Following the release for Firmwares 1.xx and 2.xx just a couple days ago, code has been added to the umtx Jailbreak for PS5, and it now supports Firmwares up to 5.50 included. This is pretty big news, considering that until today, only Firmware 4.51 and below were actually hackable.
However, there are limitations with this Jailbreak for Firmwares 5.00 and above. Read along
PS5 Jailbreak For Firmware 5.50 and below released
SpecterDev has just released an update to his implementation of the umtx exploit chain, porting it to Firmwares 3.xx up to 5.50 included. This means the exploit chain is now working on all Firmwares up to 5.50. Specifically, here is what version 1.2 of this exploit brings:
- Add support for 5.00, 5.02, 5.10, and 5.50FW
- Add support for 4.00, 4.02, 4.03, 4.50FW
- Add support for 3.00 and 3.20FW
- Add support for 2.70 factory FW
- Add support for 1.00 and 1.02 FW
- Added code to make porting easier
If you’re running a PS5 on Firmware 5.50 or below, you can try this exploit right away, using the download links below. Read on for the limitations though, as they are quite impactful right now.
UMTX Jailbreak: Limitations on firmware 5.00 and above
We’ve had a Jailbreak on PS5 for Firmware 4.51 and below for quite some time now. Which means these firmwares, and how to bypass security mitigations on them, is quite well understood. 5.00 and above, however, were uncharted territory until now. It seems Sony have patched some vulnerabilities that were used until now to take control of the PS5 system and execute unsigned code. Dlsym in particular has been used to load additional libraries and functions after privilege escalation. It appears using that code the way the scene has until now isn’t working anymore, at least out of the box. Specifically, rules appear to have been enforced so that a hijacked process (such as Webkit) can’t load libraries it isn’t supposed to. The existing SDK had ways to bypass these restrictions, which appear to not work anymore.
According to SpecterDev, this means changes will be needed in the PS5 scene SDK and the various payloads that have been used so far, as they do not work “as is” on Firmwares 5.xx. Hackers are already thinking of potential solutions using existing features of the Homebrew SDK, and it looks like it might just be a bump in the road rather than a complete showstopper, but only time will tell.
Download PS5 utmx Jailbreak for Firmware 5.50 and below
The code for the exploit can be downloaded on the project’s github at https://github.com/PS5Dev/PS5-UMTX-Jailbreak
To run the exploit, I have an (old) tutorial based on the existing exploit, which should basically work similarly as long as you just replace the files. As always, modded warfare has a tutorial video with the latest and greatest: