An homebrew is any piece of code that has not been directly done by Sony. For example, PS4Xplorer is a fan made file manager in form of a application.

A HEN, abbreviation of Homebrew ENabler, is a software or hardware method that unlocks the ability to execute homebrews. On PS4, HEN are mainly some kernel payloads that must be run once on each console boot, and executed through a kernel exploit. It works differently to the custom firmware experience on PlayStation 3, where CFW would be installed on the system via modified PUP files (e.g. Rebug CFW PUP). However once the framework is installed and ran, it gives users the same functionality they were previously used to.

List of PS4 homebrew enablers[edit | edit source]

The choice of the HEN to use for a PS4 console relies on which System Software version is installed and on which exploit chain is used to launch the HEN.

For non-developers, PS4HEN is the default choice whilst for developers it might be MiraCFW. GoldHEN is a closed source alternative to PS4HEN that might have more features (to be documented).

PS4HEN[edit | edit source]

PS4HEN is the first modern HEN released for PS4, based on flatz's writeups on how to enable PS4 fPKG installation and loading.

Source code[edit | edit source]

The source code of the latest version (v2.1.5) of PS4HEN is available on EchoStretch's github repository (2024-08-22).

Older versions are available at:

• PS4HEN v2.1.3 for 6.71-6.72 by vortex and Sistro (2020-08-08)
• PS4HEN v2.1.3 for 4.05/4.55/5.05 by vortex and Sistro (2020-03-13)
• PS4HEN by wildcard (2018-10-24)
• PS4HEN without fPKG support by idc (2018-01-01)

Supported versions[edit | edit source]

PS4HEN v2.1.3 by vortex and Sistro supports:

4.05, 4.55, 5.05, 6.71, 6.72.

PS4HEN v2.1.5 by EchoStretch supports every PS4 versions from 7.00 to 11.00:

7.00, 7.02, 7.50, 7.51, 7.55, 8.00, 8.01, 8.03, 8.50, 8.52, 9.00, 9.03, 9.04, 9.50, 9.51, 9.60, 10.00, 10.01, 10.50, 10.70, 10.71, 11.00.

Features[edit | edit source]

• • Large support: PS4 versions from 7.00 to 11.00
  • Homebrew Enabler (HEN)
  • Process sandbox escape
  • Debug Settings
  • External HDD Support
  • VR Support
  • Remote Package Install
  • Rest Mode Support
  • External HDD Format Support
  • Bypass Firmware Checks
  • Debug Trophies Support
  • sys_dynlib_dlsym Patch
  • UART Enabler
  • Never Disable Screenshot
  • Remote Play Enabler
  • FW Update Block

<= 1.76[edit | edit source]

2.00-3.70[edit | edit source]

There is currently no supported HEN for 2.00-3.70 PS4 because of the initial lack of usermode or kernel exploits supporting these versions.

A possibility would be to directly backport the pppwn exploit (from 9.00), or to chain the BD-JB usermode exploit (from 9.00) with the exFAThax kernel exploit (from 9.00).

4.00-4.01[edit | edit source]

To be backported from 4.05.

4.05[edit | edit source]

Supported in vortex's repository.

4.06-4.07[edit | edit source]

To be ported from 4.05.

4.50-4.55[edit | edit source]

Supported in vortex's repository.

4.70-4.74[edit | edit source]

Used to be ported from 5.05 by CelesteBlue on zecoxao's repository which was removed.

5.00-5.03[edit | edit source]

To be backported from 5.05.

5.05-5.07[edit | edit source]

Supported in vortex's repository.

6.00-6.71[edit | edit source]

To be backported from 6.72.

6.72[edit | edit source]

Supported in Sistro's repository.

7.00-11.00[edit | edit source]

Supported in EchoStretch's repository.

Mira HEN / CFW[edit | edit source]

The Mira Project is a set of tools that grants you more power and control over your jailbroken PlayStation 4. It is the result of all the hard work by the OpenOrbis team.

Source code[edit | edit source]

• Mira HEN for PS4 9.00 maintained by AlAzif (2022-05-14)
• Mira HEN for PS4 7.55 maintained by kiwidog (2021-12-29)
• Mira HEN for PS4 7.00-7.02 maintained by AlAzif (2020-12-26)
• Mira HEN beta version for PS4 4.05-6.72 maintained by kiwidog (2022-01-05)
• Mira HEN stable version for PS4 4.05-6.72 maintained by kiwidog (2020-08-09)

Supported versions[edit | edit source]

4.05 (WiP), 4.55 (WiP), 4.74, 5.01, 5.03, 5.05, 6.20 (WiP), 6.72

Features[edit | edit source]

• • Homebrew Enabler (HEN)
  • Emulated Registry (EmuReg)
  • Emulated NVS (EmuNVS)
  • Kernel Debugger
  • Remote GDB
  • System-level FUSE implementation (Experimental, WIP)
  • Load SPRX modules + IAT + Function Hooking

• Additional features include:
  • Mount and decrypt local gamesaves (WIP)
  • Transfer files to and from the HDD
  • Implement your own kernel plugins (RPC using protobuf)
  • Implement your own usermode trainers (hooks included)
  • Dump per-console HDD encryption keys

GoldHEN[edit | edit source]

GoldHEN is a closed source derivative of PS4HEN based on vortex's which adds more features.

Source code[edit | edit source]

GoldHEN is closed source.

Supported versions[edit | edit source]

5.05, 6.71, 6.72, 9.00, 9.60, 10.00, 10.01, 11.00

Features[edit | edit source]

• • Homebrew Enabler (HEN)
  • Debug Settings
  • VR Support
  • Remote Package Install
  • Rest Mode Support
  • External HDD Support
  • Official External HDD Format Support
  • Debug Trophies Support
  • sys_dynlib_dlsym Patch
  • UART Enabler
  • Never Disable Screenshot
  • Remote Play Enabler
  • FW Update Block
  • FTP Server on 2121 port
  • BinLoader Server on 9090 port
  • Klog Server on 3232 port
  • CE-30391-6 Error CMOS Fix
  • Integrated Cheat Menu
  • Integrated FPS Counter
  • Plugins support
  • TitleId label feature
  • Scanlines overlay
  • Internal pkg installation support (/data/pkg)

Warnings[edit | edit source]

• The BinLoader server is in an experimental phase but in any case there are several payloads around, some even not very well done, which can also be harmful and in the best case only crash the console. So use it with caution. Developers have tried to work out to support all payloads possible but no guarantees can be given on this. Obviously, the developers do not take any responsibility in case of use of payloads not made by reputable sources.
• The Cheat Menu is experimental so use with caution. Please report cheat related issues to the cheat author(s).

Credits[edit | edit source]

This sections aims to thank every contributor that made HEN on PS4.

Exploits makers[edit | edit source]

Without usermode and/or kernel exploits, HEN on PS4 would not have been possible apart from running only on activated PS4 TestKit and DevKit machines. So any contributor to PS4 Vulnerabilities discovery and implementation can be thanked.

Features maker[edit | edit source]

This section is a WiP.

Credits are here classified by features unlocked by HEN.

• payload SDK: CTurt, vortex, AlAzif, ...
• fPKG installation and HEN: hitodama, psxdev, flatz, idc, wildcard, zecoxao, maxton, CrazyVoid, kiwidog, TheoryWrong, balika011, Zer0xFF, ...
• Debug Settings: z80, zecoxao, ...
• FW Update Block: Silica (from PS Vita scene) and CelesteBlue
• Never Disable Screenshot: Biorn1950
• FTP Server: xerpi, Hippie68, ...
• Settings menu hooks: LightningMods, Sistro
• Plugins, daemons and modules linking: valentinbreiz, LightningMods, Sistro, kiwidog, golden, Seremo
• CE-30391-6 Error CMOS Fix: ?Sistr0?
• Internal PKG installation support (/data/pkg): OSM
• debugging tools, RPC, ptrace, GDB: jogolden/xemio, OSM for Orbis Toolbox, ChendoChap, 2much4u, m0rph3us1987, ChendoChap, sleirsgoevy
• RE tools: aerosoul, AlexAltea, SocraticBliss, Astrelsky, kozarovv
• Game patches: Illusion
• Cheat manager: Sistro, bucanero, ctn123 (see [1]), zy1911, hurrican6, Shinigami, PS4 game cheat developers who shared their trainers
• Keys dump (EAP HDD, etc.): flatz
• Offsets porting: flatz, zecoxao, AlAzif, samsepi0l/ethylamine, kozarovv, Joonie, z80, CelesteBlue, EchoStretch, BestPig and many more
• Unclassified yet: sugarleaf, eeply, lordfriky
• Maybe related: mistawes, apache, hydrogen

Maintainers[edit | edit source]

Maintaining a HEN consists in adding support to more and more System Software versions, fixing reported HEN bugs, adapting HEN to new exploit chains and ensuring homebrews compatibility.

By reverse chronological order:

• EchoStretch
• Joonie
• AlAzif
• Sistr0
• vortex
• wildcard
• idc
• hitodama

Testers[edit | edit source]

This section is a WiP.

SCORPION (https://twitter.com/SCORPION1399)
KiiWii (https://twitter.com/defaultdnb)
Leeful74 (https://twitter.com/leeful74)
Big_Wadger
EchoStretch
Opoisso893 (https://twitter.com/opoisso893)
mbcrumb
MODDED WARFARE
vapour
z80

HEN Features[edit | edit source]

This section describes the most common features of PS4 Homebrew enablers.

Homebrew Enabler (HEN)[edit | edit source]

• allows retail/unactivated Kit PS4 to run fSELF
• llows retail/unactivated Kit PS4 to install fPKG

Process sandbox escape[edit | edit source]

• fSELF has system permissions, for example RW access to all filesystem partitions

Bypass Firmware Checks[edit | edit source]

The PS4 System Software is full of version checks, and it should be noted that a best practice is to disable version checks than to spoof a specific version.

Newer SDK fPKG installation Allowed[edit | edit source]

fPKGs built with a more recent SDK cannot be installed on a PS4 running an older System Software version.

This feature disables some version checks.

PS VR Support[edit | edit source]

To enable PS VR on out-of-date PS4, version checks must be disabled.

• Good method that disables SceSblSysVer check: https://github.com/EchoStretch/ps4-hen-vtx/blob/1e78e06cce1a58718eafc978609272203fd9a937/kpayload/source/patch.c#L278

Remote Play Enabler[edit | edit source]

To enable Remote Play, it is required to disable version checks and internet connection check.

• https://github.com/EchoStretch/ps4-hen-vtx/blob/1e78e06cce1a58718eafc978609272203fd9a937/kpayload/source/patch.c#L389

Debug Settings[edit | edit source]

• https://github.com/EchoStretch/ps4-hen-vtx/blob/1e78e06cce1a58718eafc978609272203fd9a937/kpayload/source/patch.c#L374

Official External HDD Support[edit | edit source]

Make PKG Installer work with official external HDD.

• https://github.com/xvortex/ps4-hen-vtx/commit/665793735c9b320ef6f3e3b5072e7c1c61a0b243

Official External HDD New Format Version Support[edit | edit source]

Make external HDD that was connected to a PS4 running a System Software version >= 6.00 work on a PS4 running a lower version like 5.xx.

Remote Package Install[edit | edit source]

Rest Mode Support[edit | edit source]

This is not really a feature but a lack of bug.

Debug Trophies Support[edit | edit source]

Enable Debug trophies on non Kit/QA PS4 consoles.

• https://github.com/EchoStretch/ps4-hen-vtx/blob/1e78e06cce1a58718eafc978609272203fd9a937/kpayload/source/patch.c#L266

sys_dynlib_dlsym Patch[edit | edit source]

The sys_dynlib_dlsym should be already included in any kernel exploit, not in a HEN.

UART Enabler[edit | edit source]

Never Disable Screenshot[edit | edit source]

Circumvents the "HDMI CEC" protection that disables the PS4 screenshot feature during some movie scenes.

• https://github.com/EchoStretch/ps4-hen-vtx/blob/1e78e06cce1a58718eafc978609272203fd9a937/kpayload/source/patch.c#L272

FW Update Block[edit | edit source]

Prevents the automatic or accidental download of newer System Software update package (PUP file) to avoid definitely losing HEN after reboot.

• Method 1 by Silica and CelesteBlue: https://github.com/EchoStretch/ps4-hen-vtx/blob/1e78e06cce1a58718eafc978609272203fd9a937/installer/source/main.c#L241
• Method 2 (probably better) by jogolden: https://github.com/jocover/ps4-hen-vtx/blob/1e44ea9af2ecaa951601c8dae4c723b7586b2589/installer/source/main.c#L103