NULL

PS4 4.55 kernel exploit linux hang in rescueshell

Discussion in 'PS4 - Hacking & Homebrew' started by ksleu, Jun 19, 2018.

  1. ksleu
    OP

    ksleu Newbie

    Newcomer
    1
    Jun 19, 2018
    Singapore
    payload 4.55 injected done.
    PS4 4.55 jail break go to the rescue shell linux bootloader.
    type cmd.

    mount / dev/sdb1 newroot/
    exec switch_root /newroot/ /newroot/sbin/init
    exec switch_root /newroot/ /newroot/sbin/init

    the system hang !!! need help. thanks
     

    Attached Files:

  2. MostlyUnharmful

    MostlyUnharmful GBAtemp Fan

    Member
    5
    Feb 8, 2018
    Italy
    As the two invocations report the command usage, I suppose something is wrong in the arguments, does switch_root has a verbose option?

    It seems that newroot lacks a sys directory (it has dev and proc but sys is missing according to the screenshot).
     
  3. ksleu
    OP

    ksleu Newbie

    Newcomer
    1
    Jun 19, 2018
    Singapore
    FYI.The previous screen captured use two usb pen drives. one for partition in FAT32 and another one is UBUNTU 18.04LTS ext4.

    i have create another single bootable pendrive which contain both of partition FAT32 and linux ext4. which repeat the step before, the PS4 still remain hang!!!. showed in second screen shot below.
    My PS4 model is: PS4 Pro CUH-7006B. Anybody able to run UBUNTU linux in this model ???
     

    Attached Files:

    Last edited by ksleu, Jun 20, 2018
  4. MostlyUnharmful

    MostlyUnharmful GBAtemp Fan

    Member
    5
    Feb 8, 2018
    Italy
    So you launched the Gentoo kernel (I suppose Gentoo because the 8 penguins, for sure it isn't a standard Debian kernel) and you tried to pivot the root FS with an unmodified Ubuntu 18.04? Of course it hangs, the first kernel module the system is trying to load outside the initrd will cause an oops if loaded (different symbols) or crash because not available (not even considering different kernel versions).

    You need to compile a kernel with PS4 support on your Ubuntu 18.04, launch that and the pivot the FS or you need to use the distribution created for that Gentoo kernel...
     
  5. ksleu
    OP

    ksleu Newbie

    Newcomer
    1
    Jun 19, 2018
    Singapore

    i am dummy on the linux OS. Do you have any link that have SOP to do the kernel compilation or the working copy of the distribution for my case. thanks.
     
  6. MostlyUnharmful

    MostlyUnharmful GBAtemp Fan

    Member
    5
    Feb 8, 2018
    Italy
    To compile a kernel you'll better follow a guide instead to follow my instructions here. It's not difficult per se but usually ends up to a frustrating cycle of modifying config, compile, test, hang, start again, missing USB support, start again, missing network driver, start again...

    To find a PS4 Linux distribution, this is the 3rd hit after searching "ps4 linux distribution" on Google: https://hackinformer.com/2018/05/05/psxitarch-a-linux-distro-just-for-the-ps4/

    Didn't tried it myself but seems to have Steam, Retroarch (multi architectures), Mupen64plus (N64), Snes9x (SNES), Epsxe (PSX), Ppsspp (PSP) already installed, YMMV.
     
  7. ksleu
    OP

    ksleu Newbie

    Newcomer
    1
    Jun 19, 2018
    Singapore
    Just try out on this psxitarch. It is work in my PS4 Pro system !!! Many thanks to MostlyUnHarmful . However for the Ubuntu18.04LTS, i still missing the way to work out the kernel. May need more expertise to help.
     
  8. MostlyUnharmful

    MostlyUnharmful GBAtemp Fan

    Member
    5
    Feb 8, 2018
    Italy
    As I've said above, it's not difficult in itself, but if you have never do it before could be daunting.

    You need a working Ubuntu installation, you need to install the packages required to compile a kernel (something like "apt build-dep linux-image-amd64" should work on a default Ubuntu installation), you need to find and download a kernel that was patched for PS4 support (the Fail0verflow tree on Github or one of their forks), you need a "config" file (on the Ubuntu /boot directory you should find a "config-4.14.0-3-amd64" file, copying it to the kernel source tree as ".config"), run "make oldconfig" and fill out all the questions about the new driversr/features ("no" is a safe answer if you don't know what they are talking about), you should investigate which drivers/features to enable specifically for the PS4 (exercise left to the reader) and set them with "make menuconfig" (there are also WIMP tools but I've always used the "curse" terminal interface), now at this point I would simply create a package (something like "make dep-pkg LOCALVERSION=-test1"), install it in the target machine (that would automatically update the bootloader and create an initrd) and call it a day.

    In your case, you would need to mount the USB disk you intend to use with the PS4, chrooting on it (i.e. mounting the USB /proc /sys and /dev and then chroot on it), installing the kerrnel package created above, verifying the initrd has the required modules (I ignore which one is required, you can examine what PSXITA put in it, what is created by the system is a file in /boot, something like "initrd.img-kernel-version-arch-version"), copy the initrd and vmlinux file (the kernel itself) in the other USB device and trying to load it with the load-linux payload.

    As I've said above, find a recent guide on how to compile a kernel on Ubuntu (like https://kernel-team.pages.debian.net/kernel-handbook/ ) and search information on how the boot is done on a PS4, I think what I described above should be reasonable (pivoting the FS after launching the kernel) but I didn't verified it.

    Edit: I forgot that using directly a kernel config file from a Debian/Ubuntu distributions would result in some errors messages, there are a couple of lines to remove (config about signing keys) and I don't recall which are right now. Probably there's something else that I've forgot...

    2nd Edit: found it: https://salsa.debian.org/kernel-team/kernel-handbook/commit/006e6584aec6586b5b730ac90351455295cdcbf0 you are lucky cause I didn't compiled a kernel in probably a decade, until I decided to play with an AMD (Raven Ridge) APU... T__T
     
    Last edited by MostlyUnharmful, Jun 21, 2018
Loading...