PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Home PS4 News - Latest PlayStation 4 and PS3 News

April 23, 2014 // 12:12 am - Following up on reporting the PS4 Vulnerable to Heartbleed rumor, today PlayStation 4 developer cfwprophet made available a PS4 AC1D Flash Tool Manager GUI application which can read and write from the PS4 Macronix NOR Flash chip with the use of a Teensy++ 2.0 USB development board and judges' script.

Download: PS4_AC1D_Flash-Tool.rar / PS4 AC1D Flash Tool (Mirror) / PS4 AC1D Flash Tool GIT / Useful Libraries / Useful Libraries GIT

PS4 AC1D Flash Manager
(c) cfwprpht [Free to use for Every One !!]

What it is?

This is a Tool to handle the PS4 Macronix NOR Flash. It can Read/Write the Chip with use of Teensy++ 2.0 USB Dev Board. But there for the Tool is more only a GUI cause it use @judges script for the Read/Write part.

Then the Tool can validate a PS4 NOR Dump and Display the infos of your Console in the GUI. If you want you can also store your console infos in a database text file.

It comes with the Python 2.7 and Python Serial Installer and will check if you have both installed or not. But at least it hase a own extracter and can extract a PS4 NOR Dump file as well a SLB2 Container. The validator Routine isn't perfect right now and even give me on my own dump on 3 of 33 Arrays to check a false negative. This is mostly to do that there need to be done more investigation on Console specific Marks and such they are present on all Consoles.

But right now there isn't much use for the end user so i still have time to correct that. In case of your a Dev and want to write a Dump to your consoles flash that do not validate, then just create a empty txt file with the name "developer.conf". This will enable the Tool to activate all blocked buttons.

Used Lib's:

  • ConsoleControle.dll - is a librarie from Dave Kerr
  • ProcessInterface.dll - is a librarie from Dave Kerr
  • - is a script from Judges
  • Log.dll - is a librarie from me (cfwprophet)
  • Tools.dll - is a librarie from me (cfwprophet)
  • nor4ps.dll - is a librarie from me (cfwprophet)
  • SLB2.dll - is a librarie from me (cfwprophet)

So you may ask for what the SPIway.bat will be ?

It's simpli. VisualStudio can't handle the python script. For that a python integration to Visual Studio
will be needed. There are allready projects for that but in a beta phase. So we use the .batch to kind
of spoof the python script. In case VS understand and can handle .bat's we just do the same within the .bat what we otherwise would do with the python script in VS. We do a "Call" and execute the python script with the needed arguments.

What to do?

  • Adjust the validator Routine for the PS4 NOR flash.
  • Include a Flash Patcher Routine.
  • (Or) Activate diff Write. (which is already included into judges script).
  • Finish the vdump function which will verify the dumped data against the data on Chip.
  • Modify Console Control to match even more needs. (Like a way to check and wait for the current process to be done without the affect that your whole code stops and will cause a crash of your app).

Credits and Greets:

  • Judges for his script (many thx)
  • Dave Kerr for his Console Controle Class librarie
  • eussNL for his affinity about the DevWiki (woop woop)
  • flatz for his PS4 script
  • grafchockolo for all his amazing work on the PS3 (i will always credit you in any scene releaded stuff thank you for everything you have done. We would need more guys like you in the Sony PlayStation Hacking Scene)
  • KDSBest for beeing a Mentor and a god friend to me
  • GotNoUsername you know why and that's enough
  • All Devwiki Contributors !! (information have to be free to every one)
  • Pockets69, Sandungas, Helsing9, GregoryRasputin, t000, Ada, _NiceShot, ******.net, ******.net, and everyone else i forgot....(wink, wink)

Some usefull Libraries also Released !!

Finally, from cfwprophet: First the PS4 is a little bit diff guys. And one importend part i've learned this GEN - a Flash Chip shouldn't be readed from the Device it self. It all Depends on the used device but in case of PS4 the Macronix Flash is within a circuit of some other Chip.

Especially is he in the same sircuit like the MediaCon. If you know trie to boot the Macrnoix Flash while the console is off you will also boot the MediaCon or parts of it. In the end you won't get any data nor a signal nor a ping from the teensy it self and in worst case you even could maybe damage something on the MB.

But at the point we would need a flash on the PS4, there will be modders, as every time, like me they will you solder a socket onto your PS4 MB for around 20€. If you don't want to buy a flasher and already have a socket on your MB you just need to send me your FW, i'll patch it and if your come i just flash the already patched CFW onto your Macronix with the help of the socket for around 5€ for the flash part.

Hell it's just a socket where you do a kind of hot swap with the flash chip and done. About the speed, a normall Dump will take arround 2.50 min's. A write process arround 4 min's. So fast enough for a 20€ Open Source Flasher

o.O There isn't even a exploit nor that we have a way to decrypt any of the internal PS4 files nor that we have access to any of them. So no there is not a CFW coming.

PS4 AC1D Flash Tool Manager GUI by CFWProphet for PlayStation 4 Out

PS4 AC1D Flash Tool Manager GUI by CFWProphet for PlayStation 4 Out

PS4 AC1D Flash Tool Manager GUI by CFWProphet for PlayStation 4 Out

Follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 CFW forums for the latest PlayStation 3 scene and PS4 Hacks & JailBreak updates with PlayStation 4 homebrew PS4 Downloads.

#11 - engragy - May 19, 2015 // 9:57 am
engragy's Avatar
very nice work cfwprpht and ps4news thanks to you

#10 - joaops - May 17, 2015 // 8:42 am
joaops's Avatar
Wait for the Ps4 jailbreak, thanks Ps4 news!!!!

#9 - LOCOTACO - May 17, 2015 // 8:30 am
Jailbreak is still possible base on someone finding the root key. after that is done we just need a tech to DXI it and if lizard Sqaud would help jailbreak it instead off DDOS sony would be good.

#8 - bastoune13 - May 17, 2015 // 6:13 am
bastoune13's Avatar
thanks a lot guys

#7 - ASC - October 11, 2014 // 1:28 pm
ASC's Avatar
As per an anonymous source, certain PS Now servers are reportedly somehow still vulnerable to heartbleed.

This is in direct conflict with the blog post at:

As reported by some people in the scene, various tests were performed to see if the heartbleed bug was of any use on ps4. It was at that time determined that none of the exposed components were vulnerable (I'm unsure how you would miss the ps now servers).

Anyway, one way or another apparently nobody ever looked to see if the PS NOW servers were vulnerable (maybe it was in beta still?). It has been confirmed by multiple users that you can steal certificates and other sensitive information from the PS NOW service by exploiting heartbleed. Go have a look for yourself! Enjoy!

#6 - Xplic1T - April 23, 2014 // 5:41 pm
Xplic1T's Avatar
Absolutely doubt that sony had used any opensource libs in the ps4 ... openssl was crafted by developers to encrypt web sites and saas appliances. There isn't a link to this being used in anyway on the internal xmb unless I'm missing something.

#5 - Tidusnake666 - April 23, 2014 // 2:08 am
Tidusnake666's Avatar
Not to get your hope high, there was a ps3 nand dumper/extractor/validator for ages before the real jailbreak saw the light, and the algo that ps3 jb used was completely unrellavant to that extractor.

Great job anyways!

#4 - Mesutg - April 16, 2014 // 6:22 pm
Mesutg's Avatar
yeah i can try 2

#3 - metzen - April 16, 2014 // 10:09 am
metzen's Avatar
PM me and I'll assist as well.

#2 - elser1 - April 16, 2014 // 4:00 am
elser1's Avatar
i'm keen. pm me the details if you want