Update! Yahoo! It works!

Code:

KXploit by Thunder07
Patched up by balika011
Special thanks to:
    Cturt, BigBoss and Twisted
    [+] Starting...
    [+] UID = 1
mapping pointer = 200dac000
Craft knote Structure
fd = 3840
queue created = 6600000f01
queue created = 6700000f02
queue created = 6800000f03
queue created = 6900000f04
queue created = 6a00000f05
queue created = 6b00000f06
queue created = 6c00000f07
queue created = 6d00000f08
queue created = 6e00000f09
queue created = 6f00000f0a
queue created = 7000000f0b
queue created = 7100000f0c
queue created = 7200000f0d
queue created = 7300000f0e
queue created = 7400000f0f
queue created = 7500000f10
queue created = 7600000f11
queue created = 7700000f12
queue created = 7800000f13
queue created = 7900000f14
queue created = 7a00000f15
queue created = 7b00000f16
queue created = 7c00000f17
queue created = 7d00000f18
queue created = 7e00000f19
queue created = 7f00000f1a
queue created = 8000000f1b
queue created = 8100000f1c
queue created = 8200000f1d
queue created = 8300000f1e
queue created = 8400000f1f
queue created = 8500000f20
queue created = 8600000f21
queue created = 8700000f22
queue created = 8800000f23
queue created = 8900000f24
queue created = 8a00000f25
queue created = 8b00000f26
queue created = 8c00000f27
queue created = 8d00000f28
queue created = 8e00000f29
queue created = 8f00000f2a
queue created = 9000000f2b
queue created = 9100000f2c
queue created = 9200000f2d
queue created = 9300000f2e
queue created = 9400000f2f
queue created = 9500000f30
queue created = 9600000f31
queue created = 9700000f32
queue created = 9800000f33
queue created = 9900000f34
queue created = 9a00000f35
queue created = 9b00000f36
queue created = 9c00000f37
queue created = 9d00000f38
queue created = 9e00000f39
queue created = 9f00000f3a
queue created = a000000f3b
queue created = a100000f3c
queue created = a200000f3d
queue created = a300000f3e
queue created = a400000f3f
queue created = a500000f40
queue created = a600000f41
queue created = a700000f42
queue created = a800000f43
queue created = a900000f44
queue created = aa00000f45
queue created = ab00000f46
queue created = ac00000f47
queue created = ad00000f48
queue created = ae00000f49
queue created = af00000f4a
queue created = b000000f4b
queue created = b100000f4c
queue created = b200000f4d
queue created = b300000f4e
queue created = b400000f4f
queue created = b500000f50
queue created = b600000f51
queue created = b700000f52
queue created = b800000f53
queue created = b900000f54
queue created = ba00000f55
queue created = bb00000f56
queue created = bc00000f57
queue created = bd00000f58
queue created = be00000f59
queue created = bf00000f5a
queue created = c000000f5b
queue created = c100000f5c
queue created = c200000f5d
queue created = c300000f5e
queue created = c400000f5f
queue created = c500000f60
queue created = c600000f61
queue created = c700000f62
queue created = c800000f63
queue created = c900000f64
m kernelAllocation:
queue created = ca00000f65
m2 kernelAllocation:
queue created = cb00000f66
Trigger sceKernelDeleteEqueue
Calling sys_dynlib_prepare_dlclose
moment of truth
Trigger sceKernelDeleteEqueue
    [+] Entered kernel payload!
    [+] Rooted and Jailbroken!
    [+] Escaped from the sandbox!
    [+] Kernel patch success!
         Hi GBATemp!

I'll attached a compiled version to the OP, keep in mind though, this doesn't -do- anything yet, and your receiving computer needs to be at 192.168.1.69 to receive any data over TCP!

 

Anything is possible now on <= 1.76, just nothing is made yet Also, I'm just reposting, I didn't do anything with it.

 

Any idea which fw the dlclose exploit was patched at? I remember hearing it was somewhere between 2.00 and 2.50.

 

That'd be good, 1.76 being over a year and a half old means it'd be difficult to track one down these days. 2.04, maybe slightly less so. Of course, there's always the possibility of an exploit for more recent firmwares, but who knows how long that might take to become public, if ever.

 

I'm trying to get dl close kernel exploit working using WiFi loader and tcpdump,but when I open the exploit using WiFi loader using the command in cmd ,it says not enough system memory after It says executing on the ps4 playland webkit what am I doing ?and I want to use tcpdump,but idk how to use it.i open the tcpdump using cmd and type in the command TCPdump 9023 log.bin it freezes the cmd.im on 1.76.im using ps4 playground using user redirect Google method

 

How do you make the Ip of my computer 192.168.1.69?

 

No, the system remembers what firmware it was.

 

No, save your time. They are exploitable for recently firmwares.. 2.00 to 2.50 right now but possibly under 3.15 from some sources too. I have a 2.57. It is too early to say for now.

 

All of the currently known (publicly) ways of accessing kernel have been patched already, so there isn't much point in hoarding a current firmware ps4...

 

No, if you buy PS4 tomorrow.. the firmware will be the latest one and it won't be exploitable at all. Only lower will do. At least 3.15 or lower is a good opportunity since some sources mentions 3.15 or lower to have exploitable but nobody knows for sure. For now, 1.76 is the lowest firmware to be fact exploitable. I have 2.57 and I leave it alone. I believe it is an exploitable so just wait and see.