Hacking 7.5X User Guide & Exploit Host Menu V2 ish: now with added GoldHEN!

  • Thread starter Prb
  • Start date
  • Views 77,821
  • Replies 388
  • Likes 20
Prb

Prb

Well-Known Member
OP
Member
Level 13
Joined
Nov 10, 2020
Messages
1,032
Trophies
1
XP
3,866
Country
United Kingdom
arfgh said:
^^ as i said before, they have to be splitted, because the kernel exploit cause KPS very easy. In fact, a tip for kernel exploit... wait 1 or 2 minutes after entering webkit, and you will see how the Kernel Exploit will always get entering without KPs...
Click to expand...
Tbh buddy it doesn't really matter if its split the instability is down to the exploit itself yes running it over and over can cause a kp the problem is we need a more reliable webkit and a more stable exploit
In my experience the best thing to do is switch on the ps4 and let it boot properly
Treat it like an old pc/laptop from the 90's
When you think about it a ps4 is basically a custom pc it's got a cpu/gpu/ram/wifi and a slow old mechanical hard drive
If people stop treating it like a super fast pc with a lightning fast ssd
You will get a better success rate
And tbh run the exploit once load all your payloads and just use rest mode
 
arfgh

arfgh

Well-Known Member
Member
Level 9
Joined
Oct 3, 2019
Messages
946
Trophies
0
Age
94
XP
1,888
Country
Armenia
@Prb believe me, it is not webkit exploit what is causing here the KPs. It is the Kernel exploit. Just wait 1 or 2 minutes once you did webkit exploitation, and you will notice the difference.

Even more, if you put a timeout for 1 or 2 minutes to the Kernel exploit executing, you will see the difference. Even the own goldhen get benefit of this.
 
Prb

Prb

Well-Known Member
OP
Member
Level 13
Joined
Nov 10, 2020
Messages
1,032
Trophies
1
XP
3,866
Country
United Kingdom
arfgh said:
@Prb believe me, it is not webkit exploit what is causing here the KPs. It is the Kernel exploit. Just wait 1 or 2 minutes once you did webkit exploitation, and you will notice the difference.

Even more, if you put a timeout for 1 or 2 minutes to the Kernel exploit executing, you will see the difference. Even the own goldhen get benefit of this.
Click to expand...
payloads have nothing to do with the stability of the exploit the exploit runs before
yes as i said to you if you run the exploit over and over and over it may kp but this true for all fw not just 7.55 nothing new
i've got a version of V2ish that spilt the webkit and exploit i'll upload it later today maybe tomorrow depends if i have time
but for me i've tested both and tbh if this 7.55 exploit is going to kp it just does no matter how you load it
it's just unstable

What i do is load the exploit run the payloads i need and then i just leave it and use rest mode i dont think we should call it
rest mode it should be called stand by then everyone would use it
like the switch running atmosphere nobody i know turns there switch off so why should we do any different with the ps4
 
godreborn

godreborn

Welcome to the Machine
Member
Level 33
Joined
Oct 10, 2009
Messages
38,471
Trophies
3
XP
29,180
Country
United States
it does seem to be true that if you try exploiting the system too quickly or go into rest mode too quickly after its deployment, the chances of a kp are much higher. I've noticed this on 5.05. you should definitely wait a bit before deploying hen after coming back from a kp as well, because the system is sluggish at first.
 
  • Like
Reactions: Prb
Prb

Prb

Well-Known Member
OP
Member
Level 13
Joined
Nov 10, 2020
Messages
1,032
Trophies
1
XP
3,866
Country
United Kingdom
godreborn said:
it does seem to be true that if you try exploiting the system too quickly or go into rest mode too quickly after its deployment, the chances of a kp are much higher. I've noticed this on 5.05. you should definitely wait a bit before deploying hen after coming back from a kp as well, because the system is sluggish at first.
Click to expand...
yep
one thing to do after a kp restart
is shut down and do a clean restart
 
  • Like
Reactions: Leeful and godreborn
subcon959

subcon959

@!#?@!
Member
Level 20
Joined
Dec 24, 2008
Messages
5,856
Trophies
4
XP
10,160
Country
United Kingdom
My personal experience is that the webkit exploit goes through fairly often (on a cold boot) but the kernel exploit success is much less often. The problem is that due to it being a race attack it's totally inconsistent between different consoles. That's why I don't like calling people's advice "placebo" because it really is possible that everyone can have their own little trick to make it slightly more successful. It's not a one size fits all situation.
 
  • Like
Reactions: peteruk, Leeful and godreborn
godreborn

godreborn

Welcome to the Machine
Member
Level 33
Joined
Oct 10, 2009
Messages
38,471
Trophies
3
XP
29,180
Country
United States
subcon959 said:
My personal experience is that the webkit exploit goes through fairly often (on a cold boot) but the kernel exploit success is much less often. The problem is that due to it being a race attack it's totally inconsistent between different consoles. That's why I don't like calling people's advice "placebo" because it really is possible that everyone can have their own little trick to make it slightly more successful. It's not a one size fits all situation.
Click to expand...

that does seem to be the case, yes. I seem to get more kernel panics than most people on 5.05, and I think it's just the console I have, my specific system. it seems to have gotten more unreliable over time as well.
 
arfgh

arfgh

Well-Known Member
Member
Level 9
Joined
Oct 3, 2019
Messages
946
Trophies
0
Age
94
XP
1,888
Country
Armenia
not placebo effect on what i am saying. Wait 2 minutes once webkit is done, and kernel wont reach KP. And i insist, even goldhen has problems, with ftp for example, if you launch kernel exploit without to wait.

This is not placebo, this is the result of the tons test i did this past week. But placebo is the 'playroom trick'.

if two exploits arent split, there's nothing to do to at least constrol a bit the success rate on Kernel exploit.
 
Last edited by arfgh,
Prb

Prb

Well-Known Member
OP
Member
Level 13
Joined
Nov 10, 2020
Messages
1,032
Trophies
1
XP
3,866
Country
United Kingdom
arfgh said:
not placebo effect on what i am saying. Wait 2 minutes once webkit is done, and kernel wont reach KP. And i insist, even goldhen has problems, with ftp for example, if you launch kernel exploit without to wait.

This is not placebo, this is the result of the tons test i did this past week. But placebo is the 'playroom trick'.

if two exploits arent split, there's nothing to do to at least constrol a bit the success rate on Kernel exploit.
Click to expand...
done manual version added
follow the quick tip that i added to the op for less kp's
plus browser selfhost and user guide selfhost
thanks to @KiiWii and @Leeful X-Project that i got it from
 
  • Like
Reactions: bayad, Leeful and KiiWii
arfgh

arfgh

Well-Known Member
Member
Level 9
Joined
Oct 3, 2019
Messages
946
Trophies
0
Age
94
XP
1,888
Country
Armenia
^^ do you mean that exiting with PS button, and entering host again, the load of webkit and kernel exploits are bypassed ?
 
Prb

Prb

Well-Known Member
OP
Member
Level 13
Joined
Nov 10, 2020
Messages
1,032
Trophies
1
XP
3,866
Country
United Kingdom
arfgh said:
^^ do you mean that exiting with PS button, and entering host again, the load of webkit and kernel exploits are bypassed ?
Click to expand...
Yes
Exit with ps button doesn't matter if your using the selfhost user guide / browser and then hover over the ps4 internet browser and press the ps button it will take you back to the menu bypassing the need to run the webkit and exploit
Obviously this only works once the webkit has ran
 
Last edited by Prb,
arfgh

arfgh

Well-Known Member
Member
Level 9
Joined
Oct 3, 2019
Messages
946
Trophies
0
Age
94
XP
1,888
Country
Armenia
^^ ok i go to extend the question... is there a way in javascript to detect if kernel exploit was already loaded ? interesting question, isnt it ?

...because that ps button trick no help. Think that you did launch a game, and then you need to return to host to use for example todex... i dont think ps button help to return to loaded webkit.... or yes ?
 
Last edited by arfgh,
Leeful

Leeful

GBAtemp Member
Developer
Level 17
Joined
Sep 4, 2015
Messages
1,903
Trophies
1
XP
7,068
Country
United Kingdom
arfgh said:
^^ ok i go to extend the question... is there a way in javascript to detect if kernel exploit was already loaded ? interesting question, isnt it ?
Click to expand...
yes but not directly with the 7.x webkit. In the past you could easy check the setuid in your javascript to see if the kernel has already been exploited.

Sleirsgoevy includes this setuid check directly in the exploit code now to make sure the kernel is only ever patched once.
https://github.com/sleirsgoevy/ps4jb2/blob/3b22dfb1f5bd38f146a251fb511e58832fa24fbf/src/jb.c#L608

You can easily see this in action on 7.5x by running the kernel exploit again after your PS4 has already been exploited.

You will see that the kernel exploit process takes 20 seconds to run if your PS4 kernel has not been patched but if you run it again it will only take 1 second because it sees that it has already been patched so it does not run the full kernel exploit again.
 
Last edited by Leeful,
  • Like
Reactions: Storm21, Prb and bayad
arfgh

arfgh

Well-Known Member
Member
Level 9
Joined
Oct 3, 2019
Messages
946
Trophies
0
Age
94
XP
1,888
Country
Armenia
^^ well the main problem is stilll entering webkit RW, because we also can use some other way to bypass the kernel exploit if was already inserted....
 
  • Like
Reactions: Storm21
Leeful

Leeful

GBAtemp Member
Developer
Level 17
Joined
Sep 4, 2015
Messages
1,903
Trophies
1
XP
7,068
Country
United Kingdom
arfgh said:
^^ well the main problem is stilll entering webkit RW, because we also can use some other way to bypass the kernel exploit if was already inserted....
Click to expand...
Exactly right. but your question was "is there a way in javascript to detect if kernel exploit was already loaded ?" and thats what I answered.:)

BTW the PS button trick works after you have launched a game if you hold down the PS button and Close Application.

https://streamable.com/t36a9h
Here I minimise the browser with PS button, launch and close a game, go back to browser with PS button, load ps4debug, minimise browser again, launch and close a game again, enter browser again and load BinLoader.

It works quite well but if you accidentally just press instead of hold the PS button when closing a game the browser is not minimised to the PS button again.:(
 
Last edited by Leeful,
  • Like
Reactions: Storm21, peteruk, Prb and 2 others
arfgh

arfgh

Well-Known Member
Member
Level 9
Joined
Oct 3, 2019
Messages
946
Trophies
0
Age
94
XP
1,888
Country
Armenia
^^ interesting that trick leeful... first we must close the game, and then with ps button we get again into previously loaded webkit. Clearly the way...
About to avoid loading kernel exploit once was already inserted, with a cookie we can avoid it. I was testing it just now, and works.
But the main problems persists... webkit :(
 
Last edited by arfgh,
  • Like
Reactions: Storm21 and Leeful
Leeful

Leeful

GBAtemp Member
Developer
Level 17
Joined
Sep 4, 2015
Messages
1,903
Trophies
1
XP
7,068
Country
United Kingdom
The problem with using cookies that I had is when to set them to expire.
If you restart your ps4 straight after you have exploited it the cookie will still be there and the kexploit will not run because the cookie is telling it that it is already exploited.

How do you use yours?
 
Last edited by Leeful,
  • Like
Reactions: Storm21
arfgh

arfgh

Well-Known Member
Member
Level 9
Joined
Oct 3, 2019
Messages
946
Trophies
0
Age
94
XP
1,888
Country
Armenia
^^ yes, you have reason, The problem with that is when exiting webkit with ps button, it doesnt take in consideration the sesion cookie life. And setting the expiration has that collateral problem if we reboot the console. But Leeful, by this way 'Waiting for clients' never appears, that means, Kernel exploit is missed.
Yes, it is not perfect, but simple solution to avoid the several loadings of kernel exploit. Just now i am detecting all this and allowing the client to back to see the kernel exploit icons...

And the most important, using the cookie i can perform a first only time delaying of kernel exploit entering to avoid the kernel panics. That detail works like a charm !! no KPs !! but i am not sure yet about the required time, 60 second or a bit more, need more testing.

But about the cookie sesion life, it should exist a way to perform it... it is not normal that behavior on the inet browser with that detail....
 
Last edited by arfgh,
  • Like
Reactions: Storm21 and Leeful

Site & Scene News

Go to forum More news

Popular threads in this forum

I have a very simple question

Hacking  Docker PPPwn

Should I buy

Early Build of Mortal Kombat Returns ported to PS4

Beat 'Em & Eat 'Em: RediXXX - A PS4 remake of the 1982 Atari 2600 Classic

Hacking Feedback Gaming Others  Need cheat codes for dragon Ball z kakarot fun PlayStation 4

PS4Pro Jailbreaked 6.72 HD to SSD replace

Hacking Others  il2cppdumper

General chit-chat
Help Users
  • No one is chatting at the moment.
  • K3Nv2 @ K3Nv2:
    https://www.newegg.com/p/0D9-002V-0...=snc-social-_-sr-_-0D9-002V-00AA1R-_-05202024
  • SylverReZ @ SylverReZ:
    @mthrnite, Cheetah Girls, the sequel to Action 52's Cheetah Men.
     +2
  • Psionic Roshambo @ Psionic Roshambo:
    Pokemon Black I played that one a lot
  • K3Nv2 @ K3Nv2:
    Honestly never messed with Pokémon on ds much
  • mthrnite @ mthrnite:
    I played pokemon once, was bored, never tried again
  • Psionic Roshambo @ Psionic Roshambo:
    Oh Dragon Quest IX
  • K3Nv2 @ K3Nv2:
    Spent like 5 hours on switch one never touched it again
  • Psionic Roshambo @ Psionic Roshambo:
    Sentinel of the stary skies
  • K3Nv2 @ K3Nv2:
    Ds is 20 years old this year
  • Psionic Roshambo @ Psionic Roshambo:
    So MJ no longer wants to play with it?
  • K3Nv2 @ K3Nv2:
    He put it down when the 3ds came out
  • K3Nv2 @ K3Nv2:
    https://youtube.com/shorts/eTlZ0qcSZf4?si=0vpkdIWplaLMFVqv
  • K3Nv2 @ K3Nv2:
    https://youtu.be/40XQ8L9wsCA?si=GzpPBaHQQLU0plt_ Neat
  • SylverReZ @ SylverReZ:
    @K3Nv2, RIP Felix does great videos on the PS3 yellow-light-of-death.
  • Jayro @ Jayro:
    Eventhough the New 3DS XL is more powerful, I still feel like the DS Lite was a more polished system. It's a real shame that it never got an XL variant keeping the GBA slot. You'd have to go on AliExpress and buy an ML shell to give a DS phat the unofficial "DS Lite" treatment, and that's the best we'll ever get I'm afraid.
     +1
  • Jayro @ Jayro:
    The phat model had amazingly loud speakers tho.
     +1
  • SylverReZ @ SylverReZ:
    @Jayro, I don't see whats so special about the DS ML, its just a DS lite in a phat shell. At least the phat model had louder speakers, whereas the lite has a much better screen.
     +1
  • SylverReZ @ SylverReZ:
    They probably said "Hey, why not we combine the two together and make a 'new' DS to sell".
  • Veho @ Veho:
    It's a DS Lite in a slightly bigger DS Lite shell.
     +1
  • Veho @ Veho:
    It's not a Nintendo / iQue official product, it's a 3rd party custom.
     +1
  • Veho @ Veho:
    Nothing special about it other than it's more comfortable than the Lite
    for people with beefy hands.
     +1
  • Jayro @ Jayro:
    I have yaoi anime hands, very lorge but slender.
  • Jayro @ Jayro:
    I'm Slenderman.
  • Veho @ Veho:
    I have hands.
  • Veho @ Veho:
    king-shark-hand.gif
    +1
    Veho @ Veho: +1