Prep for multi-fw and publishing on GitHub

### Added - `.gitignore` for kpatch output - Auto detect console type and firmware in `config.mjs` - Used elsewhere to determine which offsets/patches/ROP chain are used - WIP: Add 8.50-9.60 support - All offsets found - Running into some issue here. Wiped out my JOP chains to redo them... ### Fixed - Call `lapse.mjs` rather than `code.mjs` - Makefile for kpatch builds all currently available ### Changed - Use relative locations rather than absolute - Changed kpatch binaries to just be shellcode vs full ELFs - 5,216 bytes to 257 bytes. - Build kpatch binaries with `-Os` rather than `-O` - 257 bytes to 233 bytes. - Renamed/Formatted `CHANGELOG.md`, `README.md`, and `LICENSE`
2025-05-12 14:42:31 -07:00
parent b9f5957555
commit 3e47ad92a0
33 changed files with 2099 additions and 218 deletions
--- a/README.md
+++ b/README.md
@@ -1,20 +1,50 @@
-# PSFree version 1.5.0
+# PSFree version 1.5.1

-PSFree is a collection of exploits for the PS4 console. The main focus of the 
-repo is for the PS4 but we try to make things portable to PS5.
+PSFree is a collection of exploits for the PS4 console. The main focus of the repo is for the PS4, but we try to make things portable to PS5.

-* Exploits
-  * PSFree: src/psfree.mjs
-  * Lapse (kernel): src/scripts/lapse.mjs
+## Features

-Donation (Monero/XMR):
-86Fk3X9AE94EGKidzRbvyiVgGNYD3qZnuKNq1ZbsomFWXHYm6TtAgz9GNGitPWadkS3Wr9uXoT29U1SfdMtJ7QNKQpW1CVS
+*   **Auto-detection:** Automatically detects console type and firmware version (via `src/config.mjs`).
+*   **WebKit Exploit (PSFree):** Entry point via the console's web browser.
+*   **Kernel Exploit (Lapse):** Escalates privileges to kernel level.
+*   ~~Payload Loader: After successful kernel exploitation listens for a payload on port 9020.~~ **WIP**

-# COPYRIGHT AND AUTHORS:
-AGPL-3.0-or-later (see src/COPYING). This repo belongs to the group
-`anonymous`. We refer to anonymous contributors as "anonymous" as well.
+## Vulnerability Scope
+
+|               | PSFree    | Lapse      |
+|:--------------|:----------|:-----------|
+| PlayStation 4 | 6.00-9.60 | 1.01-12.02 |
+| PlayStation 5 | 1.00-5.50 | 1.00-10.01 |
+
+## Supported by this Repository
+
+This table indicates firmware versions for which the *current version* of this repository provides a functional and tested exploit chain.
+
+|               | PSFree    | Lapse      |
+|:--------------|:----------|:-----------|
+| PlayStation 4 | 8.00-8.03 | 8.00-8.03  |
+| PlayStation 5 | N/A       | N/A        |
+
+*Note: Support for other firmwares listed in the "Vulnerability Scope" table may, or may not, be actively being worked on or may have been supported in previous versions of this repository. Please check `CHANGELOG.md` for historical support.*
+
+## TODO List
+
+- [ ] Integrate payload loader (Test on 8.00-8.03)
+- [ ] Rewrite JOP chains in `rop/ps4/850.mjs`, `rop/ps4/900.mjs`, and `rop/ps4/950.mjs`
+  - I scrapped the ones I had...
+- [ ] `lapse.mjs`: Just set the bits for JIT privs
+- [ ] `view.mjs`: Assumes PS4, support PS5 as well
+- [ ] Add PS5 support
+
+## Copyright and Authors:
+
+AGPL-3.0-or-later (see [LICENSE](LICENSE)). This repo belongs to the group `anonymous`. We refer to anonymous contributors as "anonymous" as well.
+
+## Credits:

-# CREDITS:
 * anonymous for PS4 firmware kernel dumps
-* Check the appropriate files for any **extra** contributors. Unless otherwise
-  stated, everything here can also be credited to us.
+* Check the appropriate files for any **extra** contributors. Unless otherwise stated, everything here can also be credited to us.
+
+## Donations
+
+(Monero/XMR): **86Fk3X9AE94EGKidzRbvyiVgGNYD3qZnuKNq1ZbsomFWXHYm6TtAgz9GNGitPWadkS3Wr9uXoT29U1SfdMtJ7QNKQpW1CVS**