PS5 Jailbreak: New Lapse Exploit Released!
A new exploit has been released for the PS5. This is called the Lapse kernel exploit. It uses a new entry point to trigger the kernel exploit. This exploit also works on the PS4, but it is not fully ready yet.
What You Need to Know
- The Lapse kernel exploit works on PS5 firmware versions from 0 up to 10.01.
- It can also work on older firmwares that already have a jailbreak.
- Right now, this exploit lets you enable debug settings. It does not yet allow you to install fake packages, PS5 game backups, or homebrew.
- The elf loader is being worked on. It seems to work on firmware 8.00 and 8.20. There may be issues with firmware above 8.20.
Important: Do not update your PS5 firmware right now! Wait until K stuff and everything else is working on the newer firmwares.
What's Being Worked On
Echo Stretch said that something changed between firmware 8.20 and 8.40. This is causing problems with the elf loader. Developers are working on it. They do not know if this is a simple fix or a new security measure.
The elf loader is important. It is needed to load K stuff, payloads, and homebrew applications.
How to Get Started
The Lapse exploit itself works up to firmware 10.01. It will enable debug settings.
- Download the lu loader. Cheryl Net and Null Pointer ported this. Echo Stretch is working on porting the offsets.
- Get the save data copy. If you use an older version of the remote lu, update to the latest version. This includes the offsets for the newer firmwares.
- Install the latest save data for the remote Lua loader.
- Keep an eye on updates from Master S9 on the backups. Master S9 usually releases backups that you can restore on your console.
- Copy the save data to your console.
After this, run the kernel exploit. The labs.la file runs the kernel exploit.
- On PS5, it will jailbreak the game process and the PlayStation system. This allows more access to the system.
- On PS4, it will only give arbitrary kernel read for vulnerable firmwares. Jailbreaking for PS4 is not yet available.
How to Run the Exploit
Launch the game that can run the remote Lua loader.
The remote Lua loader will listen on port 9026.
Go to the folder with the Lua payloads.
Open a terminal window in that folder.
Type in the following command:
Python send_luid.py [IP address of your PS5] 9026 lapse.laReplace "[IP address of your PS5]" with the IP address of your PS5.
The kernel exploit should run quickly.
If it is successful, you can send a follow-up payload like the ELF.
If you are on an older firmware, you can use netcat GUI or another payload to send the ETA hen payload on port 9022. The elf loader will launch it on the PS5 and fully jailbreak the console with ETA.
Stability
The exploit may not be 100% stable. If it fails, restart your PS5 and try again.
What This Means for Jailbreaking
- Firmware 8.00: You can enable debug settings and run the elf loader. The homebrew launcher may be updated to support 8.00. You may be able to load retroarch, account activators, and the remote play enabler. Other payloads like FTP and PS5 debug could be ported.
- Firmware above 8.00: There is an issue with the elf loader not working. We will have to see if this can be fixed.
- Firmware 6.xx: The offsets for the PS5 self decryptor are being updated. This is used to decrypt your games so you can create PS5 game backups. If you have a working elf loader, you can decrypt your retail games on an 8.x firmware. You can then dump your games on those newer firmwares. People on 6.xx and 7.xx can look forward to new PS5 game dumps being made.
We also want to see the PS4 get full support for the exploit. This will allow us to jailbreak our PS4s using this Lua version of the exploit.
In Conclusion
The new Lapse exploit is a big step forward for the PS5 jailbreak scene. While it is not perfect, it opens up new possibilities for homebrew and customization. Keep following the scene for more updates!
.jpg)
.jpg)
0 Comments