Hacking Lolin S3 Pro V1.0 - PS4 Hack

[mrdude]

Here you go fellas, I just received this board the other day so ended up making software to run the PS4 hack on it. This board is based on the ESP32-S3-WROOM-1 chip.

There's no need to do any soldering, add a usb drive etc, just flash and plug it into your PS4 and you're done.

Code has been added for the following:
Onboard Button code:
1 quick press - reboot the board.
2 quick presses - trigger a hard reset (wipe all your settings).
1 Long click - format the fat partition.

BOT Father telegram code has been added, see my Lolin S3 Dongle post in this section to find out how to use the dongle with telegram. Onboard Addressable led code was added.

PSPhive code is modded to take advantage of the dongle and can be used if you redirect the html page in the settings.

The default is set to access mode, SSID is set to PS4 hack, IP is set to http://1.2.3.4/admin.html for entering the admin page.

You can go online with this as well, just set up like you would do with any other or dongle/board.

NOTE: If programming using Arduino, update your board from the boards manager as esp 2.07 has issues flashing this board so use the newest, install the required libs such as fastled, botfather (https://randomnerdtutorials.com/telegram-control-esp32-esp8266-nodemcu-outputs/), OneButton etc.....

Set up Arduino like this for flashing:

For NOOBs - A flasher program + bin files is attached so you can just flash the bin files if you don't know how to set up Arduino.

Flasher Screenshot:

 

[KiiWii]

Nice one thanks!

Not heard of this board before, but cant hurt to have more variations

 

[mrdude]

Nice one thanks!

Not heard of this board before, but cant hurt to have more variations

It's here:

https://www.wemos.cc/en/latest/s3/s3_pro.html

It's got a micro sd card slot on the board so I bought it for that for another project I am working on, since I had the board I thought I'd just test it out with the PS4 hack to make sure it works. The software only took me about 1/2hour to port over from another board I have so it wasn't a big deal to do. Still it's a cracking little board especially with it's 8MB of PSRAM and 16MB Flash, bluetooth LE, wifi, sdcard slot, display port and onboard addressable led + button.

 

[wolf_]

I tried this on my board which a esp 32 s3 and the wroom 1 chip but mine as 2 USB c ports and it didn't work on mine after flashing it just connects and disconnected every few seconds on Arduino

 

[mrdude]

I tried this on my board which a esp 32 s3 and the wroom 1 chip but mine as 2 USB c ports and it didn't work on mine after flashing it just connects and disconnected every few seconds on Arduino

How much sram does you board have? Usually when you flash via arduino and your board goes on and off - there's something wrong with the code for that board or you are overloading the sram which causes a boot loop. This code I provided uses gpio 0 as a the button pin and (off the top of my head) gpio 38 for the onboard led, so you might need to mod that part if your board has a differnet layout for gpio pins. Either that or remove the telegram code so you use less sram. Also when uploading to your board, try disabling psram.

 

[wolf_]

i have 16mb flash and 8mb psram 384k rom and 512k sram if that makes a different

 

[mrdude]

i have 16mb flash and 8mb psram 384k rom and 512k sram if that makes a different

You get different type of psram - octal and quad, try disabling it for now as I am not using it in this sketch. If you select the wrong type when flashing your board can go into a bootloop when it reboots after flashing.

See Here for the Arduino settings:
https://gbatemp.net/threads/show-us-your-dongle.618895/page-2#post-10232562

 

[wolf_]

I've done that and it still does the same thing

 

[mrdude]

I've done that and it still does the same thing

Well I don't know how to help you then, this sketch in the OP is for the Lolin S3 Pro v1.0 board, if your board is different you are going to need to get the datasheet for it and read about it's specs, then mod the code posted above to make it compatible for your board. You also need to make sure you have Arduino set up correctly for your board specs.

 

[wolf_]

Yeah I figured thanks anyways good thing it was a spare lol

 

[PAYAMiN]

Here you go fellas, I just received this board the other day so ended up making software to run the PS4 hack on it. This board is based on the ESP32-S3-WROOM-1 chip.

There's no need to do any soldering, add a usb drive etc, just flash and plug it into your PS4 and you're done.

Code has been added for the following:
Onboard Button code:
1 quick press - reboot the board.
2 quick presses - trigger a hard reset (wipe all your settings).
1 Long click - format the fat partition.

BOT Father telegram code has been added, see my Lolin S3 Dongle post in this section to find out how to use the dongle with telegram. Onboard Addressable led code was added.

PSPhive code is modded to take advantage of the dongle and can be used if you redirect the html page in the settings.

The default is set to access mode, SSID is set to PS4 hack, IP is set to http://1.2.3.4/admin.html for entering the admin page.

You can go online with this as well, just set up like you would do with any other or dongle/board.

NOTE: If programming using Arduino, update your board from the boards manager as esp 2.07 has issues flashing this board so use the newest, install the required libs such as fastled, botfather (https://randomnerdtutorials.com/telegram-control-esp32-esp8266-nodemcu-outputs/), OneButton etc.....

Set up Arduino like this for flashing:

For NOOBs - if programming with an Arduino is too hard for you, I'll probably make a gui at some point and release the bin files so you can flash it like a noob.

Dear mrdude, is it possible to convert it to BIN file, so we can easily upload the sketch via some more easier tools such as NodeMCU-PyFlasher?

 

[mrdude]

Dear mrdude, is it possible to convert it to BIN file, so we can easily upload the sketch via some more easier tools such as NodeMCU-PyFlasher?

Yes, I've just finished writing the GUI to flash the bins. I'll update the OP later today so you can flash via that. I just need to do some tests but I'm away to my bed for now for a sleep.

 

[PAYAMiN]

Yes, I've just finished writing the GUI to flash the bins. I'll update the OP later today so you can flash via that. I just need to do some tests but I'm away to my bed for now for a sleep.

thank you very much, also seems that it is not working with the online host of PSPhive, and needs a local host.
I don't have enough experience with JB Host but have a host/domain and can make it online there.

 

[mrdude]

thank you very much, also seems that it is not working with the online host of PSPhive, and needs a local host.
I don't have enough experience with JB Host but have a host/domain and can make it online there.

First post updated with the GUI flasher:

I recommend using it to make a full dump of your existing board before flashing anything: Just double click on the "size" box and it will change to: 1000000, then click the dump button, it will take about 1/2 hour to fully dump your board. Flashing a full dump back takes about 50 seconds to flash and verify.

Also there's no need to use an online host - this program for the board automatically uploads goldhen to your PS4 without using any PSPHive files, the included PSPhive files in the OP have been modded from the original ones to use certain functions that are coded into the sketch and are only really needed to give you more options on payloads you want to run.

If you want to use you board online, you can disable the access point in the boards gui, your router will supply the board and you PS4 with an IP, however the code online hosts use is nothing to do with the code for this board, so that's why I supplied the modded PSPhive files so you can upload them to your board and use it offline with all the same benefits an online host gives.

Please don't ask about online hosts in this thread - I don't use them, and the code supplied by me is not for them. If you want to use online hosts - use the code supplied by them for your board.

NOTE: In the bin files I supplied in the OP - sleep mode is not working, this is down to the esp sdk not being coded properly for this (new) board yet when the function: esp_deep_sleep_start(); is called, for more info on this, See here: https://github.com/espressif/esp-idf/issues/8569 and here https://github.com/espressif/arduino-esp32/issues/7551

NOTE: If flashing bins on any other board apart from a Lolin S3 pro, don't flash the bootloader - only flash the partitions and firmware bins. First make sure that for your own board in arduino you flash a blank or blink sketch and disable all the usb stuff on your board when flashing - that will write a bootloader for your own board that will allow the included program to mount a usb image file properly and you won't get a "failed to trigger" message coming up when the board tries to mount the exfat hacked image.

 

[PAYAMiN]

• Dump:

I am not familiar with board code writing, is there any OS-like or BOOT file that may corrupted during sketch writing? if not, I think if we have a previous sketch, we can write it again and the board can be used again the same as before.

• Online Host:

I don't have any concerns about using the internet, as it is easy enough to connect to my router directly in case, and no need to use the ESP board as a pipe. the advantage of PSPhive host for me, moreover than more features and nitty UI, is can use a direct USB solution in case ESP is not working.
On the other hand, I think uploading payloads from the host is more convenient and faster than uploading from the board itself.

• Sleep:

Sleep is working fine on my board, but only the Wi-Fi function gets offline and still board is still ON.

 

[mrdude]

• Dump:

I am not familiar with board code writing, is there any OS-like or BOOT file that may corrupted during sketch writing? if not, I think if we have a previous sketch, we can write it again and the board can be used again the same as before.

• Online Host:

I don't have any concerns about using the internet, as it is easy enough to connect to my router directly in case, and no need to use the ESP board as a pipe. the advantage of PSPhive host for me, moreover than more features and nitty UI, is can use a direct USB solution in case ESP is not working.
On the other hand, I think uploading payloads from the host is more convenient and faster than uploading from the board itself.

• Sleep:

Sleep is working fine on my board, but only the Wi-Fi function gets offline and still board is still ON.

Yes you can always use your board for other things, you can flash any sketch you want, or you can use circuitpython or micropython on it. All you need to do is flash the correct bootloader files and partition info depending on your board maker.

My advice is that if you have software on your board that is working - then make a full dump of the board as I explained previously how to do, zip that dump and store it somewhere so you can flash it again whenever you want.

I just flashed circuit python to my board, and It works fine - and I was using it for the PS4 earlier, and will use the board for an led project I have in mind.

As for sleep - the board will always stay on but in deep sleep mode it draws next to zero power, it can be woken up again by using sense pins or peripherals, that's why the board is still on.

Online hosts - you're wrong, the board is faster via usb than via online. Also the board caches your files into your PS4 browser the first time it is used so it only does this once (unitl you clear your ps4 browser cache), once cached these files are on your ps4 and only send signals to the board to activate leds/put the board to sleep or mount the exfat disc image.

 

[PAYAMiN]

Yes you can always use your board for other things, you can flash any sketch you want, or you can use circuitpython or micropython on it. All you need to do is flash the correct bootloader files and partition info depending on your board maker.

My advice is that if you have software on your board that is working - then make a full dump of the board as I explained previously how to do, zip that dump and store it somewhere so you can flash it again whenever you want.

I just flashed circuit python to my board, and It works fine - and I was using it for the PS4 earlier, and will use the board for an led project I have in mind.

As for sleep - the board will always stay on but in deep sleep mode it draws next to zero power, it can be woken up again by using sense pins or peripherals, that's why the board is still on.

Online hosts - you're wrong, the board is faster via usb than via online. Also the board caches your files into your PS4 browser the first time it is used so it only does this once (unitl you clear your ps4 browser cache), once cached these files are on your ps4 and only send signals to the board to activate leds/put the board to sleep or mount the exfat disc image.

boss, is there any update about GUI flasher?

 

[mrdude]

boss, is there any update about GUI flasher?

Why do you need an update? You only need to write data to a chip and erase it, this app already does that.

 

[laz305]

are you able to update this and add PSFree?

 

[mrdude]

are you able to update this and add PSFree?

Yes, it's on the cards. I'll do it when I have some free time. There's no rush.