Unable to load exploit

[lordlad]

i installed it and run the script on my windows PC and tried it on my PS4 v9.0 browser and it just load indefinitely with no prompt.

Tried using a totally blank linux vm right out of the box, installed python 3.10 and flask, then ran this.

Same thing happened. It just load indefinitely on my PS4 browser, the logs on my linux machine.

Logs on Windows: https://i.imgur.com/fWABeyM.png

Logs on linux: https://i.imgur.com/LFJrWV6.png

I tried like 10+ times and it is not doing anything. My PS4 browser just loads without any prompt (waited for more than 30mins each time, tried more than 10x).

Take note my PS4 Pro is on v9.0 and i can use other internet sites like Kameleon’s host, gamerhack, Al-Azif's host to do the exploit and load goldhen no problem at 1st try. But somehow, i just can't use my own host to load it at all.

Is there anything on the local network side that i need to check? I've even disable all local network firewall on my side and it's still the same.

I'm at my wit's end, man.

[mc-17]

Interesting - does v1.0.0 work for you?

[lordlad]

Interesting - does v1.0.0 work for you?

for v1.0.0, it did manage to pop up the notification to insert the USB, which i did then insert my usb thumbdrive and it then stuck at the 'Awaiting Payload' page.

Logs shows a 'connection refused': https://i.imgur.com/htAPP0r.png

For v1.1.0, exactly the same as v1.1.1.

Thanks.

[saildot4k]

As an FYI, on my PS4Pro, the hosted exploit page also loads indefinitely, but I never got a prompt to insert USB.

[mc-17]

Hmm... could you copy your user agent of the Pro (can find it here https://www.whatismybrowser.com/detect/what-is-my-user-agent )

I have a hunch

[saildot4k]

Via my PS4Pro Web Browser:
Mozilla/5.0 (Playstation; Playstation 4/9.00).
AppleWebkit/605.1.15 (KHTML, like Gecko) Version/14.0 Safari/605.1.15

[mc-17]

I think the user agent caused it to break as the "s" In "Station" is lowercase, I've committed a fix now (4b65b3f) to detect either. Can you see if that works? I've also fixed an issue with the payload (#7) that would've broken things.

Clone the main branch

[lordlad]

I think the user agent caused it to break as the "s" In "Station" is lowercase, I've committed a fix now (4b65b3f) to detect either. Can you see if that works? I've also fixed an issue with the payload (#7) that would've broken things.

Clone the main branch

tried with v1.1.2.

Notification did popped up but it got stuck on the 'Awaiting Payload' page after inserting USB and dismissing the message.

The jailbreak seems to work but Goldenhen never got loaded. Repeated the process twice.

Message log as below:

root@lordlad-virtual-machine:/home/lordlad/Downloads/pspack-flask-release-1.1.2# python3 app.py

• Serving Flask app 'app' (lazy loading)
• Environment: production
  WARNING: This is a development server. Do not use it in a production deployment.
  Use a production WSGI server instead.
• Debug mode: off
• Running on all addresses.
  WARNING: This is a development server. Do not use it in a production deployment.
• Running on http://192.168.50.246:1337/ (Press CTRL+C to quit)
  192.168.50.7 - - [08/Jan/2022 17:47:29] "GET / HTTP/1.1" 200 -
  192.168.50.7 - - [08/Jan/2022 17:47:29] "GET /static/logging.js HTTP/1.1" 200 -
  192.168.50.7 - - [08/Jan/2022 17:47:29] "GET /static/int64.js HTTP/1.1" 200 -
  192.168.50.7 - - [08/Jan/2022 17:47:29] "GET /static/9.0.0/kexploit.js HTTP/1.1" 200 -
  192.168.50.7 - - [08/Jan/2022 17:47:29] "GET /static/9.0.0/webkit.js HTTP/1.1" 200 -
  192.168.50.7 - - [08/Jan/2022 17:47:29] "GET /static/syscalls.js HTTP/1.1" 200 -
  192.168.50.7 - - [08/Jan/2022 17:47:29] "GET /static/9.0.0/rop.js HTTP/1.1" 200 -
  Sending golden hen to 192.168.50.7
  [2022-01-08 17:48:06,137] ERROR in app: Exception on /log/done [GET]
  Traceback (most recent call last):
  File "/usr/local/lib/python3.10/site-packages/flask/app.py", line 2073, in wsgi_app
  response = self.full_dispatch_request()
  File "/usr/local/lib/python3.10/site-packages/flask/app.py", line 1518, in full_dispatch_request
  rv = self.handle_user_exception(e)
  File "/usr/local/lib/python3.10/site-packages/flask/app.py", line 1516, in full_dispatch_request
  rv = self.dispatch_request()
  File "/usr/local/lib/python3.10/site-packages/flask/app.py", line 1502, in dispatch_request
  return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
  File "/home/lordlad/Downloads/pspack-flask-release-1.1.2/app.py", line 29, in log
  send(request.remote_addr, 9020, "payload/goldhen_2.0b2_900.bin")
  File "/home/lordlad/Downloads/pspack-flask-release-1.1.2/sender.py", line 7, in send
  client_socket.connect((ip, port))
  ConnectionRefusedError: [Errno 111] Connection refused
  192.168.50.7 - - [08/Jan/2022 17:48:06] "GET /log/done HTTP/1.1" 500 -

[skleffmann]

Same here on a PS4 Pro, running your package in a docker, notification did pop up but it got stuck on the 'Awaiting Payload'.

• Serving Flask app 'app' (lazy loading)
• Environment: production
  WARNING: This is a development server. Do not use it in a production deployment.
  Use a production WSGI server instead.
• Debug mode: off
• Running on all addresses.
  WARNING: This is a development server. Do not use it in a production deployment.
• Running on http://172.17.0.3:1337/ (Press CTRL+C to quit)
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET / HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/logging.js HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/int64.js HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/9.0.0/rop.js HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/9.0.0/webkit.js HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/syscalls.js HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/9.0.0/kexploit.js HTTP/1.1" 200 -
  [2022-01-08 12:33:49,454] ERROR in app: Exception on /log/done [GET]
  Traceback (most recent call last):
  File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 2073, in wsgi_app
  response = self.full_dispatch_request()
  File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1518, in full_dispatch_request
  rv = self.handle_user_exception(e)
  File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1516, in full_dispatch_request
  rv = self.dispatch_request()
  File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1502, in dispatch_request
  return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
  File "/opt/app.py", line 37, in log
  send(request.remote_addr, 9020, "payload/goldhen_2.0b2_900.bin")
  File "/opt/sender.py", line 7, in send
  client_socket.connect((ip, port))
  ConnectionRefusedError: [Errno 111] Connection refused
  192.168.115.33 - - [08/Jan/2022 12:33:49] "GET /log/done HTTP/1.1" 500 -

[saeedmou]

Before sending payload in app.py:37 add 1 second sleep, this will solve this
"ConnectionRefusedError: [Errno 111] Connection refused"
error.

Same here on a PS4 Pro, running your package in a docker, notification did pop up but it got stuck on the 'Awaiting Payload'.

• Serving Flask app 'app' (lazy loading)
• Environment: production
  WARNING: This is a development server. Do not use it in a production deployment.
  Use a production WSGI server instead.
• Debug mode: off
• Running on all addresses.
  WARNING: This is a development server. Do not use it in a production deployment.
• Running on http://172.17.0.3:1337/ (Press CTRL+C to quit)
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET / HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/logging.js HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/int64.js HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/9.0.0/rop.js HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/9.0.0/webkit.js HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/syscalls.js HTTP/1.1" 200 -
  192.168.115.33 - - [08/Jan/2022 12:33:06] "GET /static/9.0.0/kexploit.js HTTP/1.1" 200 -
  [2022-01-08 12:33:49,454] ERROR in app: Exception on /log/done [GET]
  Traceback (most recent call last):
  File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 2073, in wsgi_app
  response = self.full_dispatch_request()
  File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1518, in full_dispatch_request
  rv = self.handle_user_exception(e)
  File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1516, in full_dispatch_request
  rv = self.dispatch_request()
  File "/usr/local/lib/python3.9/site-packages/flask/app.py", line 1502, in dispatch_request
  return self.ensure_sync(self.view_functions[rule.endpoint])(**req.view_args)
  File "/opt/app.py", line 37, in log
  send(request.remote_addr, 9020, "payload/goldhen_2.0b2_900.bin")
  File "/opt/sender.py", line 7, in send
  client_socket.connect((ip, port))
  ConnectionRefusedError: [Errno 111] Connection refused
  192.168.115.33 - - [08/Jan/2022 12:33:49] "GET /log/done HTTP/1.1" 500 -

[mc-17]

Ahah, right, I’ll commit a fix later - on my machine I had written a change to try three times with a 1s sleep, so maybe I’ll push that.

[mc-17]

I've pushed an update now, can you give it a go? Thanks

Clone from main

[saildot4k]

Works as advertised!
Possible later to add a few more .bins to autoload a few more IE I always want updates disabled, OrbisToolbox and WebRTE.

Thanks again!

[lordlad]

Thanks @mc-17 it works now, goldhen now loads.

[spartan15]

Hi! I have precisely the same issue. Are you still working on the project?