PS4 PS4 6.20 kernel Exploit Coming Soon ? TheFlow says " don‘t update past 6.20 if you want a kxploit"

It appears that TheFlow0 a very well know PS Vita developer/hacker who developed exploits like h-encore & Trinity and homebrew applications such as VitaShell for the PS Vita, has now been exploring the PS4.The developer has made a suggestion to the PS4 Community, as the dev advises anyone who is staying on lower ps4 firmware's in hopes for an exploit should not update past 6.20 Firmware, that got some attention as that could be the next fully exploited firmware that arises on the PlayStation 4. We have seen the release of multiple 6.20 WebKit exploits in the public (seen here from Specterdev (patched in 6.50) and then also Fire30 subsequently with another (different webkit entry) seen here (patched in 6.72)) which these two webkit exploits are the first piece, typically servings as a "foot in the door" or "entry point" for additional explorations / execution of potentials like a kernel exploits once (if) discovered.. TheFlow0's recent tweets (as outlined below) suggest he may of found that next piece in the all important kxploit and that means we may be graduating to 6.20 from 5.05 in the near future. However, this is still a bit early as the dev is just now getting his hands on the actual hardware to put his confident theories to the test (it appears, however he had confirmed (?) some discovery or theories with the latest tweet). This developer/hacker is very talented and well known so there is confidence among many of the claims made are positive steps forward. Stay tuned to the story as this develops, the developer is likely to give some additional progress reports in the future on his official twitter linked below, and we will keep you posted about any news that rolls out pertaining to what appears to be an advancement in the PS4 community that has been seeing a rise in development..

​

Tweet Timeline

• 
  
  • Mar 10 - Somebody wanna donate me a 6.20FW PS4?
    • Mar 11 - Alright my man @qwertyoruiopz has me one
  • Mar 11 - Also don't update past FW 6.20 if you want a kxploit
  • Mar 13 - I didn't have any vulnerabilities when I wrote that. Now I have. 3 days later

TheFlow's Official Twitter https://twitter.com/theflow0/
Additional coverage also @ wololo.net​

 

For anyone else who thinks exploits should be released as soon as they are found, Just for a second imagine a world where Failoverflow and geohot had not exploited the PS3 on 3.55 OFW in 2011, Imagine they had waited until 2012 when the Superslim console was released.

Now we would have had CFW on all PS3 models for the last 8 years. Brick recovery on all models, HDD data recovery on all models, ability to unban all models, ability to convert all models to DEX etc...

It doesn't take a genius to see that waiting until 2012 would have saved us all a lot of hassle in the long run and been well worth it for everyone..

 

For anyone else who thinks exploits should be released as soon as they are found, Just for a second imagine a world where Failoverflow and geohot had not exploited the PS3 on 3.55 OFW in 2011, Imagine they had waited until 2012 when the Superslim console was released.

Now we would have had CFW on all PS3 models for the last 8 years. Brick recovery on all models, HDD data recovery on all models, ability to unban all models, ability to convert all models to DEX etc...

It doesn't take a genius to see that waiting until 2012 would have saved us all a lot of hassle in the long run and been well worth it for everyone..

Some of that is hindsight when they released things on 3.55
There was no such thing of superslims there was no such things as meldtr2,

At the time of release in 3.55 it was for all models

 

But we do know that the S revisions models if wait then they probably wouldn't have changed the entry point.

 

Some of that is hindsight when they released things on 3.55
There was no such thing of superslims there was no such things as meldtr2,

At the time of release in 3.55 it was for all models

I know yeah of course, but now we do know and can try not to make same mistakes again. For example if the 4.76/5.05 exploits had been released as soon as it was found maybe back on 3.55, we might not have PSVR access on exploited PS4s right now, we might not have been able to utilize extended storage etc. We might not have been able to hack any PS4 Pro models.

It makes sense to not release an exploit until either it has been patched, or its the right time to give the most benefit to everyone.


To put in another way, if the same exploit would work on 8.00 OFW as 6.00 OFW, But you know if you release it on 6.00 that it will be patched and not work on 8.00, What do you do? And you also know Sony are still making new PS4 hardware revisions.

 

Good example Vita waited really till end of system for real exploit now all can be done.

 

I know yeah of course, but now we do know and can try not to make same mistakes again. For example if the 4.76/5.05 exploits had been released as soon as it was found maybe back on 3.55, we might not have PSVR access on exploited PS4s right now, we might not have been able to utilize extended storage etc. We might not have been able to hack any PS4 Pro models.

It makes sense to not release an exploit until either it has been patched, or its the right time to give the most benefit to everyone.


To put in another way, if the same exploit would work on 8.00 OFW as 6.00 OFW, But you know if you release it on 6.00 that it will be patched and not work on 8.00, What do you do? And you also know Sony are still making new PS4 hardware revisions.

I disagree with intentionally releasing after its been patched:

• SCENE's that need to attract development does not launch on back dated firmwares.. THIS IS THE BIGGEST ISSUE THAT HAS FACED THE PS4 SCENE .. I can't stress that enough. That is why its been SSSSLLLLLOOOOOWWWWWW going..
  • Had 5.05 or any PS4 hack emerged on the current firmware at that time, it would of done one single important things, Allowed people intrested to joing the scene. Without hat fork in the road NO SCENE WILL BE A SUCCESS.. There just is not enough people to make a viable platform.
    
  • If 5.05 dropped during 5.05 it would of allowed this and of course been patched but it allowed people to see it and decide what they want to do.. Not ohh great the firmware i moved past 2 years ago is exploited.. You simply can not grow a scene or community that is VIBRANT when it launched in this way.. It simply does not work and you get very stagnent progresss.. As we have seen. Only way PS4 scene becomes something viable and worth while is if it can be accesiable somewhat easily by developers and users and that simply is not the case or ever has been with the PS4.. This can not be said about the PSP/PS Vita/PS3 (all the other consoles from Sony that have firmware updates.)...

Then one can not predict the future and know the premium time to release something either. You release when polished and ready and if your wanting to release it after its been patched and after everyone has updated then really does not make much sense if your trying to start or help a community.. What it does is help pirates get more games but it does not help the developer's to get feedback and a helping hand or the REAL building blocks that launch a scene.. if released on current firmware. people have a choice, new console owners have a choice, then sony patches it (as they should) and from that perspective if 5.05 was released on current firmware or back dated firmware MEANS nothing NOW, EXCEPT it would have had grown the scene larger and been more progress. A week later Sony patches it, no matter.

I been saying this stuff since 1.76 and i was i have called the scene how it was going to be to this point.. So with that said i think its a HUGE mistake to release after something has been patched (if that is the wait), HOWEVER with that said its their work and they can decide what to do, me or you or others do not have to deal with any potential consequences these guys may or may not face.. but if your trying to release the exploit to launch or help a scene back dated stuff is not the way. Though i do think there is times when things should be released. All i am suggesting is there is so many variables and there is no perfect answer but what if and why not when the scene has never been launched properly i think is nonsense at this point because end of the day the PS4 needs a current window to proper gauge what it is and what is not.

Edit: just like this announcement here we have don't updated past 6.20 when a majority would be above that anyhow.. ITS TINY.....

 

I think any ps4 exploit should be saved as long as possible so it works on the highest FW possible. That means waiting until its patched to release, there is NO way around that fact if you want it to work on the highest FW possible. So yeah, I agree with you, This will not help all the people who update on day 1 of a new PUP coming out. But we cant help those people anyway, they want to play online and staying on a lower FW for a exploit will not allow that.

I think people need to get used to the fact you need 2 consoles. Is there anyone really who is updating on day 1 of new FW but then afterwards checking sites for ps4 exploits on that new FW? It makes no sense IMO. You want freshly updated OFW OR you want exploits IMO.

If you want both, spend the $200 and get another ps4 in the next sale.

 

There is not a shortage of exploits but a shortage of development/hacking

 

Well if there is no shortage of exploits then one of these out work devs who cant get hackable system will find an exploit on current FW and everyone will be happy.

 

I think people need to get used to the fact you need 2 consoles. Is there anyone really who is updating on day 1 of new FW but then afterwards checking sites for ps4 exploits on that new FW? It makes no sense IMO. You want freshly updated OFW OR you want exploits IMO.

If you want both, spend the $200 and get another ps4 in the next sale.

That's have no sense for me. I'm hacking console not because it is possible but because it opening a way to do things which Sony doesn't allow but should. Handy game backups is one thing, probably most important for most of the users (and pirates of course) but another is just a way to make mass storage access after console die and non restricted access to every user data (no SEN accounts needs, no f*g forced firmware update, no saves/trophies sticking to specific accounts and even console, no internet connection with Sony servers during restoring data (and wiping out everything currently on the console...)). Having another console just for hacks is pointless because the reason of console exist is playing games. When I cannot moved data from newest OFW to hacked fw, there is also no reason to have another but hacked console on ancient firmware which sucking 200W during Flappy Bird homebrew port from 10$ Android phone. It just doesn't have any sense for me, and I believe for many others.

For that reason is extremely important to develop and release fully exploit, easy to perform by any soul, on current firmwares so everyone can decide which road they take from that point. When expoilts are releasing in state, let's say, "here You go: You have eggs, flour and milk, do bake from it for Yourself MF", or even worst: releasing on fw which no one have from year or more is just pointless. Not to mention at least some kind of SDK even on orphan stage. Look what happened with Vita? Compare era when we have Rejuvenate and HENkaku. This scene just exploding with awesome tools! What we have on PS4 for 5.05? Apps written in Unity, a game engine... which looks and works bad, which have 100+MiB because of massive uneeded stuff loaded but mandatory. With loaded on demand payloads, incompatible between itself. That's why we badly need exploit for newest fw whatever it will be 90.00 or 7.05.

 

Well then its best that kernel exploits are kept until end of life. So you have fully hacked system then at least.

You can not expect new exploits on every new OFW. ....its not realistic, there are only so many that will be found.

So even if current FW is hacked today, tomorrow Sony patch it and you are back in same situation.

 

Yes, I can wait and I also think that this is wise to keep such thing to EoL. But I as user, just want to know if there is waiting for something or just waiting with empty feel that one day... I like the kind of messages like "6.20 fully exploited in private", I'm fine with that info (if true), but also would be awesome if someone who have it and understand it, sharing info if still works, and when stop working, just immediately releasing. That's my point.

I'm not noob ok? I fully understand that cryptographic ecosystems are tough to penetrate and I don't expecting that every fw will have new exploiting stuff over and over.

And when Sony patch it in next release, it is fine! That's how things works in past 20 years. But the point here is not keeping no longer working exploits in the basements waiting when all peoples update fw after year or two. And here, the theory that Sony could paying real money for some ass white hats it is not stupid. Even limited to only time disclosure (not fully).

 

but the point here is not keeping no longer working exploits in the basements waiting when all peoples update it after year or two.

Ah ok, I see. But I think if it was fully patched it would have been released already. You know what Sony are like, they never fully patch anything properly/fully. So I expect that releasing the private 6.20 exploit would have other repercussions for current exploits.

Otherwise you are right, there is no reason to withhold a 6.20 exploit if it's fully patched, but I do not think anyone is saying that is happening here?

 

I hope so. Also I putting high hope in The Fl0w because he is the one, most talented guy in Vita scene which to oposite many others, doesn't keep stuff hidden. Even if he achieve "full access" but not releasing it, I'm also fine because he also tell us good reason like i.e "exploit still works" or even "exploit have potential of been ported to newer fws".

I'm a little mad at Sony, mostly because of those f*g PFS which are encrypted, signed per user and console, and have fixed size, which means i.e save for SteamWorld Dig is ~300KiB but occupied 10MiB in PFS. Not to mention save for FF15 which have ~600MiB! God knows why (maybe because of those pictures? but even 100 slots in 4K in PNG doesn't need such space...). I have also nice trophy collection which I cannot backup. All this makes me only angry, and that's why I so badly need my console hacked. ^^

 

Yes, more info would be nice. I agree.

I just know if I had choice right now today between 100% working exploit released now on current FW, or know that it will still work on 8.00, I will be happy to wait until 8.00+ every time.

 

I agree. ^^ I also in that case want to wait a little more, especially when PS5 start taking all game devs attention, leaving PS4 for good.

 

Good example Vita waited really till end of system for real exploit now all can be done.

Waited i think is not a good term..
because i do not believe that was the approach to the vita
There has been many exploits..

A kernel exploit at end of life cycle that makes little sense.

There is no RIGHT TIME FOR ANY EXPLOIT.. The only RIGHT TIME is it appears on a current firmware. What happens later does not matter. IF YOU ALREADY have an ESTablished scene there will be more looking for exploits when a need arises..

 

I agree. ^^ I also in that case want to wait a little more, especially when PS5 start taking all game devs attention, leaving PS4 for good.

Yes, when the game releases slow down to just FIFA and COD etc, and they stop adding features to the FW and start removing features like they have with ps3 since 4.50 approx, then that is the time to release if you only have one decent exploit.

Ideally the PS3 key fail exploit would have been kept until around 4.30 OFW. We have kinda known since then they are not going to add anything important.

Of course we would not have had so much fun in the meantime then, so... I am glad things happened the way they did.

Its also important to not create too much piracy.. hacking current FW right now would be really bad for Sony and game devs IMO.

 

I guess I see it differently too as I have an exploited PS4, and I would not dream of exploiting my main PS4s even if there was a hack for current OFW as I like playing online too much and don't want to risk that.

If I only had one PS4, and I did not care about buying any more new games or playing online or any new features, then I would say "yeah, release the exploits now!...ETA WEN!"

 

Yes, more info would be nice. I agree.

I just know if I had choice right now today between 100% working exploit released now on current FW, or know that it will still work on 8.00, I will be happy to wait until 8.00+ every time.

but that is not reality... its fantasy i would love to pick the right lotto numbers as well
Its wishful thinking and not reality. obviously its best later but if all consoles were hacked after end of lifecycle SCENE WOULD SUCK... it would be the SAME EXACT THINGS AND SITUATION as what a back dated exploits does in terms of development.. Let say we get a PSP exploit now and see how much development comes fromit rather then when it did.