Hacking 5.05 Kexploit - advice regarding safe usage and imaging posibilities?

[zerox88]

Has anyone thought of creating or has created a backup RAW container image of their unexploited PS4 HDD prior to exploiting it? In effort to aid reverting to stock (against the same drive) in the future whilst keeping your previously accrued genuine games/data/saves from pre-exploit?

That way you just restore the image when you want to return to a non-exploited state at the same FW version without a re-initialisation of the HDD & FW.

I'm not sure if there are any non-volatile nand related areas on the PS4 that the exploit touches, that somehow get erased upon initialisation (from recovery) that aid in avoiding detection. Therefore not doing an initialisation would result in residual data being left, despite a full disk image restore, somehow giving your previously exploited state away - and thus, why it's not a recommended idea?

Also, is it considered safe to use a network connection whilst booted into any of our dev/community built PS4 linux distros?

...Perhaps I'm overlooking it; and it's simply attempting to sign-in to PSN and/or upgrading whilst exploited - that flags an account/console for ban.

From what I've read most people recommend not having a live internet connection at all, some do and only block known Sony update domains at their router, and others stay entirely unprotected dismissing update prompts feeling confident no harms comes from being connected providing they do not update or attempt a sign-in. I mean, what's the worst that can happen? Downloaded update firmware and a firmware nag-war? Right? ...Or wrong?

I'm currently on FW 5.01 atm. I can block domains via OpenWRT if needed, as I saw we had a list of known servers for blocking here on GBATemp.

Anyway, certainly curious about the network connectivity questions. I would definitely like to use an internet connection in Linux. I also wouldn't mind still using Netflix if there is an automatically built non-PSN package built like those found in PS3 repositories. Which will of course require you have an internet connection. What generally is the safe rule to follow?

Lastly, do people leave their PSN accounts associated to the PS4 on exploit? Or do you remove them prior to exploiting, and use local accounts?

Thanks all. I appreciate your time. Stay safe.

 

[KiiWii]

You can’t just put in a hdd with 5.05 on one and a 7.50 on the other, and revert firmware from 7.50 to 5.05 if that’s what you’re alluding to?

Also 5.05 can’t sign into PSN so no PSN account can be tied to JB.

so far no one has been banned from having hen run previously, but as a rule of thumb: initialise before updating, to avoid ban if that ever were to be a detection flag.

 

[xYuunax]

You could try imagining the HDD, but I would assume Sony would have a failsafe for that, since imaging HDD is nothing new.

For any hacked device I use that use the internet.. I use proxy to snif the connection and see what links/urls it's trying to connect, and create rules to allow connections that I deem safe. I don't get the update nag, with the update server blocked, while still retaining full internet access, except for specific sony servers.

You can’t just put in a hdd with 5.05 on one and a 7.50 on the initialise before updating, to avoid ban if that ever were to be a detection flag.

this is a crucial step, as updating without wiping could leave residual data with no way to remove/delete it, so you will end up initializing it anyways.

 

[zerox88]

You can’t just put in a hdd with 5.05 on one and a 7.50 on the other, and revert firmware from 7.50 to 5.05 if that’s what you’re alluding to?

Also 5.05 can’t sign into PSN so no PSN account can be tied to JB.

so far no one has been banned from having hen run previously, but as a rule of thumb: initialise before updating, to avoid ban if that ever were to be a detection flag.

No I am not. I am saying backup a full container image of your non-exploited 5.05 firmware. Then kexploit 5.05 firmware image. Then if you so wish to return to 5.05 firmware, whilst you're on kexploited 5.05 firmware, then just re-image the same hard drive with your container image. Then you could theoretically upgrade OFW firmware from that point retaining your previous (prior to kexploit) consoles data. Without faffing with PS backup tools.

 

[KiiWii]

No I am not. I am saying backup a full container image of your non-exploited 5.05 firmware. Then kexploit 5.05 firmware image. Then if you so wish to return to 5.05 firmware, whilst you're on kexploited 5.05 firmware, then just re-image the same hard drive with your container image. Then you could theoretically upgrade OFW firmware from that point retaining your previous (prior to kexploit) consoles data. Without faffing with PS backup tools.

I’m confused. Kexploit is not perma, it’s in ram, and it’s until you reboot. So “Imaging” will not back up the ram.

I guess you mean residual files from fake signed packages?

...but yeah, you could do that, it’s a long assed way around, to be Uber safe.... I would just initialise. Like I said there has never been a ban yet.

 

[zerox88]

I’m confused. Kexploit is not perma, it’s in ram, and it’s until you reboot. So “Imaging” will not back up the ram.

but yeah, you could do that, it’s a long assed way around, to be Uber safe.... I would just initialise. Like I said there has never been a ban yet.

Then one could assume it's the residual data leftover from activities during a kexploit that Sony checks exists to determine a comprimised console? Surely that's how they flag bans? Otherwise that would imply the initialisation process is an unnecessary step? The exploit runs in ram, but filesystem changes that are inconsistant with official and normal operations would surely persist in userland?

I am genuinely curious, if that's not that how it works. I really would like to know. Thanks KiiWii.

 

[xYuunax]

Then one could assume it's the residual data leftover from activities during a kexploit that Sony checks exists to determine a comprimised console? Surely that's how they flag bans? Otherwise that would imply the initialisation process is an unnecessary step? The exploit runs in ram, but filesystem changes that are inconsistant with official and normal operations would surely persist in userland?

I am genuinely curious, if that's not that how it works. I really would like to know. Thanks KiiWii.

We don't know for sure if Sony can detect the kexploit, but it's always better to be safe than sorry.. What I mean by referring to residual data. Files or things that you may have installed, or left in the HDD when doing file transfer... While the console is still in it's exploitable state, you can retrieve/edit/delete those files when needed. But once you've updated, you will have no means to access those files anymore... while they will remain in the HDD with no means to delete them. Can Sony detect this? who knows? you're guess is as good as mine.

 

[KiiWii]

Then one could assume it's the residual data leftover from activities during a kexploit that Sony checks exists to determine a comprimised console? Surely that's how they flag bans? Otherwise that would imply the initialisation process is an unnecessary step? The exploit runs in ram, but filesystem changes that are inconsistant with official and normal operations would surely persist in userland?

I am genuinely curious, if that's not that how it works. I really would like to know. Thanks KiiWii.

Only data left over would be fake ticket data, but they would be removed at initialisation. File system changes, such as adding folders, or blocking update with a temp file, would require sony to recursively check every file on boot, and throw out any that weren't in a whitelist. Impossible since new games and apps create folder and files per title more often that sony can update, and it would bloat the firmware even more than the 500mb playroom already does in the REC PUP lol... hehe.

I think sony would only introduce bans IF the latest FW was exploited publicly and people used it online to cheat. Until then I don't see them flagging anyone for a ban yet. Plenty of people have updated their consoles from 5.05 to 7.50 and retained fpkg's (that obviously no longer work) but they're there in the console, and sony still hasnt banned them.

 

[zerox88]

Thanks KiiWii! I really appreciate your input. Sorry if I come across as paranoid, I usually do like to know that I understand things properly before committing to something - especially in the tech scene.

Mind you, I am curious to know if restoring a RAW image from the same drive (in case the HDD serial/devid is used in encryption) just works regardless of the intention. I guess if nobody has reported success, there is only one other way to find out...

This is all good stuff! So thanks for the input guys. I haven't seen some of my questions asked/answered easily anyway, or definitely - atleast.

I remember the Windows Mobile + Haret day, and taken part in several projects where we were loading linux kernels into device memory addresses on the HTC Herald (Wing Linux Project), HTC Elf, HTC Kaiser, HTC Blackstone and HD2 over at XDA. Christ, come to think of it, loads of Windows Mobiles did alright for linux/android ports. God bless DZO.

It's funny... I've not had my 5.01FW PS4 console connected to the internet for this long already, and now I raise my curious concerns. I intentionally held out. I don't play online anyway.

I wouldn't mind tinkering in PS4 linux though; since I do have a dev background.

 

[KiiWii]

@zerox88 yeah using a raw 1:1 back up works.