Hacking Docker PPPwn

Davi5Alexander

Davi5Alexander

Member
OP
Newcomer
Level 4
Joined
Apr 29, 2015
Messages
20
Trophies
0
XP
475
Country
United States
PPPwn in Docker

https://github.com/Davi5Alexander/docker_pppwn

This repository contains Docker files to run PPPwn, developed by TheOfficialFloW, easily using an Alpine image. It's ideal for running on a Raspberry Pi with a dedicated USB to Ethernet port for the PS4. PPPwn is a kernel remote code execution exploit for PlayStation 4 up to FW 11.00. It's a proof-of-concept exploit for CVE-2006-4304 that was responsibly reported to PlayStation. I was inspired by PI-Pwn.

Requirements

- Docker installed on your system.
- Ethernet cable.
- USB with GoldHen (only for the first time).

Usage

1. Copy the `Dockerfile.pppwn` and `docker-compose.yml` files.
2. Edit `docker-compose.yml` and change the values of INTERFACE and FIRMWAREVERSION.
3. Run `docker-compose up -d`.
4. Turn on the PS4.

On your PS4 (first time):

1. Insert the USB with `goldhen.bin` into the PS4.
2. Go to Settings and then to Network.
3. Select Set Up Internet Connection and choose Use a LAN Cable.
4. Choose Custom Setup and select PPPoE for IP Address Settings.
5. Enter anything for PPPoE User ID and PPPoE Password.
6. Choose Automatic for DNS Settings and MTU Settings.
7. Choose Do Not Use for Proxy Server.
 
  • Like
Reactions: Djakku and Bumblecito
jmjohnson85

jmjohnson85

Well-Known Member
Newcomer
Level 3
Joined
May 3, 2009
Messages
54
Trophies
1
XP
354
Country
United States
I'm not fully up-to-speed on how the PPPwn exploit works but... If my PS4 is connected via Ethernet to a network switch (which is thereby connected to the docker host), will this just continually try to connect to my PS4 to run the exploit (after the one-time setup of course)?

Edit:
From looking at the script it seems this requires a direct connection from the exploit host using a crossover cable (no network switches...)
 
Last edited by jmjohnson85,
  • Like
Reactions: Bumblecito and Davi5Alexander
Bumblecito

Bumblecito

Well-Known Member
Member
Level 4
Joined
May 25, 2017
Messages
110
Trophies
0
Age
39
XP
426
Country
Mexico
Davi5Alexander said:
PPPwn in Docker

https://github.com/Davi5Alexander/docker_pppwn

This repository contains Docker files to run PPPwn, developed by TheOfficialFloW, easily using an Alpine image. It's ideal for running on a Raspberry Pi with a dedicated USB to Ethernet port for the PS4. PPPwn is a kernel remote code execution exploit for PlayStation 4 up to FW 11.00. It's a proof-of-concept exploit for CVE-2006-4304 that was responsibly reported to PlayStation. I was inspired by PI-Pwn.

Requirements

- Docker installed on your system.
- Ethernet cable.
- USB with GoldHen (only for the first time).

Usage

1. Copy the `Dockerfile.pppwn` and `docker-compose.yml` files.
2. Edit `docker-compose.yml` and change the values of INTERFACE and FIRMWAREVERSION.
3. Run `docker-compose up -d`.
4. Turn on the PS4.

On your PS4 (first time):

1. Insert the USB with `goldhen.bin` into the PS4.
2. Go to Settings and then to Network.
3. Select Set Up Internet Connection and choose Use a LAN Cable.
4. Choose Custom Setup and select PPPoE for IP Address Settings.
5. Enter anything for PPPoE User ID and PPPoE Password.
6. Choose Automatic for DNS Settings and MTU Settings.
7. Choose Do Not Use for Proxy Server.
Click to expand...

I'm about to trying this over local network in a synology nas

Edit: Well It didn't work.

Trying now connected to nas lan1 (it has lan0 and lan1) but it's got stuck on stage1: memory corruption
Tried to ruebuild it but it's cached and i'am unable to make a clean install.

1715496003695.png

Post automatically merged:

Ok, it's working now.

You have to create a folder inside the docker directory and name it docker_pppwn-main
Inside that directory now you have to copy the stages folder with all its files (900 in my case).
You would have something like docker > docker_pppwn-main > stages
1715497791117.png

1715497812537.png

1715497461984.png
 
Last edited by Bumblecito,
Davi5Alexander

Davi5Alexander

Member
OP
Newcomer
Level 4
Joined
Apr 29, 2015
Messages
20
Trophies
0
XP
475
Country
United States
Bumblecito said:
I'm about to trying this over local network in a synology nas

Edit: Well It didn't work.

Trying now connected to nas lan1 (it has lan0 and lan1) but it's got stuck on stage1: memory corruption
Tried to ruebuild it but it's cached and i'am unable to make a clean install.

View attachment 436689
Post automatically merged:

Ok, it's working now.

You have to create a folder inside the docker directory and name it docker_pppwn-main
Inside that directory now you have to copy the stages folder with all its files (900 in my case).
You would have something like docker > docker_pppwn-main > stages
View attachment 436694
View attachment 436696
View attachment 436691
Click to expand...
Sorry, I didn't do a test without my custom volume. I already fixed it. You can rebuild the image using docker compose build --no-cache
 
Last edited by Davi5Alexander,
  • Like
Reactions: Bumblecito
garbaj

garbaj

Active Member
Newcomer
Level 3
Joined
May 11, 2023
Messages
39
Trophies
0
XP
236
Country
Fiji
Davi5Alexander said:
PPPwn in Docker

https://github.com/Davi5Alexander/docker_pppwn

This repository contains Docker files to run PPPwn, developed by TheOfficialFloW, easily using an Alpine image. It's ideal for running on a Raspberry Pi with a dedicated USB to Ethernet port for the PS4. PPPwn is a kernel remote code execution exploit for PlayStation 4 up to FW 11.00. It's a proof-of-concept exploit for CVE-2006-4304 that was responsibly reported to PlayStation. I was inspired by PI-Pwn.

Requirements

- Docker installed on your system.
- Ethernet cable.
- USB with GoldHen (only for the first time).

Usage

1. Copy the `Dockerfile.pppwn` and `docker-compose.yml` files.
2. Edit `docker-compose.yml` and change the values of INTERFACE and FIRMWAREVERSION.
3. Run `docker-compose up -d`.
4. Turn on the PS4.

On your PS4 (first time):

1. Insert the USB with `goldhen.bin` into the PS4.
2. Go to Settings and then to Network.
3. Select Set Up Internet Connection and choose Use a LAN Cable.
4. Choose Custom Setup and select PPPoE for IP Address Settings.
5. Enter anything for PPPoE User ID and PPPoE Password.
6. Choose Automatic for DNS Settings and MTU Settings.
7. Choose Do Not Use for Proxy Server.
Click to expand...
Amazing idea and excellent work! Thanks for sharing!
 
  • Like
Reactions: Davi5Alexander
C

cartwright2

New Member
Newbie
Level 1
Joined
May 22, 2024
Messages
1
Trophies
0
Age
25
XP
13
Country
United States
What is PPPwn, and how can it be used to run a kernel remote code execution exploit on a PlayStation 4 up to firmware version 11.00 using Docker and an Alpine image?
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Why does the PCSX4 scam still exist

New PS4 owner. Have PPPwn jailbreak running, GoldHEN is working. I'm trying to figure out how to install a .PKG from a USB drive.

Can't Install Linux on 5.05 with ESP8266 GH2.4B16.2

Can I upgrade my ps4 internal hard disc to a m.2 ssd using a converter?

The last of us part 2

Gaming  Disc based save game not compatible with digital version of the game?

Intel Spots A 3888.9% Performance Improvement In The Linux Kernel From One Line Of Code

Ps4 black screen, but audio is ok

General chit-chat
Help Users
    SylverReZ @ SylverReZ: @kijetesantakalu042, Just because you feel impulsive and wanting yourself to take risks doesn't...