Standard Jailbreak

This page will walk you through updating your console to an appropriate firmware (if needed) and enabling homebrew.

Determining your Firmware

• Jailbreaking can only be achieved on a firmware lower than latest.
• To determine your firmware, navigate to Settings > System > System Information on your PS4.
• Take note of your firmware. If you're on 11.00 or anything lower you can continue.
• You cannot downgrade firmware by replacing the HDD or trying to install older firmware from a USB Drive. See FAQ for a more detailed explanation.

What firmware is the best?

• See FAQ for a more detailed explanation.

To keep it short, different firmwares will need different exploits, thus can lead to various levels of stability and success rates. Please do keep in mind that they can be updated in the future.

If you are on:

• <5.05 - either keep it for archiving purposes or update only up to 5.05 - 9.00.
• 5.05 - it’s considered the gold firmware because of its stability and success rate. Either stay on it or update to 6.72 (note that you will need to backport most of your new games in order to play them)
• 6.72 - stay on it (or update only up to 9.00)
• 7.02 stay on it (or update only up to 9.00)
• 7.5x (7.50, 7.51 & 7.55) - preferably update to 9.00 not above
• 8.0x & 8.50 - update to 9.00
• 9.00 - stay (much easier to use than 11.00 try PPPwn on 9.00 before updating)
• 9.60 - stay (you will use PPPwn but will have access to a userland called psfree for a chance at a better exploit in the future)
• 10.xx - stay or update to 11.00
• 11.00 - stay (currently the latest exploitable firmware do not update)
• For non listed firmwares check goldhen compatibility or update to the nearest from the list.
• No firmware after 11.00 can be jailbroken meaning 11.02,11.52, 12.00 and 12.02 cannot be jailbroken.

First setup, updating or replacing/upgrading storage

• Below you will find instructions on how to get started with your PS4 you can keep your current data and start homebrewing straight away or factory reset or update or both at the same time or replace internal storage and even optionally update while doing so. You can do any of this later on but be careful not to update past jailbreakable firmware.

Starting straight away

1. If you are starting for the first time but would like to keep all your data and current firmware or you have previously homebrewed your console and are just redoing it continue the guide to jailbreak on your current firmware.

Factory resetting before starting

• If you just got a console and will stay on the current firmware but want to get rid of the current user data and start fresh.
• You cannot downgrade firmware by replacing the HDD or trying to install older firmware from a USB Drive. See FAQ for a more detailed explanation.
• NOTICE! Do not download firmware from the PlayStation website.

1. Boot into PS4's recovery settings by turning off the PS4 and holding the PS4 power button until it beeps 2 times. Recovery mode should look like this:
   • 
2. Once in Safe mode choose option 6. Initialize PS4
3. Press YES, NEXT or ACCEPT to any additional options.
4. The PS4 will now reinstall the current firmware on the HDD and start fresh.
5. REMOVE ANY ETHERNET CABLE AND/OR SKIP WI-FI SETUP. Keep everything offline during and after setting up your PS4.
6. After setup, navigate to Settings > System > Automatic Downloads > Uncheck Featured Content, System Software Update Files, Allow Restart and Application Update Files.
7. Continue the guide to jailbreak on your current firmware.

Updating to desired firmware

• You cannot downgrade firmware by replacing the HDD or trying to install older firmware from a USB Drive. See FAQ for a more detailed explanation.
• NOTICE! Do not download firmware from the PlayStation website.
• On the 2 websites below Retail/Official Firmwares are update files that let you update from for example firmware 8.50 to 9.00
• On the 2 websites below Recovery Firmwares are firmware reinstalation/recovery files that wipe the console of all user data this option is used when replacing the HDD and in either case you can stay on the same firmware you are currently on or update to a higher firmware while changing the HDD.

1. Download the desired Retail/Official Firmware version file onto your PC by visiting one of the following sites. Do not get beta firmwares.
   • DKS - PS4 Official Firmwares - Recommended because of the faster download speeds.
   • PS4 Firmwares - Darthsternie's Firmware Archive - No account or CAPTCHA required, but slower download speeds.
   • If you want to update an existing console, do not use a recovery file an only use a normal firmware update. They will be around 500 MB or less in size.
2. Unpack your archive and or rename the .PUP file to PS4UPDATE.PUP (must be in all caps).
3. Prepare a USB stick drive by formatting it to FAT32 or exFAT and creating a folder on the root of the drive named PS4 and another folder inside PS4 named UPDATE. Copy PS4UPDATE.PUP into the UPDATE folder. The final structure should look like this: PS4 > UPDATE > PS4UPDATE.PUP.
4. Plug the USB stick into an empty slot on your PS4.
5. Boot into PS4's recovery settings by turning off the PS4 and holding the PS4 power button until it beeps 2 times. Recovery mode should look like this:
   • 
6. Once in Safe mode choose option 3. Update System Software
7. In the following menu choose option 1. Update from USB Storage Device
8. Press YES, NEXT or ACCEPT to any additional options.
9. The PS4 will now install the firmware on the HDD.
10. REMOVE ANY ETHERNET CABLE AND/OR SKIP WI-FI SETUP. Keep everything offline during and after setting up your PS4.
11. After setup, navigate to Settings > System > Automatic Downloads > Uncheck Featured Content, System Software Update Files, Allow Restart and Application Update Files.
12. Continue the guide to jailbreak on your current firmware.

Performing a factory reset while updating

• You cannot downgrade firmware by replacing the HDD or trying to install older firmware from a USB Drive. See FAQ for a more detailed explanation.
• NOTICE! Do not download firmware from the PlayStation website.
• On the 2 websites below Retail/Official Firmwares are update files that let you update from for example firmware 8.50 to 9.00
• On the 2 websites below Recovery Firmwares are firmware reinstalation/recovery files that wipe the console of all user data this option is used when replacing the HDD and in either case you can stay on the same firmware you are currently on or update to a higher firmware while changing the HDD.

1. Download the desired Retail/Official Firmware version file onto your PC by visiting one of the following sites. Do not get beta firmwares.

• Since you want to factory reset and update download a recovery file for the firmware you want to update to.

1. • DKS - PS4 Official Firmwares - Recommended because of the faster download speeds.
   • PS4 Firmwares - Darthsternie's Firmware Archive - No account or CAPTCHA required, but slower download speeds.
2. Unpack your archive and or rename the .PUP file to PS4UPDATE.PUP (must be in all caps).
3. Prepare a USB stick drive by formatting it to FAT32 or exFAT and creating a folder on the root of the drive named PS4 and another folder inside PS4 named UPDATE. Copy PS4UPDATE.PUP into the UPDATE folder. The final structure should look like this: PS4 > UPDATE > PS4UPDATE.PUP.
4. Plug the USB stick into an empty slot on your PS4.
5. Boot into PS4's recovery settings by turning off the PS4 and holding the PS4 power button until it beeps 2 times. Recovery mode should look like this:
   • 
6. Once in Safe mode choose option 7. Initialize PS4 (Reinstall System Software)
7. Press YES, NEXT or ACCEPT to any additional options.
8. The PS4 will now install the firmware on the HDD.
9. REMOVE ANY ETHERNET CABLE AND/OR SKIP WI-FI SETUP. Keep everything offline during and after setting up your PS4.
10. After setup, navigate to Settings > System > Automatic Downloads > Uncheck Featured Content, System Software Update Files, Allow Restart and Application Update Files.
11. Continue the guide to jailbreak on your current firmware.

Replacing/Upgrading internal storage

• Using this option your new internal storage will be a clean install.
• You cannot downgrade firmware by replacing the HDD or trying to install older firmware from a USB Drive. See FAQ for a more detailed explanation.
• NOTICE! Do not download firmware from the PlayStation website.
• After replacing your internal storage (Guides for replacing PS4 internal storage)
• On the 2 websites below Retail/Official Firmwares are update files that let you update from for example firmware 8.50 to 9.00
• On the 2 websites below Recovery Firmwares are firmware reinstalation/recovery files that wipe the console of all user data this option is used when replacing the HDD and in either case you can stay on the same firmware you are currently on or update to a higher firmware while changing the HDD.

1. Download the desired Recovery Firmware version file onto your PC by visiting one of the following sites. Do not get beta firmwares.

• Since you are only replacing the drive you want to stay on the current firmware so download recovery firmware for the same firmware you are currently on.

1. • DKS - PS4 Official Firmwares - Recommended because of the faster download speeds.
   • PS4 Firmwares - Darthsternie's Firmware Archive - No account or CAPTCHA required, but slower download speeds.
2. Unpack your archive and or rename the .PUP file to PS4UPDATE.PUP (must be in all caps).
3. Prepare a USB stick drive by formatting it to FAT32 or exFAT and creating a folder on the root of the drive named PS4 and another folder inside PS4 named UPDATE. Copy PS4UPDATE.PUP into the UPDATE folder. The final structure should look like this: PS4 > UPDATE > PS4UPDATE.PUP.
4. Plug the USB stick into an empty slot on your PS4.
5. Boot into PS4's recovery settings by turning off the PS4 and holding the PS4 power button until it beeps 2 times. Recovery mode should look like this:
   • 
6. Once in Safe mode choose option 7. Initialize PS4 (Reinstall System Software)
7. Press YES, NEXT or ACCEPT to any additional options.
8. The PS4 will now install the firmware on the HDD.
9. REMOVE ANY ETHERNET CABLE AND/OR SKIP WI-FI SETUP. Keep everything offline during and after setting up your PS4.
10. After setup, navigate to Settings > System > Automatic Downloads > Uncheck Featured Content, System Software Update Files, Allow Restart and Application Update Files.
11. Continue the guide to jailbreak on your current firmware.

Replacing/Upgrading internal storage and updating

• Using this option your new internal storage will be a clean install and updated to desired firmware.
• You cannot downgrade firmware by replacing the HDD or trying to install older firmware from a USB Drive. See FAQ for a more detailed explanation.
• NOTICE! Do not download firmware from the PlayStation website.
• Notice: Any replacement HDD will be treated as new by your ps4. So you cannot have multiple internal HDD's from different firmware versions and swap between them.
• After replacing your internal storage (Guides for replacing PS4 internal storage)
• On the 2 websites below Retail/Official Firmwares are update files that let you update from for example firmware 8.50 to 9.00
• On the 2 websites below Recovery Firmwares are firmware reinstalation/recovery files that wipe the console of all user data this option is used when replacing the HDD and in either case you can stay on the same firmware you are currently on or update to a higher firmware while changing the HDD.

1. Download the desired Recovery Firmware version file onto your PC by visiting one of the following sites. Do not get beta firmwares.

• Since you are replacing the drive and want to update download recovery firmware for the firmare you want to go to.

1. • DKS - PS4 Official Firmwares - Recommended because of the faster download speeds.
   • PS4 Firmwares - Darthsternie's Firmware Archive - No account or CAPTCHA required, but slower download speeds.
2. Unpack your archive and or rename the .PUP file to PS4UPDATE.PUP (must be in all caps).
3. Prepare a USB stick drive by formatting it to FAT32 or exFAT and creating a folder on the root of the drive named PS4 and another folder inside PS4 named UPDATE. Copy PS4UPDATE.PUP into the UPDATE folder. The final structure should look like this: PS4 > UPDATE > PS4UPDATE.PUP.
4. Plug the USB stick into an empty slot on your PS4.
5. Boot into PS4's recovery settings by turning off the PS4 and holding the PS4 power button until it beeps 2 times. Recovery mode should look like this:
   • 
6. Once in Safe mode choose option 7. Initialize PS4 (Reinstall System Software)
7. Press YES, NEXT or ACCEPT to any additional options.
8. The PS4 will now install the firmware on the HDD.
9. REMOVE ANY ETHERNET CABLE AND/OR SKIP WI-FI SETUP. Keep everything offline during and after setting up your PS4.
10. After setup, navigate to Settings > System > Automatic Downloads > Uncheck Featured Content, System Software Update Files, Allow Restart and Application Update Files.
11. Continue the guide to jailbreak on your current firmware.

Enabling Homebrew 5.05-9.00 Initial Setup

• Internet Settings (Ignore for PPPwn)

If you are using the PPPwn method, avoid this section as it needs a different configuration detailed in the PPPwn instructions.

Navigate to Settings > Network > Check Connect to the Internet, then Set Up Internet Connection and:

1. Connection: Wi-Fi or LAN cable
2. Set Up: Custom
3. IP Address: Automatic
4. DHCP Host Name: Do Not Specify
5. DNS Settings: Manual
6. Primary DNS: 62.210.38.117 (leave the secondary blank as it is) - Explanation: This DNS will redirect you to a jailbreak website.
7. MTU Settings: Automatic
8. Proxy Server: Do Not Use

• • Note: For some people, their Internet Provider will block DNS’s, thus not allowing you to use the 2 DNS Addresses. If you are one of those people, please use the ALTERNATIVE GUIDE.
  • If you later decide to go online follow this Blocking OFW Updates guide to stop game and firmware updates even if a DNS is not an option for you there are alternatives.

5.05, 6.72, 7.02, 7.50 & 7.55

1. Navigate to Settings > User's Guide/Helpful Info > User Guide. The website loaded should be an exploit host instead of the user guide.
2. Select Karo.
3. Select Goldhen for your firmware version.
   • Goldhen505 for 5.05, Goldhen755 for 7.55, etc.
   • If it is the first time the page is loaded, it will be cached, and will have to be manually reloaded once prompted.
4. Wait for the exploit to trigger. If you see the "GoldHEN loaded" message, you have jailbroken the PS4.
   • If you see "Not enough memory", select OK.
5. Exit the user-guide by holding the back button.
6. For recommendations on what to do next, see Recommended Setup.

Firmware 9.00 (pOObs4)

1. Download Rufus and pOOBs4/exfathax.img exfathax.img on your PC. Plug a USB drive to your PC.
2. In Rufus > Device (select your USB stick) > Boot Section: Disk or ISO image and select exfathax.img > Start. Note that this will erase the USB drive.
3. Back on the PS4, navigate to Settings > User's Guide/Helpful Info > User Guide. The website loaded should be an exploit host instead of the user guide.
4. Select Karo.
5. Select Goldhen900.
   • If it is the first time the page is loaded, it will be cached, and will have to be manually reloaded once prompted.
6. Do not move your mouse cursor and have patience. If you see "Not enough memory", select OK and continue until you see this screen:
   • 
   • When you see this message insert the USB drive formatted with Rufus, wait until "This USB storage device's filesystem is unsupported" appears and disappears, then press OK.
7. If successful, a "Jailbreak Done" prompt should appear, remove the USB drive from the PS4, then press OK.
8. If you see the "GoldHEN loaded" message, you have jailbroken the PS4:
   
9. Exit the user-guide by holding the back button.
10. Remove the usb drive. If you keep it in before the next boot it will cause the exploit to fail.
11. For recommendations on what to do next, see Recommended Setup.

Troubleshooting 5.05-9.00

• An error "Not enough memory" appears.
  • It's a common error. Keep pressing OK until you pass it.
• The PS4 just shutdown/rebooted itself.
  • Another common error. Do not worry, remove the USB drive if on 9.00 and keep trying the same procedure starting with User Guide.
• I rebooted the PS4, and now I can't launch my games/apps.
  • Jailbreaking is not persistent/permanent and as a result you need to re-jailbreak your PS4 every time you reboot/shut down your PS4. As a alternative, you can put your PS4 on rest mode and you don't need to re-jailbreak.
• Will my PS4 die from doing this?
  • No, even forced reboots won't kill your PS4.

Enabling Homebrew 9.00, 9.03, 9.60, 10.00, 10.01, & 11.00 (PPPwn)

Going online later

• While PPPwn does not require an active internet connection to jailbreak the console. When going online precautions must be taken to avoid firmware and game updates.
• If you later decide to go online follow this Blocking OFW Updates guide to stop game and firmware updates even if a DNS is not an option for you there are alternatives.

PPPwn GUI (Windows 10/11)

• Download and Extract the zip file to a folder on your desktop.

• Installing Dependencies for C++ version
  • Download and install Npcap if running on older hardware try 1.79 and below.
• It is reccomended to use the C++ version of PPPwn and skip Python steps.

• Installing Dependencies For Python version
  • Download and install npcap 1.80 if running on older hardware try 1.79 and below.
  • Download and install Python make sure to add it to path and install as admin.
  • Then run the following commands in a CMD window
  • python -m ensurepip --default-pip
  • pip install scapy

• Connect an ethernet cable to the PC and PS4 (directly to each other)

• Setting up the PS4 internet connection
  • On your PS4

1. Go to Settings and then Network
2. Select Set Up Internet connection and choose Use a LAN Cable
3. Choose Custom setup and choose PPPoE for IP Address Settings
4. Put in anything as Username and Password it is recommended for it to be 1 letter that's the same in both fields for better compatibility.
5. Choose Automatic for DNS Settings and MTU Settings
6. Choose Do not use for Proxy Server
7. Go back and be ready to press on Test internet connection

• Putting the goldhen or VTX payload on a usb
  • Format a usb drive to exFAT
  • Find the folder for your firmware and from inside of it copy the goldhen.bin file onto your usb drive for Goldhen
  • Find the folder for your firmware and from inside of it copy the payload.bin file onto your usb drive For VTX
  • Then plug the usb into your PS4

• GUI running C++

1. Open the PPPwnTinker.exe (if you get an error "The procedure entry point PacketGetMonitorMode could not be located in dynamic link library" move the GUI and all it's other files to a folder not under the OneDrive path.)
2. Choose your ethernet interface

• To find it you can look in
  • Settings>Network & Internet>Ethernet on the left menu>Then Click on the connection name scroll down and fine the Description

1. Select the firmware version your PS4 is on
2. PPPwn version C++ is the default option
3. Usually not using the old IPV6 version is recommended but if your console experiences crashes with no progress past Stage 2 write 4141:4141:4141:4141 or 1111:1111:1111:1111 in the custom ipv6 field.
4. You can tweak the Num settings in all 3 fields based on the instructions above. Or leave them blank to use the defaults.
5. You can press the Run PPPwn button and on your PS4 press on Test internet connection. (if it finds an IP that's all good it will not be able to connect to the internet that is normal)
6. The exploit will loop and auto retry allow it to do so until successful.

• • If you get an error that says Packet.dll not found then make sure Npcap is installed and if it is from C:\Windows\System32\Npcap copy the file Packet.dll to the same location as the pppwn.exe C++ implementation for the GUI you are using or the CLI method.

• For recommendations on what to do next, see Recommended Setup

• How to use the new options Corrupt Num, Pin Num and Spray Num

1. Corrupt Num

• Corrupt Num increases the is the amount of overflow packets sent to the PS4. Enter in hex OR decimal. (Default: 0x1 or 1) The recommended HEX values are 0x1 0x2, 0x4, 0x6, 0x8, 0x10, 0x14, 0x20, 0x30, 0x40 but you are free to test and find out what works best for your console.
• Occasionally values too high may cause console crashes work back down to something stable.

1. Pin Num

• No information about it helping but available if you'd like to try. Enter in hex OR decimal. (Default: 0x1000 or 4096)

1. Spray Num

• When spray is higher the scan range is larger. Enter in hex OR decimal. (Default: 0x1000 or 4096)
• The recommended HEX values are 0x1000, 0x1050, 0x1100, 0x1150, 0x1200, 0x1250 but you are free to test and find out what works best for your console.

• GUI running Python

1. Choose your ethernet interface

• To find it you can look in
  • Settings>Network & Internet>Ethernet on the left menu>Then Click on the connection name scroll down and fine the Description

1. Select the firmware version your PS4 is on
2. To select the Python version click on the dropdown menu and choose Python
3. Python does not have the option to use the old IPV6.
4. Python does not have support for tweaking the Num values left blank or with writing in it will not result in errors or additions to the command.
5. You can press the Run PPPwn button and on your PS4 press on Test internet connection (if it finds an IP that's all good it will not be able to connect to the internet that is normal)
6. You will need to manually retry if it fails by pressing the Run PPPwn button.

• For recommendations on what to do next, see Recommended Setup

PPPwn GUI (Linux)

• Linux dependencies.

1. Scapy.

• Downloading the GUI Linux
• Download and Extract the Linux zip file to a folder of your choice.

2. Turn on your PS4 and connect it to your PC via ethernet.

1. In the directory where the files have been extracted open a terminal and run

• sudo chmod 777 *

2. Then double-click on PPPwn Tinker.bin

• Putting the goldhen or VTX payload on a usb
• From inside the Goldhen and VTX folder grab the goldhen.bin or payload.bin corresponding to your firmware version.

1. Format a usb drive to exFAT

• Find the folder for your firmware and from inside of it copy the goldhen.bin file onto your usb drive for Goldhen
• Find the folder for your firmware and from inside of it copy the payload.bin file onto your usb drive For VTX

2. Then plug the usb into your PS4

• Setting up the PS4 internet connection
  • On your PS4

1. Go to Settings and then Network
2. Select Set Up Internet connection and choose Use a LAN Cable
3. Choose Custom setup and choose PPPoE for IP Address Settings
4. Put in anything as Username and Password it is recommended for it to be 1 letter that's the same in both fields for better compatibility.
5. Choose Automatic for DNS Settings and MTU Settings
6. Choose Do not use for Proxy Server
7. Go back and be ready to press on Test internet connection

• Running the jailbreak with C++ Instructions

1. Choose your ethernet interface usually starts with "en" or similar
2. Select the firmware version your PS4 is on
3. Select C++ from Select PPPwn Version
4. Usually not using the old IPV6 version is recommended but if your console experiences crashes with no progress past Stage 2 type 4141:4141:4141:4141 in the custom ipv6 field.
5. You can tweak the Num settings in all 3 fields based on the instructions above. Or leave them blank to use the defaults.
6. You can press the **Run PPPwn** button and on your PS4 press on **Test internet connection** (if it finds an IP that's all good it will not be able to connect to the internet that is normal)
7. A new terminal will open and ask for your password put it in and the jailbreak process will begin.
8. The exploit will loop and auto retry allow it to do so until successful.

• For recommendations on what to do next, see Recommended Setup

• Running the jailbreak with Python Instructions

1. Choose your ethernet interface usually starts with "en" or similar
2. Select the firmware version your PS4 is on
3. To select the Python version click on the dropdown menu and choose **Python**
4. Python does not have the option to change the ipv6.
5. Python does not have support for tweaking the Num values left blank or with writing in it will not result in errors or additions to the command.
6. You can press the **Run PPPwn** button and on your PS4 press on **Test internet connection** (if it finds an IP that's all good it will not be able to connect to the internet that is normal)
7. A new terminal will open and ask for your password put it in and the jailbreak process will begin.

• For recommendations on what to do next, see Recommended Setup

PPPwn GUI (macOS)

• Downloading the GUI macOS
• download the latest macOS version for your architecture Intel or Apple Silicon and extract all the files to your folder of choice.

1. Turn on your PS4 and connect it to your PC via ethernet.
2. After downloading and unpacking the release for your architecture (Intel or Apple silicon)
3. Open a terminal and cd to the location where you extracted the files.
4. Run the following commands.

• chmod +x PPPwnTinker

• chmod +x pppwn

1. Right click on PPPwnTinker and choose open you will be prompted to confirm you want to run it choose *Open*
2. The GUI will open along with a new terminal.

• Putting the goldhen or VTX payload on a usb
• From inside the Goldhen and VTX folder grab the goldhen.bin or payload.bin corresponding to your firmware version.

1. Format a usb drive to exFAT

• Find the folder for your firmware and from inside of it copy the goldhen.bin file onto your usb drive for Goldhen
• Find the folder for your firmware and from inside of it copy the payload.bin file onto your usb drive For VTX

2. Then plug the usb into your PS4

• Setting up the PS4 internet connection
  • On your PS4

1. Go to Settings and then Network
2. Select Set Up Internet connection and choose Use a LAN Cable
3. Choose Custom setup and choose PPPoE for IP Address Settings
4. Put in anything as Username and Password it is recommended for it to be 1 letter that's the same in both fields for better compatibility.
5. Choose Automatic for DNS Settings and MTU Settings
6. Choose Do not use for Proxy Server
7. Go back and be ready to press on Test internet connection

• Running the jailbreak with C++ Instructions

1. Choose your ethernet interface usually starts with "en" or similar
2. Select the firmware version your PS4 is on
3. Select C++ from Select PPPwn Version
4. Usually not using the old IPV6 version is reccomended but if your console experienses crashes with no progress past Stage 2 type 4141:4141:4141:4141 in the custom ipv6 field.
5. You can tweak the Num settings in all 3 fields based on the instructions above. Or leave them blank to use the defaults.
6. You can press the **Run PPPwn** button and on your PS4 press on **Test internet connection** (if it finds an IP that's all good it will not be able to connect to the internet that is normal)
7. A new terminal will open and ask for your password put it in and the jailbreak process will begin.
8. The exploit will loop and auto retry allow it to do so until successful.

• For recommendations on what to do next, see Recommended Setup

PPPwn Raw C++ Rewrite method (Windows 7/10/11)

• It is reccomended to use the C++ version of PPPwn and skip Python steps.

The C++ method is faster on old and new hardware and benefits of an auto retry and integrated interface listing command.

1. Download and install Npcap1.80 (You may need to try older versions of Npcap if you encounter issues) (You need Windows 7 update KB4474419-v3-x64.msu for Npcap to function on Windows 7)
2. Download the x86_64-windows-gnu for Windows 10 and 11 or the x86_64-windows-gnu.win7 for Windows 7 of the C++ rewrite.
3. You will also need stage1 and stage2 files that you can get from this GitHub
4. Place the stage1 folder and stage2 folder for your firmware in the same folder as the unpacked pppwn file.
5. Then download Goldhen and place the goldhen.bin that is inside the 7z file on a USB Drive formatted in EXFAT or FAT32 then connect it to your PS4
6. Connect your PC and PS4 via ethernet so the ethernet adapter becomes active.
7. Open a cmd window and cd to the folder where the pppwn file is and type in the following command:
   • pppwn list
8. if you get an error "The procedure entry point PacketGetMonitorMode could not be located in dynamic link library" move pppwn.exe and all it's other files to a folder not under the OneDrive path.
9. Find your ethernet adapter name on to the right then to the left here will be line of numbers and letters inside of {} >example \Device\NPF_{9F25F85D-3755-46A6-93B3-9173DFCB1632} copy it.
10. Example> \Device\NPF_{9F25F85D-3755-46A6-93B3-9173DFCB1632}
11. You can go to the PS4 and apply the following internet settings.

1. On your PS4
   • Go to Settings and then Network
   • Select Set Up Internet connection and choose Use a LAN Cable
   • Choose Custom setup and choose PPPoE for IP Address Settings
   • Put in g as Username and Password
   • Choose Automatic for DNS Settings and MTU Settings
   • Choose Do not use for Proxy Server
   • Go back and be ready to press on Test internet connection

1. Back in the cmd window you can now run the following command by adding your ethernet adapter name to the example below and changing the firmware version to your own:
   • pppwn --interface \Device\NPF_{9F25F85D-3755-46A6-93B3-9173DFCB1632} --fw 1100 --stage1 "stage1/stage1.bin" --stage2 "stage2/stage2.bin" --timeout 10 --auto-retry
2. Then press Test internet connection on the PS4 (if it finds an IP that's all good it will not be able to connect to the internet that is normal)
3. The exploit will loop and auto retry allow it to do so until successful.

• If your console crashes at stage1 or stage2 of the jailbreak add this to the end of the command
  • --ipv6 fe80::4141:4141:4141:4141 or --ipv6 fe80::1111:1111:1111:1111
  • If you get an error that says Packet.dll not found then make sure Npcap is installed and if it is from C:\Windows\System32\Npcap copy the file Packet.dll to the same location as the pppwn.exe C++ implementation for the GUI you are using or the CLI method.

1. If the the script becomes stuck restart the process.

• For recommendations on what to do next, see Recommended Setup

PPPwn Raw Python method (Windows 10/11)

• It is reccomended to use the C++ version of PPPwn and skip Python steps.

1. Download and install Npcap (You may need to try older versions of Npcap if you encounter issues)
2. Download and install Python and make sure to ADD TO PATH and run as Admin then restart your PC.
3. Open a CMD Window and paste the following commands.
   • python -m ensurepip --default-pip
   • pip install scapy
4. Then download pppwn.py and offsets.py. You will also need stage1 and stage2 files that you can get from this GitHub
5. Place the stage1 folder and stage2 folder for your firmware in the same folder as pppwn.py, offsets.py.
6. Then download Goldhen and place the goldhen.bin that is inside the 7z file on a USB Drive formatted in EXFAT or FAT32 then connect it to your PS4.
7. Connect your PC and PS4 via ethernet so the ethernet adapter becomes active.
8. Open a Windows PowerShell window and run this command.
9. Get-NetAdapter | Select-Object Name, InterfaceDescription, InterfaceGuid
10. Your ethernet adapters will be listed find the one with the corresponding name to your ethernet port(you can check in your connection settings or with ipconfig in a cmd window)
11. To the far right of its name will be a line of numbers and letters inside of {} >example {9F25F85D-3755-46A6-93B3-9173DFCB1632} copy it along with the {}.
12. Add this to it \Device\NPF_
13. Example> \Device\NPF_{9F25F85D-3755-46A6-93B3-9173DFCB1632}
14. You can go to the PS4 and apply the following internet settings:
    • Navigate to Settings > Network > Check Connect to the Internet, then Set Up Internet Connection
    • Select Set Up Internet connection and choose Use a LAN Cable
    • Choose Custom setup and choose PPPoE for IP Address Settings
    • Put in g as Username and Password
    • Choose Automatic for DNS Settings and MTU Settings
    • Choose Do not use for Proxy Server
    • Go back and be ready to press on Test internet connection
15. Go back to a cmd window and cd into the folder from Step 8.
16. In the open cmd window you can now run the following command with your ethernet adapter id from step 9-13 and the firmware version > example bellow.
    • pppwn.py --interface=\Device\NPF_{9F25F85D-3755-46A6-93B3-9173DFCB1632} --fw=1100
17. Then press on Test internet connection on the PS4 (if it finds an IP that's all good it will not be able to connect to the internet that is normal)
18. If Scanning for corrupted object fails press CTRL+C then run the command from step 16 again.

• For recommendations on what to do next, see Recommended Setup

PPPwn Raw C++ Rewrite method (Linux)

• It is reccomended to use the C++ version of PPPwn and skip Python steps.

1. Download the x86_64-linux-musl C++ rewrite (or as needed) and unpack it in a folder and then unpack the tar.gz once more to get the pppwn binary.
2. You will also need stage1 and stage2 files that you can get from this GitHub
3. Place the stage1 folder and stage2 folder for your firmware in the same folder as the unpacked pppwn file.
4. Then download Goldhen and place the goldhen.bin that is inside the 7z file on a USB Drive formatted in EXFAT or FAT32 then connect it to your PS4
5. Connect your PC and PS4 via ethernet so the ethernet adapter becomes active.

1. On your PS4
   • Go to Settings and then Network
   • Select Set Up Internet connection and choose Use a LAN Cable
   • Choose Custom setup and choose PPPoE for IP Address Settings
   • Put in g as Username and Password
   • Choose Automatic for DNS Settings and MTU Settings
   • Choose Do not use for Proxy Server
   • Go back and be ready to press on Test internet connection

1. Open a terminal and cd the location of the files.
2. In the terminal run

• ./pppwn list

1. To see your ethernet adapter usually starts with enp or similar.
2. Run the following command but swap out the interface name and your console's firmare version as needed.

• ./pppwn --interface en0 --fw 1100 --stage1 "stage1/stage1.bin" --stage2 "stage2/stage2.bin" --timeout 10 --auto-retry

1. Then press Test internet connection on your PS4 and the exploit will loop and auto retry allow it to do so until successful. (if it finds an IP that's all good it will not be able to connect to the internet that is normal)

• If your console crashes at stage1 or stage2 of the jailbreak add this to the end of the command
  • --ipv6 fe80::4141:4141:4141:4141 or --ipv6 fe80::1111:1111:1111:1111

• For recommendations on what to do next, see Recommended Setup

PPPwn Raw Python method (Linux)

• It is reccomended to use the C++ version of PPPwn and skip Python steps.
• Linux dependencies.

1. Scapy.

1. Then download pppwn.py and offsets.py. You will also need stage1 and stage2 files that you can get from this GitHub
2. Place the stage1 folder and stage2 folder for your firmware in the same folder as pppwn.py, offsets.py.
3. Then download Goldhen and place the goldhen.bin that is inside the 7z file on a USB Drive formatted in EXFAT or FAT32 then connect it to your PS4.
4. Connect your PC and PS4 via ethernet so the ethernet adapter becomes active.

1. On your PS4
   • Go to Settings and then Network
   • Select Set Up Internet connection and choose Use a LAN Cable
   • Choose Custom setup and choose PPPoE for IP Address Settings
   • Put in g as Username and Password
   • Choose Automatic for DNS Settings and MTU Settings
   • Choose Do not use for Proxy Server
   • Go back and be ready to press on Test internet connection

1. Open a terminal and cd the location of the files.
2. Run the command

• ifconfig

1. And find the name of your ethernet adapter usually starts with enp or similar.
2. Then edit the command below to match your ethernet adapter and ps4 firmware verion.

• sudo python3 pppwn.py --interface=enp0s3 --fw=1100

1. Then run it then press Test internet connection on your PS4 and repeat if scanning for corrupted object fails.

• For recommendations on what to do next, see Recommended Setup

PPPwn Raw C++ Rewrite method (MacOS)

• It is reccomended to use the C++ version of PPPwn.

1. Download the aarch64-macos-none for Apple Silicon chips or the x86_64-macos-none for Intel chips of the C++ rewrite.

1. You will also need stage1 and stage2 files that you can get from this GitHub
2. Place the stage1 folder and stage2 folder for your firmware in the same folder as the unpacked pppwn file.
3. Then download Goldhen and place the goldhen.bin that is inside the 7z file on a USB Drive formatted in EXFAT or FAT32 then connect it to your PS4
4. Connect your PC and PS4 via ethernet so the ethernet adapter becomes active.

1. On your PS4
   • Go to Settings and then Network
   • Select Set Up Internet connection and choose Use a LAN Cable
   • Choose Custom setup and choose PPPoE for IP Address Settings
   • Put in g as Username and Password
   • Choose Automatic for DNS Settings and MTU Settings
   • Choose Do not use for Proxy Server
   • Go back and be ready to press on Test internet connection

1. Cd to the path of where you unpacked all the files.
2. Run the following command.

• chmod +x pppwn

1. Right click on pppwn and choose open you will be prompted to confirm you want to run it choose *Open*
2. A new terminal will open you can close it and go back to the one that you originally opened.
3. Run the command

• ./pppwn list

1. Take note of your ethernet adapter name usually en0 or similar.
2. Run the following command but swap out the interface name and your console's firmare version as needed.

• ./pppwn --interface en0 --fw 1100 --stage1 "stage1/stage1.bin" --stage2 "stage2/stage2.bin" --timeout 10 --auto-retry

3. Then press Test internet connection on your PS4 and the exploit will loop and auto retry allow it to do so until successful. (if it finds an IP that's all good it will not be able to connect to the internet that is normal)

• If your console crashes at stage1 or stage2 of the jailbreak add this to the end of the command
  • --ipv6 fe80::4141:4141:4141:4141 or --ipv6 fe80::1111:1111:1111:1111
• Or see the troubleshooting part of the guide.

• For recommendations on what to do next, see Recommended Setup

Troubleshooting PPPwn 9.00, 9.03, 9.60, 10.00, 10.01, & 11.00

• The PS4 just shutdown/rebooted itself.
  • A common error. Do not worry turn on the console and try again (you may need to press the power button on the console twice)
• I rebooted the PS4, and now I can't launch my games/apps.
  • Jailbreaking is not persistent/permanent and as a result you need to re-jailbreak your PS4 every time you reboot/shut down your PS4. As a alternative, you can put your PS4 on rest mode and you don't need to re-jailbreak.
• Will my PS4 die from doing this?
  • No, even forced reboots won't kill your PS4.

Windows Desktop side troubleshooting.

• • Troubleshooting on windows is not straightforward but you can try the following things.
  • Confirm your ethernet adapter is NOT bridged with anything.
  • Try changing the Npcap version to an older one.
  • If you get an error that says Packet.dll not found then make sure Npcap is installed and if it is from C:\Windows\System32\Npcap copy the file Packet.dll to the same location as the pppwn.exe C++ implementation for the GUI you are using or the CLI method.
  • Confirm your ethernet adapter is functional by going into device manager and looking at "network adapters" if there are any issues try reinstalling your adapter driver.
  • If using Python version make sure Python , Pip and Scapy are installed.
  • Try a different windows device as sometimes no matter what you do issues cannot be resolved without reinstalling windows.
  • If using a USB to Ethernet adapter the adapter may just not be compatible.

PS4 side troubleshooting.

• • Failed to get IP when pressing on "Test Internet Connection" Usually a PC side issue look above for troubleshooting or check your PS4 internet settings by looking below.
• PS4 Connection Troubleshooting
  • Go to Settings and then Network
  • Select Set Up Internet connection and choose Use a LAN Cable
  • Choose Custom setup and choose PPPoE for IP Address Settings
  • Put in anything as Username and Password it is recommended for it to be 1 letter that's the same in both fields for better compatibility.
  • Choose Automatic for DNS Settings and MTU Settings
  • Choose Do not use for Proxy Server
  • Go back and be ready to press on Test internet connection
  • Sometimes if you get no IP or are stuck on "[*] Waiting for PADI..." you need to redo these settings and test again.

Putting the goldhen or VTX payload on a usb

• • Format a usb drive to exFAT
  • Copy the goldhen.bin file into the root of your usb drive for Goldhen
  • Copy the payload.bin file into the root of your usb drive for VTX
  • Then plug the usb into your PS4

Broken loop

• If when the jailbreak is retrying it becomes stuck it can indicate a bad ethernet cable.

Stage0 issues

1. Do not bridge your Ethernet and WiFi adapters and do not share network across them this can lead to deeper issues and althought it may give you an IP address on the PS4 it will not give you progress past "[*] Waiting for PADI...".

• Stuck on "[*] Waiting for PADI..." Make sure you are calling the correct ethernet interface.

• Stuck on "[*] Waiting for PADI..." Make sure the PS4 and PC(or other device) are connected via ethernet.

• Stuck on "[*] Waiting for PADI..." And the PS4 cannot obtain an IP address check the ethernet port on your PS4 and Laptop or PC running the exploit.

• Stuck on "[*] Waiting for PADI..." And the PS4 cannot obtain an IP address replace the ethernet cable.

• Stuck on "[*] Waiting for PADI..." Make sure the PS4 internet settings are correctly set up and go to Settings>Network and press on "Test Internet Connection"

• Stuck on "[*] Waiting for PADR..." If using a usb to ethernet adapter it may not be compatible or simply try restarting the exploit process.

• Stuck on "[*] Waiting for PADR..." Reinstall ethernet driver.

• If you get an error "The procedure entry point PacketGetMonitorMode could not be located in dynamic link library" move pppwn.exe or the GUI and all it's other files to a folder not under the OneDrive path.

• If you get Libcap or similar errors it may be a driver issue find the driver for your laptop or desktop motherboard Ethernet controller delete the current one and install the one you got.

• If you do not get Libcap errors but are still stuck here it may be a driver issue find the driver for your laptop's or desktop motherboard's Ethernet controller delete the current one and install the one you got.

• Stuck on any of the below simply try restarting the exploit process.
  • [+] pppoe_softc: 0xffffabd634beba00
  • [+] Target MAC: xx:xx:xx:xx:xx:xx
  • [+] Source MAC: 07:ba:be:34:d6:ab
  • [+] AC cookie length: 0x4e0
  • [] Sending PADO...
  • [] Sending PADS...
  • [] Waiting for LCP configure request...
  • [] Sending LCP configure ACK...
  • [] Sending LCP configure request...
  • [] Waiting for LCP configure ACK...
  • [] Waiting for IPCP configure request...
  • [] Sending IPCP configure NAK...
  • [] Waiting for IPCP configure request...
  • [] Sending IPCP configure ACK...
  • [] Sending IPCP configure request...
  • [] Waiting for IPCP configure ACK...
  • [*] Waiting for interface to be ready...
  • [+] Target IPv6: fe80::2d9:d1ff:febc:83e4
  • [+] Heap grooming... done or xx%
• simply try restarting the exploit process.

Stage1 issues

• Any issues here usually result in a kernel panic=console shutting down.

• Console shutdown at "[*] Waiting for IPCP configure ACK..." happens occasionally on its own but if it persists try changing to a different IPV6 for the exploit settings usually marked by "old" or "Stable". Or for the GUI in this guide type in 4141:4141:4141:4141 or 1111:1111:1111:1111 in the custom ipv6 field

• Console persistently shutting down at "[*] Waiting for IPCP configure ACK..." or "[+] Scanning for corrupted object..." try changing the Npcap version to an older one if on Windows.

• If on a Mac try a windows device......

• If stuck here no matter what try using the Python implementation of this jailbreak or a different device.

• If you get Libcap or similar errors it may be a driver issue find the driver for your laptop's or desktop motherboard's Ethernet controller delete the current one and install the one you got.

• If you do not get Libcap errors but are still stuck here it may be a driver issue find the driver for your laptop's or desktop motherboard's Ethernet controller delete the current one and install the one you got.

Stage2 issues

• If persistently stuck on the below
  • [+] STAGE 2: KASLR defeat
  • [*] Defeating KASLR...
  • [+] pppoe_softc_list: 0xffffffff884de578
  • [+] kaslr_offset: 0x3ffc000

• Any issues here usually result in a kernel panic=console shutting down.

• Troubleshooting from Stage1 also applies here.

• Console shutdown happens occasionally on its own but if it persists try changing to a different IPV6 for the exploit settings usually marked by "old" or "Stable". Or for the GUI in this guide type in 4141:4141:4141:4141 or 1111:1111:1111:1111 in the custom ipv6 field

• If on a Mac try a windows device...... or if already on windows try changing the Npcap version to an older one.

• If stuck here no matter what try using the Python implementation of this jailbreak or a different device.

• If you get Libcap or similar errors it may be a driver issue find the driver for your laptop's or desktop motherboard's Ethernet controller delete the current one and install the one you got.

• If you do not get Libcap errors but are still stuck here it may be a driver issue find the driver for your laptop's or desktop motherboard's Ethernet controller delete the current one and install the one you got.

Stage3 issues

• Any issues here usually result in a kernel panic=console shutting down.
  • [+] STAGE 3: Remote code execution
  • [] Sending LCP terminate request...
  • [] Waiting for PADI...
  • [+] pppoe_softc: 0xffffabd634beba00
  • [+] Target MAC: xx:xx:xx:xx:xx:xx
  • [+] Source MAC: 97:df:ea:86:ff:ff
  • [+] AC cookie length: 0x511
  • [] Sending PADO...
  • [] Waiting for PADR...
  • [] Sending PADS...
  • [] Triggering code execution...
  • [] Waiting for stage1 to resume...
  • [] Sending PADT...
  • [] Waiting for PADI...
  • [+] pppoe_softc: 0xffffabd634be9200
  • [+] Target MAC: xx:xx:xx:xx:xx:xx
  • [+] AC cookie length: 0x0
  • [] Sending PADO...
  • [] Waiting for PADR...
  • [] Sending PADS...
  • [] Waiting for LCP configure request..
  • [] Sending LCP configure ACK...
  • [] Sending LCP configure request...
  • [] Waiting for LCP configure ACK...
  • [] Waiting for IPCP configure request...
  • [] Sending IPCP configure NAK...
  • [] Waiting for IPCP configure request...
  • [] Sending IPCP configure ACK...
  • [] Sending IPCP configure request...
  • [] Waiting for IPCP configure ACK...
• Console shutdown happens occasionally on its own but if it persists try changing to a different IPV6 for the exploit settings usually marked by "old", "Stable", "new" or "beta".
• If issues persist recheck all your files and etc.
• The script will also tell you if you have chosen incorrect firmware files and it usually results in a kernel panic on the PS4.

Stage4 issues

• If you get
  • [+] STAGE 4: Arbitrary payload execution
  • [*] Sending stage2 payload...
  • [+] Done!
• If you get Libcap or similar errors it may be a driver issue find the driver for your laptop or desktop motherboard Ethernet controller delete the current one and install the one you got.

• If you do not get Libcap errors but are still stuck here it may be a driver issue find the driver for your laptop's or desktop motherboard's Ethernet controller delete the current one and install the one you got.

• But only get the "PPPwned" message then there is an issue with the payload on the USB or HDD.

• Reformat the USB to EXFAT and put "goldhen.bin" or "payload.bin" Goldhen or VTX Hen respectively.

• If you get: Error sending packet: send error: PacketSendPacket failed: A device attached to the system does not work properly. (31)[ERROR: or if after **[+] Done! the jailbreak is not loading Then Kaspersky or another Antivirus is blocking the jailbreak uninstall it disabling it will not help.

• If no matter what you do the bin file does not load either factory reset the console or replace the HDD or try from a different device.

• Additionally you may get some random errors here and there they are usually because of incorrect interface, incorrect files (result in kernel panic), incorrect firmware selection or occasionally incomplete dependencies.

• The script will also tell you if you have chosen incorrect firmware files and it usually results in a kernel panic on the PS4.

Misc issues Stage0: to Stage4:

• You may get some random errors here and there they are usually because of incorrect interface, incorrect files (results in kernel panic), incorrect firmware selection or occasionally incomplete dependencies.

• Very rarely the ethernet cable can cause issues too.

• If you get Libcap or similar errors it may be a driver issue find the driver for your laptop or desktop motherboard Ethernet controller delete the current one and install the one you got.