ Demon Downloader app.
  • On PC launch PS4 Download Link Uploader.exe, input your PS4's IP, and the .JSON link for the content you want to download, ignore the .rif file address and click "SEND DOWNLOAD LINK".
  • On PS4 launch ★ Demon Downloader, the CUSA ID of your download will pop up in the top left.
  • To add more downloads, close ★ Demon Downloader, start FTP-RW again and repeat step 2-3.
JSON Creation Installing from Online Links:
  • On PC start the JSON MANAGER.EXE and select the .PKG with the [...] button on the right.
  • PKGS needs to be split for file hosts: Choose split size (depends on file host) and hit "SPLIT & CREATE .JSON". When split, leave JSON MANAGER RUNNING.
  • Upload your split PKG's to your desired file host and get copy the absolute HTTP/HTTPS links.
  • In JSON MANAGER open "LINK EDITOR" tab & paste your links (can separate links with Space, tab or "," (without ""). Format the links correctly: EPZZZZ-CUSAXXXXX_XX-YYYYYYYYYYYYYYYY.PKG_1.pkg first, EPZZZZ-CUSAXXXXX_XX-YYYYYYYYYYYYYYYY.PKG_2.pkg second etc).
  • Click "Edit .JSON" and save the .JSON file somewhere you won't lose it.
  • Follow the instructions above in the Downloading section to download your content.
JSON Creation Installing from PC:
  • On PC startup RUNHTTP.EXE, then start JSON MANAGER.EXE and select the .PKG with the [...] button on the right, check the "AUTO LOCAL INSTALL" box.
  • Make sure your IP is entered and HTDOCS path is correct in the settings tab.
  • PKGS no longer need to be split: so just hit "CREATE .JSON".
  • Follow the instructions above in the Downloading section to download your content, but keep RUNHTTP.exe running until done.
Credits:
DarkMage1991, Cephyx and others.

RUN ELFS DIRECTLY FROM USB


Obtain ELFLOADER GL PKG by Lightningmods, install it via debug menu. Place a homebrew ELF on the root of your USB HDD, plug it in and boot ELF LOADER GL. Enjoy.

RUN EBOOTS DIRECTLY ON CONSOLE


Install a placeholder and send and test out fSelf files (eboot.bin) to it without having to FPKG the entire thing up (similar principle to OrbisLOADER)

Files needed:
Python 2.7: HERE
Sender.py: HERE
Payload LDR V3 (patched sandbox): HERE (Thanks @zecoxao)

Instructions:
On PS4: Install PAYLOAD LDR V3 via debug settings.
On PC: Have your homebrew eboot.bin ready to test, open new CMDline in same folder and enter: "Sender.py eboot.bin —endpoint <PS4 ip address>"
On PS4: Launch PAYLOAD LDR V3 and enjoy your homebrew.

You now have all you need to make & install FPKGs.
CHECK GAMES FOR 1.00-9.00 COMPATIBILITY ON FRMCHK - CLICK HERE!

UPGRADING/BACKING UP THE INTERNAL HDD:


  • Back up your data, but don't use official methods to backup your fake signed games and apps, use FTP to copy the USER/APP/XXXXXXXXX/APP.PKG (fake signed games) to an external backup: rename them as the CUSAXXXXX folders they came out of to remind you what they were.
    You can retain SAVES by using the built in options under: [Settings] > [System] > [Backup and Restore] > [Back Up PS4] (Deselect Applications).You can also retain TROPHIES by copying the USER/HOME/XXXXXXXXX/TROPHY folder and the USER/TROPHY folder via FTP (be careful to keep them separate as they are named the same)
  • Replace the HDD:
    You can internally upgrade the PS4 to 8tb max, however the dimensions of the HDD must be no taller than 9.5mm to fit in the enclosure (2.5inch Sata HDD).
  • Reinstall the System software in safe mode (option 7):
    5.05 RECOVERY PUP - MD5: C2A602174F6B1D8EF599640CD276924A (Update/Recovery pup path is: USB:/PS4/UPDATE/PS4UPDATE.PUP)[6.72 files coming soon]
  • Restore the data that has been backed up: Once upgraded restore your saves again using the [Backup and Restore] option, restore trophies using FTP, and restore games by reinstalling the APP.PKG files to internal (You can move them to external if you want using APPTOUSB: see below)
NOW YOU HAVE MORE STORAGE!

RESTORE FPKGs IN DB RESTORE:


In the case that your PS4 restores your game database without showing FPKG games, you dont need to manually reinstall each game, this can fix it!

Files needed:
Python: https://www.python.org/downloads/
PS4 DB Rebuilder: https://github.com/Zer0xFF/PS4_db_rebuilder/releases

  • On PS4: Start an FTP server payload and note down your IP.
  • On PC: Start terminal/cmdline and run this script: python3 fix_db.py PS4_IP and wait for the script to finish.
  • On PS4: Logout of the PS4 user (DO NOT CLOSE THE BROWSER), log in again to see all your missing games restored.

INSTALL ACTIVATED PROFILE:


WARNING: THIS WILL FORMAT YOUR CONSOLE.

Files needed:
"201807092118_00 - PS4 Hacked (5.05) v2 UK" (You must find this on your own).

  • Copy the PS4 folder from the archive to the root of your exfat formatted USB stick
  • Go to [Settings]>[System]>[Back up & Restore]
  • Restore the "201807092118_00 - PS4 Hacked (5.05) v2 UK" profile.
UPDATED METHOD COMING SOON FOR HIGHER FW

USING APPTOUSB


Having installed a game to the PS4's internal HDD you can use the APPTOUSB payload by Stooged to symlink games to an external drive!

Required Files:
APPTOUSB Latest version: https://github.com/stooged/AppToUsb-50X/releases
or my latest SELF HOST INDEX PACK HERE

  • Host the payload as you wish.
  • Place the included APPTOUSB.INI in a "PS4" folder on the root of the PS4 external hdd.
  • The INI can be edited with the following options:
Code:
To check the usb root for the pkg file to save time copying from the internal ps4 drive then uncomment the line below.
but remember this will move the pkg from the root directory to the PS4 folder.
//CHECK_USB

To rename previously linked pkg files to the new format uncomment the line below.
//RENAME_APP

To disable the processing of icons/art and sound uncomment the line below.
//DISABLE_META

To leave game updates on the internal drive uncomment the line below.
//IGNORE_UPDATES

To move DLC to the usb hdd uncomment the line below.
//MOVE_DLC

To use this list as a list of games you want to move not ignore then uncomment the line below.
//MODE_MOVE

Example ignore or move usage.

CUSAXXXX1
CUSAXXXX2
CUSAXXXX3
  • Plug in your USB HDD to a specific port (and always use that port for that drive)
  • Run the APPTOUSB payload and allow it to copy your games to the external HDD.
  • When done you will be notified.
DO NOT DELETE GAMES FROM INTERNAL AFTERWARDS: THERE IS NO NEED.

YOU CAN SAVE TIME BY MANUALLY COPYING THE GAME PKG TO THE EXTERNAL LOCATION BEFORE SYMLINKING IT IN APPTOUSB.
DVD/BD PLAYBACK ACTIVATION:


Enable debug settings then go to Debug Settings > Licence Activation > Enable MPEG-2 and VC-1.
5.05 was released on 19 Jan 2018 so any movies released (before &) around that date should work perfectly. Anything released after 8 March 2018, might not work.
LOCAL REMOTE PLAY ACTIVATION:


WARNING: IDU IS RISKY & CAN ACCIDENTALLY UPDATE CONSOLE IF INSTRUCTIONS AREN'T FOLLOWED.
ALWAYS BACK UP SAVES, DATABASES, AND PROFILE FILES BEFORE ATTEMPTING THIS.

  • Cache your exploits (namely HEN) to your browser, and disable internet.
  • Rename your main profile on your PS4 to "User 1" and remove any USB devices.
  • Run HEN and go to [Settings]>[Debug Settings]>[System] and toggle IDU mode [ON].
  • After reboot turn on controller and hold R1+R2+L1+L2+OPTIONS+D-PAD UP to enter staff mode.
  • Go to [Settings]>[Remote Play Connection Settings] and enable remote play and add a device locally (PC or VITA).
  • Run HEN and go to [Settings]>[Debug Settings]>[System] and toggle IDU mode [OFF].
  • If Required: After reboot turn on controller and hold R1+R2+L1+L2+OPTIONS+D-PAD UP to exit staff mode.
SAVE MOUNTER:


NOTE: Save wizard saves are not supported, not all games work yet wait for Save Mounter updates!.
ALWAYS BACK UP YOUR SAVES (through FTP/db_sg payload or preferably through official backup/restore options)
Do not overwrite the SCE_SYS folder, it will corrupt your save.

Required files:
Save Mounter Latest: HERE
Any FTP app for your computer.
Any suitable payload host.
SQLite editor: HERE
An EMPTY save file: Start the game, make a basic save that you want to overwrite with someone else's save file.
An obtained save that someone else has dumped DECRYPTED.

Begin here:
ON PS4: Load HEN followed by SAVE MOUNTER payload through X-Project or another supported file host/payload sender (JKPATCH.BIN/PS4DEBUG.BIN), start your game, PS button back to XMB, grab your PS4 IP address and load FTP payload (saves and files copied via FTP are automatically decrypted).
ON PC: Start SAVE MOUNTER EXE, enter your PS4 IP, hit CONNECT, hit REFRESH, pick the EBOOT.BIN from the dropdown, click SET UP, click DIRS (if no DIRS can be found see FIX below), choose the save you want to mount, select READ/WRITE from the MOUNT dropdown and click MOUNT.
Start FTP app, enter your PS4 IP and port (1337), then either:

TO BACK UP SAVES: copy either the: /MNT/PFS/SAVEDATA_XXXXXXXX_CUSAXXXXX_YYYYZZZZ or /MNT/SANDBOX/CUSAXXXXX_XXX/SAVEDATA0 folders to a memorable location.
On SAVE MOUNTER and click UNMOUNT
On PS4: close your game down.

TO RESTORE SAVES: Using the EMPTY save on your game: follow the above steps and go to either the: /MNT/PFS/SAVEDATA_XXXXXXXX_CUSAXXXXX_YYYYZZZZ or /MNT/SANDBOX/CUSAXXXXX_XXX/SAVEDATA0 folders, delete the contents (EXCEPT FOR THE SCE_SYS FOLDER), then drop the decrypted save you obtained in there (DO NOT OVERWRITE SCE_SYS FOLDER).
On SAVE MOUNTER and click UNMOUNT.
On PS4: close and restart your game to use.

DONE.

DIRS FIX for DUMPING:
ON PC: FTP into your PS4 and copy the /USER/HOME/<USERID>/SAVEDATA/CUSAXXXXX/ folder to a memorable location, rename SCE_SDMEMORY.BIN to TEMP.BIN & rename SDIMG_SCE_SDMEMORY.BIN to SDIMG_TEMP.BIN. then copy the renamed files back to the /USER/HOME/<USERID>/SAVEDATA/CUSAXXXXX/ folder.
FTP to /SYSTEM_DATA/SAVEDATA/<USERID>/DB/USER/ and copy the DATABASE.DB to a memorable location (**NOW MAKE A SECOND BACKUP OF DATABASE.DB**)
Open DATABASE.DB SQLite editor, click browser data, find your CUSA ID, left click the row to highlight, right click > duplicate record, scroll down to the new record, edit "sce_sdmemory" to "temp", save changes and close editor.
FTP to /SYSTEM_DATA/SAVEDATA/<USERID>/DB/USER/ and overwrite the modified DATABASE.DB.
On PS4: Restart console, load HEN, load your game, ensure game is working, PS button back to XMB, load save mounter payload (JKPATCH.BIN/PS4DEBUG.BIN), load FTP payload.
On PC: Start SAVE MOUNTER EXE, enter your PS4 IP, hit CONNECT, hit REFRESH, pick the EBOOT.BIN from the dropdown, click SET UP, click DIRS (it should now say TEMP), choose the save you want to mount, select READ/WRITE from the MOUNT dropdown and click MOUNT.
Start FTP app, enter your PS4 IP and port (1337), copy the: /MNT/PFS/SAVEDATA_<USERID>_CUSAXXXXX_TEMP/ folder to a memorable location.
FTP to /USER/HOME/<USERID>/SAVEDATA/CUSAXXXXX/ folder, delete SCE_SDMEMORY.BIN & SDIMG_SCE_SDMEMORY.BIN, rename TEMP.BIN back to SCE_SDMEMORY.BIN and SDIMG_TEMP.BIN to SDIMG_SCE_SDMEMORY.BIN.
FTP to /SYSTEM_DATA/SAVEDATA/<USERID>/DB/USER/, overwrite the DATABASE.DB again but now with the **SECOND** back up of DATABASE.DB.
On Save Mounter click UNMOUNT.
On PS4: Restart console, start game, enjoy.

NOTE: You can overwrite the save in the /MNT/PFS/SAVEDATA_<USERID>_CUSAXXXXX_TEMP/ folder. (DO NOT OVERWRITE SCE_SYS FOLDER).
NOTE 2: You can easily swap users if you have multiple accounts but want to share saves.

Props:
Hejran7 for the original tutorial.
CUSTOM PS2 PKGS:


http://www.psdevwiki.com/ps4/PS2_Classics_Emulator_Compatibility_List
Files you will need:
https://github.com/xXxTheDarkprogramerxXx/PS3Tools/releases

Super-Quick-Tutorial:
Grab the latest release, open your PS2 iso, grab some box art from google images, and bingo!
Props to xXxTheDarkprogrammerxXx, Cfwprpht & VVild.

Coming soon:
Multi ISO support, config support and more!

CUSTOM HDPSP PKGS:

PLAYING ONLINE (LAN GAMES):


Files required:
https://www6.zippyshare.com/v/XACc31QN/file.html = XBOX System Link fixed version 9.6.0
https://www.winpcap.org/ = winpcap
= LAN compatible games list (OLD)

Requirements:
Your game VERSION has to match other peoples to play online, regardless of OFW version used (this means 5.05 could play against 6.72)
Your PS4 must be LAN connected to your PC (note down your LAN MAC ADDRESS)
(You can bypass your PC needing to be LAN connected to your router by setting up connection sharing: right click LAN connection on taskbar > network & internet settings > change adapter options > right click wifi connection > properties > click sharing tab > click allow other network users to use this connection > and select your ethernet connection as the shared connection.
You need to know your PC IPv4 address: CMD > IPCONFIG will show you.
Ability to add exceptions to your firewall through anti virus software. (XBSLink itself or Port 31415)
www.portforwarding.com if you need more information on configuring port forwarding on your router.

Start here:

Install WINPCAP prior to starting up XBSLink (it's necessary)
Start XBSLink and go to settings tab and enter your nickname, leave everything else default, go to network tab and change CAPTURE DEVICE to your LAN connection, select bind to IP and choose the IP address of your PC as the IP to use.
In the NETWORK tab, enter your PS4's LAN MAC ADDRESS into the "always forward mac" list > check "enable special mac list" & "only forward these devices".
Click START ENGINE (top left) > start a LAN compatible game on PS4 and the PS4 MAC ADDRESS should pop up in XBSLink local engine info after a few seconds.

If you get the "port unreachable/closed" message: then you need to use UPNP port forwarding to match your router, go to NETWORK tab and check the USE UPNP check box.
If you still get this error you need to port forward 31415: CMD > IPCONFIG > copy default gateway of your active internet connection (NOT LAN) > paste it into your browser to open your routers config page > go to firewall settings > port forwarding > (add game/application > name it XBSlink enter 31415 into any box that asks for port range or transfer > set protocol to any > apply settings) > select XBSLink and select your PC (or enter your PC's IP address) as the device you are running XBSLink from > and apply this setting (remember to turn UPNP off if you are manually port forwarding).


To connect to other people: Enter your friends external IP address into remote host (https://whatsmyip.com/) > port 31415 > click "directly connect to host".
For others to connect to you: Get your external IP address (https://whatsmyip.com/) > send it to your friend > they enter it into remote host > port 31415 > they click "directly connect to host".

To JOIN a game: on PS4 in LAN compatible game > Click search for local game > connect.

To HOST a game: on PS4 in a LAN compatible game > host a game > await friend connections > start game.

Enjoy!

Props ModdedWarfare for the video tutorial.


RUNNING LINUX:



Required Files:
BZIMAGE & INITRAMFS.CPIO.GZ: HERE
PS4LINUX PS3ITA: HERE

Required hardware:
USB 3.0 Fat32 formatted drive (16gb min), USB keyboard & USB mouse.

Supports models:
CUH-12XX. CUH-2XXX, CUH-7XXX and 1080p/720p (Change cmdline in ps4-linux-loader. PS4 PRO does not support 3D accelerated GFX).

Start here:
  • Copy the initramfs, bzImage and psxitarch.tar.xz to the USB root, and insert into the PS4.
  • Start up your PS4, load up the Eeplinux payload using your preferred loader (X-PROJECT)
  • After a black screen, rescue will load, connect the keyboard, type: exec install-psxitarch.sh
  • (The keyboard layout is set to US, to write the dash you have to use the ' )
  • When installed the distro should start, enter username psxita and password changeit.
  • (if it fails, type: exec start-psxitarch.sh, reboot and reload the payload again.
Notes:
You can also use MANJARO V2: HERE or Fedora from Fail0verflow: HERE
PSVR SET UP AND USAGE:


Set up your PSVR as per the manual.
Use HEN+VR as your go to payload for loading any games, even non VR games.
Hen+VR spoofs the firmware which means you wont get update nags using the headset.
(If you start the headset before running a non VR HEN payload you shouldnt get a nag either)

Watching videos (media player):
OBTAIN the MEDIA PLAYER 3.50 VR PATCHED NO PSN app by PS4MINER, and install through DEBUG SETTINGS.
Make a folder on the root of your USB HDD called "VIDEO".
Place videos in according to the specifications HERE
  • MKV
Visual:H.264/MPEG-4 AVC High Profile Level4.2
Audio:MP3, AAC LC, AC-3 (Dolby Digital)
  • AVI
Visual:MPEG4 ASP, H.264/MPEG-4 AVC High Profile Level4.2
Audio:MP3, AAC LC, AC-3 (Dolby Digital)
  • MP4
Video: H.264/MPEG-4 AVC High Profile Level 4.2, H.264/MPEG-4 AVC High Profile Level 5.2 (PlayStation®4 Pro only)
Audio:AAC LC, AC-3 (Dolby Digital), LPCM
  • MPEG-2 TS
Visual:H.264/MPEG-4 AVC High Profile Level4.2, MPEG2 Visual
Audio:MP2 (MPEG2 Audio Layer 2), AAC LC, AC-3 (Dolby Digital)
  • AVCHD (.m2ts, .mts)
  • XAVC S™ (.mp4)

Watching 3d/180/360 videos:
OBTAIN the LITTLSTAR 1.18 NO PSN app by WuEpE (other versions do not allow you to sign in with the littlstar account or skip), and install the 2 PKGs (PATCH and APP) through DEBUG SETTINGS.
Ensure you use UPDATE BLOCKER and ALAzif's DNS settings in the NETWORK SETTINGS as this app requires INTERNET for at least first use (offline mode then becomes available for in app downloaded content).
You must make an account at https://littlstar.com/ either on your PC or on the Ps4 browser itself.
Make a folder on the root of your USB HDD called "Littlstar".
Place video in the folder according to the specifications HERE.
Start littlstar, click UPDATE LATER, click NORMAL VERSION, and log in, tap R1 until you get to LIBRARY to view your sideloaded content.
You can download videos in app to your USB HDD for offline use.
File naming conventions
There are specific naming conventions to which videos must adhere for the app to recognize the type of video it needs to render. By default, the Littlstar player will attempt to render a mono (non 3D) equirectangular 360 video. Therefore it is not necessary to explicitly add "360" to the file name.

180 Videos
  • file name needs to contain "180"
Fixed Frame Videos
  • file name needs to contain either "2dff" or "3dff"
  • for 3D videos, if each sub-frame is the full resolution, file name needs to contain "FR". (Note: most videos are packed into the frame to be half resolution, so this extension isn't usually needed.)
OverUnder/TopBottom Videos
  • file name needs to contain either "ou", "tb", or "bt"
SideBySide/LeftRight Videos
  • file name needs to contain either "sbs", "lr" or "rl"
NOTES:
V1.18 is the best out there, but doesn't support thumbnails.
Files names are very FUSSY. The extension must be LOWERCASE ".mp4" not ".MP4".
If (for example) the movie is called "About 3D 1080p.mp4" it detects the ou in "About" and interprets it as an OVER UNDER formatted movie.
Edit the movie names to avoid this by using zero (0) as "o" or use accented characters like: á à ã ă â é è ê í ì ĩ ó ò õ ô ơ ú ù ũ ư.
Quick example: To watch a regular 1080p 3D movie use the standard: "Ab0ut_3dff_sbs.mp4"

UPDATE: Littlstar became RAD and no longer functions. RAD has been dumped (8.XX) and requires an online account to use (NOT PSN).
HOMEBREW:

HB Store by lightningmods: pkg-zone.com/Store-R2.pkg

Flappy bird by TER152: https://mega.nz/#!crhlHRjY!GpL61yBxrFnLZdzHUH08BT3piWeYCDZJyUXhVchzjZg

Soldier Mayhem by Snakeplissken:

Doom by Snakeplisskin:

More coming soon!

EMULATORS (4.55):

NES: DOWNLOAD HERE
MASTER SYSTEM: DOWNLOAD HERE

Instructions:

  • Place roms on a Fat32 formatted device, unzipped (.nes/.sms), in "roms" folder, plugged into the right USB port.
  • On NES emu there is a little lag but sound works great, on SMS far less lag but sound is garbled.
  • Press X to select roms, and use OPTIONS button as the start button in games.
EMULATORS (5.05):

PS4NES 1.01: DOWNLOAD HERE

Instructions:

  • PAL roms work fine, NTSC roms work but are slower,
  • Make a "Roms" folder on the root of your fat32/exfat formatted USB drive, add roms (NO ZIP SUPPORT). Then plug the USB into the right USB port of the PS4.
  • 1.01 info: Roms location can be specified in config file. - Rom list can be scrolled. - Mapped select button. - Little audio improvement.
INSTALLING BETA OFW WITHOUT INVITE:

WARNING: THIS IS ONLY FOR OFW USERS, NOT 5.05 OR BELOW.
Sony sets MINVER praxis to the OFW version before the BETA version you are updating to, so if you update to 6.10 BETA the lowest OFW you can "roll back" to will be set to 6.02. This is no good for downgrading.


Required: USB stick fat32/exfat formatted, the latest BETA FW PUP (links change frequently so not listed here), the latest RELEASE OFW PUP from Sony's site.

Instructions:
  • Hold power on start up to get into safe mode, select option 3 (UPDATE), select option 1 (USB), insert USB with latest OFW on (PS4/UPDATE/PS4UPDATE.PUP), and let it copy data until you get the update prompt.
  • Remove the USB, select UPDATE, and after it reboots but before it gets to the UPDATE screen: immediately POWER OFF THE SYSTEM by unplugging the power.
  • Copy the latest BETA FW PUP to the stick, hold power on start up to get into safe mode, select option 3 (UPDATE), select option 1 (USB), insert USB with the latest BETA FW PUP on and let it copy data.
  • Remove the USB when done, press OK, then select option 1 (RESTART PS4) to boot into update mode where the beta will now install without error.
USEFUL INTERNAL LOCATIONS TO REMEMBER:


Trophy locations:
user/home/XXXXXXXX/trophy folder and the user/trophy folder

DB locations:
/system_data/priv/mms/app.db and /system_data/priv/mms/addcont.db

Save game locations:
/user/home/XXXXXXXX/savedata folder, /user/home/XXXXXXXX/savedata_meta/ and system_data/savedata/XXXXXXXX/db/user/savedata.db

Game PKG location:
user/app/CUSAXXXXX/app.pkg

Update PKG location:
user/patch/CUSAXXXXX/patch.pkg

DLC content location:
in the ADDCONT folder per game.

Screenshot location:
/user/av_contents/photo/NPXS20001/CUSAXXXXX/YYY/AAAAAAAA_BBBBBB_CCCCCCCC.JPG
(Contains .DAT plus an .EXT if associated with a trophy)
FIRMWARE REPOS:

Utilities, Tools & Homebrew:




Simple Payload Sender Alternative to netcat.

Simple Payload Sender V2 - MIRROR

AIO-Dumper-&-GenGP4 (xVortex)

PPC+ PUP Check 2.5.0.2 Quick MD5 Tool (being updated for PS4 soon) (DEFAULTDNB)

Online MD5 Check Tool (EMN178)

PKGMERGE (TUSTIN): https://github.com/Tustin/pkg-merge/releases (Merge legit split pkgs)

Lmans PS4PKGViewer 1.3: https://sites.google.com/site/thele...PS4PKGViewer.v1.3-LMAN.rar?attredirects=0&d=1

PS4 PKG Integrity Check tool (MagicSeb)

HXD Very useful for editing and viewing files.

FileZilla PC FTP tool

<SNIP> Make your own Fake signed PKG's (Cfwprpht)

BIN2JS Convert bin payloads to js for hosting! (Cfwprpht)

BIN2HTML for 5.05: https://github.com/iCyb3r/bin2html/releases

PS2 Classics Template Get started making your own PS2 Classics! (???)

<SNIP> Publish those PS2 Classics (CfwPrpht)

ELF FW Patcher Lower a games FW requirement! (CfwPrpht)

PS4 Theme Editor (Glanheit_st)

HFS PC File Host

PS4 ERROR CODE VIEWER: https://github.com/xXxTheDarkprogramerxXx/PS4_Error_Code_Viewer/

More coming soon ;)

INFO:
HEN allows for fake signed content to run, adds debug settings.
FTP starts an ftp server on you ps4 so you can connect and copy/paste files to/from your pc/ps4.
DUMPER allows you to dump your legit games (disc/psn) to usb hdd, with or without patches, and merged/unmerged.
MiraHEN allows for fake signed content to run, adds debug settings, starts UART for MIRA on port 9999/9998, run it twice for Bin Loader function: see below.
Linux Loader lets you boot linus kernel from your USB stick to use your PS4 for Linux.
ReactPSPlus/UnReactPSPlus turns the RTC (real time clock) back in system to allow time locked content to open (expired PSN games) 5.05 ONLY
Kexec (as I understand it) allows you to boot linux again from PS4 OS (orbis)
Blocker puts 2 fake folder/files in your update folder to prevent PS4 accidentally updating (PS4UPDATE.PUP.temp.net and PS4UPDATE.PUP)
UnBlocker Removes the blocker files so you can update.
Apptousb moves games to external hdd, circumventing the internal drive running out of space.
DB SG Backup backs up all critical databases, save games, and trophy data to USB.
Bin Loader allows you to send a payload.bin to your PS4 just like the old days.
Kdump allows you to dump the kernel to usb
Blocker EXTREME blocks every possible way of updating.
UnBlocker EXTREME undoes the above.
VR ENABLER enables VR if you forgot to enable it before running HEN unless HEN has it built in.

[WIP]RESTORING FOR OFW & PSN:


WARNING: Sony is rumored to be banning consoles on OFW connected to PSN as of 16/09/2018.
WARNING: This method is not tried and tested but is the best we can guess as of today (17/09/2018)

In order to TRY avoid any sort of detection by SONY that you have previously had any fake signed or modified content on your console you need to take these steps:
Quick method:
+ REMOVE UPDATE BLOCKER.
+ REMOVE any content associated with fake signed games or apps you have used (saves, trophies, games, dlc's and updates etc)
+ CROSS YOUR FINGERS (it is unknown if the PS4 logs information in other sectors yet)
+ Please report back if you have decided for whatever reason to update to a PSN compatible OFW, and whether you do or don't receive a ban.
Ultimate method:
+ FORMAT your HDD with the your current OFW (or higher) RECOVERY PUP. This will initialize everything to factory (it is unknown if it erases all logs in other sectors or areas of the PS4)
ALTERNATIVELY:
+ REMOVE your HDD, format it on your PC, REINSTALL the HDD via recovery mode with latest PSN compatible OFW PUP (it is unknown if it erases all logs in other sectors or areas of the PS4)
+ Please report back if you have decided for whatever reason to update to a PSN compatible OFW, and whether you do or don't receive a ban.
PRO TIPS:


+ Use DEFAULTDNB's FRMCHK site with MD5 tool to quickly check any files MD5 hash: HERE

+ If you have crashes running payloads then properly reset PS4: hold power for 10-20 seconds to power off, then restart, then [Power] > [Turn Off PS4], then restart again to flush the system and start from scratch.

+ Running payload after payload on the the exploit host webpage can crash the console: shutdown in between if you have to run one after another, or find a combo that works.

+ NEVER TOGGLE IDU MODE ON IN DEBUG SETTINGS or you get stuck in demo mode (If you do: disconnect internet and press R1+R2+L1+L2+option+up to fix)

+ FTP in and back up /system_data/priv/mms/app.db and /system_data/priv/mms/addcont.db as well as your save game folders periodically in case of "rebuilding database" issue and loss of data

+ Set INTERNAL storage as default [Settings] > [Storage] > [Application Install Location] on to avoid errors such as CE-30129-5 or CE-41798-9 when installing PKG's.

+ To Move LEGIT PAID FOR Content to External HDD device (must be USB 3.0 & 8TB max) go to [Settings] > [Storage] > [System Storage] > [Applications] then Press the "Options" button on the title you want to move and select "Move to Extended Storage". Although this saves space fake signed games cannot be played from this location and have to be moved back to internal to avoid CE-38612-0 error. (Thanks @Berserker666)

+ Find compatible game updates through THIS link using the CUSAXXXXX ID of your game: beware the FW requirement must be 5.05 or below. If a higher update is installed you must delete the entire game, and reinstall the base game again to remove the game update.

+ An increasing list of compatible games 9.00 and under is HERE

+ WIP free solution to save game decryption tools is in progress: https://github.com/charlyzard/PS4SaveDataDecryptingTools
IF ANYTHING IS INCORRECT: Please tag me to update and maintain.
If you can contribute to this or have a mirror for a file, please let me know!
Credits:


Specter, IDC, qwertyoruiopz, Flatz, CTurt, Mistawes, XVortex, LightningMods, CelesteBlue123, Anonymous, neofreno, wolfmankurd, crypt0s, 2much4u, m0rph3us1987, Al-Azif, Modded Warfare,
@sonicdacrack @KiiWii @subcon959 @MostlyUnharmful @skydancer93 @Berserker666 @Scarecrow B @PagaN
and other anonymouse helpers ;)

Trusted Developers

Fakers


  • Whispersintheb1
  • 84Ciss
  • xHARDHeMPuS
  • RSPxAndrew2007x
...more to come...

DONATIONS WELCOME: ko-fi.com/kiiwiiaioguide :)
 
Last edited by KiiWii, , Reason: 9.00

godreborn

Welcome to the Machine
Member
Joined
Oct 10, 2009
Messages
38,471
Trophies
3
XP
29,103
Country
United States
@Leeful , I might be able to donate to you on Thursday. that's the 28th when I get $41 put on a card. I have like $1 in there right now, so it won't be enough to buy a game or ps+. the latter is what I plan to get in November, mostly for cloud saving actually, like I do with nso on the switch. anyway, I need your paypal email address. if you don't feel comfortable putting it here, send it to me in a pm. you're on my friends list, so you can send me pm's.
 
  • Like
Reactions: KiiWii and Leeful

godreborn

Welcome to the Machine
Member
Joined
Oct 10, 2009
Messages
38,471
Trophies
3
XP
29,103
Country
United States
I just confirmed it. you can get all your games back after a format by just plugging in the external hdd you were using. it's kinda slow as it does one game at a time, but it's repopulating as we speak, then I can probably just inject the app.db to get the sorting right. no need for using the python script (the video is cutting out a lot now, but I wanted to test this). btw, do this after enabling hen:

20211025_083841.jpg
 

godreborn

Welcome to the Machine
Member
Joined
Oct 10, 2009
Messages
38,471
Trophies
3
XP
29,103
Country
United States
I don't think I can activate my account, because whenever I try connecting, the video cuts out, then the system freezes. something must be wrong with the wifi controller instead of hdmi.
 

godreborn

Welcome to the Machine
Member
Joined
Oct 10, 2009
Messages
38,471
Trophies
3
XP
29,103
Country
United States
speaking of saves, mounted game works without python script too. we have success:
20211025_100304.jpg

the problem was with the ps4 debug bin of xproject. something is wrong with it, so I used bin loader to send over the debug.bin (called savemounter.bin in xproject) from an older version of xproject, and it worked. no freeze at get users. got all games and saves back from complete format in like 5-10 minutes if you don't count trouble shooting.
 

godreborn

Welcome to the Machine
Member
Joined
Oct 10, 2009
Messages
38,471
Trophies
3
XP
29,103
Country
United States
I was just now successful at giving the connect a static ip:

1635178240869.png


the dns is the same as the default gateway: 172.25.63.1 , and there's no second dns.
 

godreborn

Welcome to the Machine
Member
Joined
Oct 10, 2009
Messages
38,471
Trophies
3
XP
29,103
Country
United States
I think I can give the computer a static ip with the connect as well, but make sure you have your ip or automatic obtain for the router, then use alternate ip:

1635179227327.png
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
    K3Nv2 @ K3Nv2: Sorry for accidentally bending over