Advertising (This ad goes away for registered users. You can Login or Register)

Steps for unnecessarily complicated real exploit self host updated with offline start

Post here your guides, tips, How-to, etc...
Post Reply
Posts: 10
Joined: Sat Mar 10, 2012 9:29 pm

Steps for unnecessarily complicated real exploit self host updated with offline start

Post by ludakashaka » Tue Aug 28, 2018 11:06 am

Edit: Check post 2 for more detailed explanation

Hello world!

This guide is for people who do not want to rely on other hackers' work (except for the exploit itself) or use other devices besides their computer (yes, I mean you, ESP) and have a brand new PS4 (so the browser is not enabled. Once it's enabled it is much easier) and want to learn some new stuff in the process (hence not using ready solutions and complicating things a bit).

It will not go into much detail - just give you the steps to achieve the goal and it is your responsibility to learn how things work if you do not know. If you have already decided to go on this path you probably already know what to do - I will just share what worked for me.

1. Lesson 1 - Virtualisation

I am working on Linux and decided not to install a webserver on my main system and mess with the settings and instead work on a guest Windows 10 system.
Start virtualbox and install Windows 10. Then start it.

2. Lesson 2 - Webservers

In Windows 10 there is a thing called IIS - just start it and it takes care of everything - you only need to put the exploit in the hosted site.

3. Lesson 3 - DNS

Back to Linux - install Bind9 for your own DNS server. Then configure it to be authoritative of the .net domain. Then forward to the IP of the virtual machine. Set the PS4 internet connection to use your Linux machine as DNS server.

4. Profit

5. Possible complications
- check that your virtual machine has internet connection (you have to share a cable connection)
- if your DNS server works then no .net domains should resolve (set your PC to use its own DNServer to check). Your DNServer may be behind a firewall - try contacting it from within the virtual machine to see if it resolves.
- exploit does not load - the PS4 is searching for the /documents/gb/ps4/index.html file on the webserver - create it and make a link to the index.html file of the exploit

Now you do not need any additional software/hardware except the built in in your OSes to hack your PS4 or a friend's PS4 and you can do it even if the browser is disabled from the User's Guide page. You also do not have to point your PS4 to someone else's DNServer.
Last edited by ludakashaka on Sat Sep 01, 2018 8:50 pm, edited 1 time in total.

Posts: 10
Joined: Sat Mar 10, 2012 9:29 pm

Re: Steps for unnecessarily complicated real exploit self host

Post by ludakashaka » Sat Sep 01, 2018 8:49 pm

Hello World!

Here are more details to the steps of my first post.

Let's assume you will be using only one OS and start with the DNServer.

1. Install Bind 9
- Linux - open Terminal and type "sudo apt-get install bind9"
- Windows - visit

2. Open the Bind9 folder. On Linux it's in /etc/bind

3. Open named.conf.local. Add the following lines:
zone "net" in {
type master;
file "/etc/bind/";
4. Create file in the same folder. Paste this inside:
$TTL 10
net. IN SOA (
5 ; Serial
3h ; Refresh
1h ; Retry
1w ; Expire
1h ) ; Negative Cache TTL
net. IN NS IN A ?.?.?.? IN A ?.?.?.?
where ?.?.?.? is the IP of your PC. You can find your IP by:
- Linux - right click on the connection icon next to your watch. Click "connection Information"
- Windows - Go to Start Menu - Search. Type cmd. Run cmd.exe. Type "ipconfig"

5. Install Web Server
- Linux - open terminal and type "sudo apt-get install apache2"
- Windows 10 - Control Panel - Programs and Features - Turn Windows Features on or off - Internet Information Services (turn it on)

6. Put the exploit in /document/gb/ps4 (may be different for you - check which page the user manual is trying to load) in the root folder of your webserver
- Linux with Apache - the root of your webserver is /var/www/html
- Windows 10 with IIS - C://inetpub/wwwroot

7. Open the User Manual in the Playstation - the hack should load and you are set

After being hacked the Internet Browser on the PS4 activates and you can put the exploit at any folder on your webserver and you can access it by IP address without the need for the DNServer.

8. NEW!!! How to start the exploit from the PS4 with no internet connection. I do it from the browser, but as I have seen from videos of Al Azif host caching it also works on the User Manual.

Put the exploit on the root of the webserver (for convenience so you access it by only typing the IP). (Assuming xvortex's exploit - that means the index.html file only, without the folders that contain it)

Open the file and change '<html>' to '<html manifest="index.appcache">'.
In all the guides I have seen on the net another file extension was used - did not work for me, but you can try whether they would work for you.

Create a new file in the same folder and name it index.appcache

Open the file and put the following text inside:

Note again this is for xvortex's exploit - for others you will need to list the other files that need to be cached.

Now when you run the exploit from your PS4 it will be cached and you will be able to run it from now on with your PS4 offline.

Congrats, you have hacked your PS4!

Post Reply

Return to “Tutorials”