☠ PS4 Kernel Exploit [4.05] Code by fail0verflow – Implementation/Exploit by Specter

PS4 Hackers and Developers worked hard to find vulnerabilities in higher Firmwares than 1.76.

They decided to share their knowledge public to obtain a Kernel Exploit on 4.05. Team fail0verflow released the code with information on their Blog for the Scene (interesting for Developers with the neccessary skills).

Specter worked hard with the code and has created a WebKit Page (Binloader) with the implemented namedobj Exploit for Firmware 4.05 to send Payloads (.bin files) to the PS4.

Zecoxao shared a 3.55 Kernel Dump and Developer Wildcard will port the Exploit to FW 3.55 soon.

Open WebKit Exploit Links on your 4.05 PS4. You find Specter’s Page on SCE.Party as well.

Specter’s Payload: Debug Settings


04.050.000_PS4UPDATE.PUP -> PS4_DEV

Source 1 | Source 2



PlayStation Modder seit 2011

15 thoughts on “☠ PS4 Kernel Exploit [4.05] Code by fail0verflow – Implementation/Exploit by Specter

  • 0x199
    27. December 2017 at 13:10

    Nice article man! 🙂

  • e✘treme
    27. December 2017 at 13:21

    Yeah, thanks to Specter for his work on the Exploit. Debug Settings now work on 4.05 🙂 You have to host the files locally or use a proxy server if you have troubles with the online html.

    I will not update my 1.76 PS4 yet. better to wait some weeks to see if everything work. If you have a 4.05 PS4 you can report and show us your test result.

    Edit: valentinbreiz has created a tool to send a Payload to the PS4 -> PS4 Payload Sender

  • 28. December 2017 at 0:44

    hello guys thanks a lot, I tested the recent Exploit 4.05, but now I have a problem,for stupid error I activated idu mode of the debugging settings and now I have the ps4 locked on idu mode, which does not install,give me en error and I can not return to staff even with the key combs. Can someone help me, I think I can not do anything anymore? thanks a lot to all happy holidays

  • 28. December 2017 at 1:20

    OK ok
    I solved, just restore the system software do not connect to the internet and with the usual key combo I’m back to the staff mode and disabled the debugging settings thanks to all see you soon for news

  • e✘treme
    28. December 2017 at 2:04

    FTP access now work on 4.05 (compiled by valentinbreiz).
    2much4u has compiled a .bin file to activate the Browser.
    And the Open Source PS4 SDK (forked by idc) might be interesting for Developers.

    FTP Server Payload -> Download | Web Browser Patch -> Download | Open Source SDK -> Download

  • 28. December 2017 at 3:56

    perfect perfect perfect thank you very much

    but the port of ftp it’s change?

    becouse don’t connect

  • SuperNova97
    28. December 2017 at 10:40

    Aso verstehe ich das richtig?


    Ein Exploid für die 4.05 wurde veröffentlich… ? ( Jb ) und nun wird alles angepasst und bald wird man Game Dumps die bis zu einer Firmware 4.05 brauchen spielen können? *~*

  • e✘treme
    28. December 2017 at 17:00

    @Gasolino you have to compile the FTP Payload with your IP and send it to port 9020.

    FTP server library and application for the PS4 4.05 by idc

    @SuperNova97 ja richtig, der Entwickler Specter hat den Exploit für Firmware 4.05 implementiert und vervollständigt. Es ist ein Kernel Exploit der über eine html Seite einen Payload auf der PS4 ausführt.

    flat_z hat schon angekündigt, dass er nun seine Methode PKGs zu starten bald bereit stellen wird. Er wird entweder Code oder einen Aufschrieb veröffentlichen, um auf Retail wahrscheinlich veränderte Debug PKGs starten zu können. Er hatte mal erwähnt, dass man dazu nur einen Kernel Patch benötigt.

  • 28. December 2017 at 17:06


    I,m send the payload correctly,but the ftp with filezilla don’t open,may be the port of filezilla is different,for 1.76 is ip console and 1337,may be on 4.05 is different

  • e✘treme
    29. December 2017 at 1:11

    What I can say about the 4.05 Hack: the exploit is not 100% stable, you might have to try it a few times if you use a online hosted Binloader. With the ported FTP Server you have only access to a few folders (Sandbox, user,…). Enable Debug Settings and activate the Browser work just fine but you will not be able to do much at the first time. For example if you have installed the OMSK PKG you have no access to copy the license files to unlock this free App. If you have bought some Games on PSN you can install and run those PKGs. Hopefully more Devs will port the stuff from 1.76 and maybe we will get a nice 4.05 Playground in future.

    This is a good progress for people who don’t own a 1.76 PS4. I recommend not to update your 1.76 PS4 yet. Wait a few weeks and see if everything works. Specter has done great work for the scene, now more people can work on the PS4 🙂

    btw here is a small packet with the current 4.05 payloads and .bat files to execute via netcat -> Download

  • 29. December 2017 at 6:25

    I Got Full Access FTP for 4.05

  • 29. December 2017 at 15:06


    how did you do?
    I can not, launch the payload ftp2.bin but then filezilla does not connect
    can you say how did you do it?
    I’m installed OMSk and I wanted to put the mod menu

  • 30. December 2017 at 14:38


    Today i’m testing the hello.bin and the 405ftp.bin,ofter i lunk the debug setting.bin,but don’t connect to ps4 system,start the reading of the folders  but immediately after going into error,may be a problem of bin file or  I’m not able to start it, I’ve also followed the video using pyton and dns settings, but the result does not change, I do not know how to do it

    Someone so kind has any solution ???
    thank you

  • 1. January 2018 at 0:39

    Hello everyone and happy 2018

    I wanted to say that I solved with ftp and I managed to install the mod menu
    I used hello.bin and I set up the ps4 system with a static ip and finally I connected


  • e✘treme
    1. January 2018 at 13:54

    Wildcard has released a Payload to dump the Kernel on 4.05 and 2much4u shared the Full Debug Settings. Also valentinbreiz shared a Linux Loader Payload to run Linux on 4.05 and FTP Access work fine now.

    PS4 Linux -> Download
    Kernel Dumper Payload -> Download
    Full Debug Settings Payload -> Download

    btw idc’s version of the Exploit is now hosted -> Binloader 4.05

Leave a Reply