Jailbreak PS4 with a rooted Android device using DroidPPPwn by deviato – Detailed tutorial

A detailed tutorial on jailbreaking PS4 using an Android app - DroidPPPwn, Ethernet cable and adaptors with support for GoldHEN, Linux payloads, and more.

Only yesterday, I posted detailed tutorials on jailbreaking PS4 on 11.0 with GoldHEN and running Linux on PS4 on 11.0. With theflow0 revealing PPPwn vulnerability to the world using official channels, the community is on fire! Every other day, there is something interesting happening. Today, I am gonna introduce you to a way to jailbreak PS4 on 11.0 with a rooted Android device.

Many of you might find running the PPPwn exploit much harder, just because of the fact that, the exploit requires you to connect via Ethernet to a PC every time. This is especially true when trying to load Linux using the PPPwn exploit. This could all be temporary given GoldHEN’s BIN loader is being worked on, as we speak. For the time being though, I believe DroidPPPwn is the easiest way to jailbreak your PS4 on 11.0. All thanks to the dev, deviato who has brought this app to the community.

The best part about this is that, you don’t necessarily need an Android phone. Any rooted Android device with an Ethernet port, like an Android TV Boxes, or even an Android TV could technically be used to run this.

For those who want to know more about the PPPwn exploit’s basics, go here. Others interested in jailbreaking PS4s with an Adnroid device, keep reading.

UPDATE 1 (19 Jun, 2024) – Version 1.2.3 includes PPPwn fix for all PS4 models and Linux payload.

How to jailbreak 11.0 PS4 with a rooted Android device: DroidPPPwn Tutorial

Let’s check out the requirements first

Requirements

  • Rooted Android Device (Phone, Box, TV, etc.) with OTG support/embedded Ethernet port on Android 4.4+ (KitKat)
    • Note – Instructions for rooting is device-specific. Use Google.
  • USB OTG Adaptor (if using a phone)
    • Micro USB OTG Adaptor (Buy now – IN/INTL)
    • Type-C USB OTG Adaptor (Buy now – IN/INTL)
  • USB Ethernet Adaptor (Buy now – IN/INTL)
    • Note – If you are buying this Adaptor for the sole purpose of running PPPwn exploit, buy a cheap adaptor. Else, if you plan to use it with Linux, for example, buy a good one, maybe a USB 3.0 one. You can add Linux drivers for Ethernet adaptors to the kernel.
  • Ethernet cable (Buy now – IN/INTL)
    • Note – A short cable should be fine. But, this will depend on your setup.
  • DroidPPPwn Application (Download here)
  • GoldHEN (Download latest version here)

Once you have all those ready, you can prepare the device for jailbreaking. By the way, here are instructions to update PS4 to 11.0.

Step 1. Prepare rooted Android device for DroidPPPwn jailbreak

  1. Extract the downloaded package and move the .apk file to your Android device.
  2. Install the .apk file and open it. Provide superuser/root access if/when prompted.
  3. Select Firmware version, which in our case, is 11.0.
  4. Connect the USB OTG Adaptor first and then connect the USB Ethernet Adaptor to the OTG.
  5. Connect one end of the Ethernet cable to the USB Ethernet Adaptor on the Android device and the other to the PS4.

Step 2. Prepare 11.0 PS4 for DroidPPPwn jailbreak

  1. On PS4, go to Settings, then Network and enable the option – Connect to the Internet.
  2. Choose Set Up Internet Connection and then Use a LAN Cable.
  3. Choose Custom and then PPPoE. Enter any random alphanumeric string for the User ID and Password. Choose Next.
  4. Leave the rest of the settings on Automatic and choose Do Not Use on Proxy Server.
  5. Once it says, Internet settings updated, press on circle on the DS4 to go back. Do not choose Test Internet Connection yet.

Step 3. Prepare USB drive for DroidPPPwn jailbreak

  1. Extract the downloaded GoldHEN package on your PC.
  2. Format the USB drive to exFAT (Follow sub-steps 1-3 here for formatting).
  3. Copy the extracted goldhen.bin file onto your USB drive.
  4. Plug the USB drive onto the PS4.

Step 4. Jailbreak PS4 11.0 using DroidPPPwn and GoldHEN

  1. On DroidPPPwn on Android, toggle the Start button.
  2. On your PS4, assuming you are still under Network settings, choose Test Internet Connection.
  3. If successful, Obtain IP Address on PS4 should say successful, followed by two notifications, the first one saying, “PPPwned” and the next one informing you that GoldHEN loaded.
  4. That’s it! You have successfully jailbroken your PS4 on 11.0.

DroidPPPwn – Additional tutorials

Load custom payloads using DroidPPPwn

Let’s say you want to load the Linux payload. How can you do that with DroidPPPwn? Lets quickly see that.

  1. Plug the USB drive onto your PC.
  2. Copy your Linux payload, for example to the USB drive and rename it to payload.bin. To avoid confusion or crashes, try removing any other existing payloads, for example, goldhen.bin from the root of the USB drive.
  3. Follow Step 4 above.

Load custom Stage 2 loader with DroidPPPwn

DridPPPwn by default comes with the Stage 2 loader (stage2.bin) from SiSTR0’s official repo. But, for some reason, if you wish to use your own loader, follow these instructions.

  1. Rename Stage 2 loader to stage2.bin.
  2. Copy the loader to the Android device’s external storage’s root folder. If you have enabled ADB, you can just use this command – adb push stage2.bin /sdcard/ as recommended by deviato himself.

Troubleshooting DroidPPPwn

  1. Upon exploit failure, toggle Start again on the app.
  2. Re-toggle Start.

This might make a few tries.

Conclusion

At the time of writing this article, we have more exciting news incoming. Well-known developers, AbkarinoMHM and egycnq are working on a cheap permanent solution for running PPPwn exploit on PS4s. I will keep you updated on more. Stay tuned!

Be the first to comment

Leave a Reply

Your email address will not be published.


*