yuxing/etaHEN
1
0
Fork 0
mirror of https://github.com/etaHEN/etaHEN.git synced 2026-01-12 19:25:33 +08:00
Code Issues Packages Projects Releases Wiki Activity
40 Commits 1 Branch 20 Tags
2.2
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
LightningMods a66823580b etaHEN update 2.2B 
## New additions
- ALL PS4 cheats should now work now that ASLR is disabled
- Renamed Debug Settings to the etaHEN Toolbox in the settings menu and changed the icon
- Added a PS5 Game menu (named after webMAN) to the toolbox for those that dont want to use itemzflow
- Added a controller shortcuts menu with the following shortcuts (with more than one button combo option for each)
   - Cheats Menu
   - Toolbox
   - PS5 Games menu
   - Toggle Kstuff
- the Utilities menu has been changed to the Settings menu and is now below the Services menu
- Patched the systems game patch checker to not auto update games with etaHEN active
- Updated the Kstuff menu to include the option to pause the PS5 or PS4 sysents independently
- the download Cheats option will now check if its up to date instead of always just redownloading the whole repo everytime
- Added the ability to save remote play info to a USB if one is detected (both the encoded and decoded account ids)
- Added the option to disable the toolbox auto start in the rest mode options

## Fixes and Updates
- Updated Kstuff to 1.5
- Updated PS5Debug to v1.0b4 (6.xx support) by @CTN
- Fixed an Issue that would cause the etaHEN utility daemon to crash if malformed cheat .txt files were present
- etaHEN will now attempt to restart the home menu if loading the toolbox fails
- updated itemzflow self decrypter for 7.xx
- Improved etaHEN Startup time by 1-2 secs
- Updated & Improved lite mode
- Fixed an issue preventing people from enabling cheats after turning off lite mode
- Fixed an issue with Cheats not showing the full description for long descriptions
- [Dev/TestKits] the red activate banner will now only go away when the activation patches are present
- [Dev/TestKits] added activation patches for DevKit FW 3.21, 4.03, 4.51 and 5.50 and Testkit fw 4.03, 4.51, 6.50, 7.61
- Delete daemon crash logs on startup if available
- Updated the config.ini layout for the new additions
2025-06-10 22:45:32 -04:00
old versions
etaHEN update 2.2B
2025-06-10 22:45:32 -04:00
PS5 technical writeups
correct a few typos
2025-03-29 15:55:55 -04:00
etaHEN-2.2B.bin
etaHEN update 2.2B
2025-06-10 22:45:32 -04:00
etaHEN-Icon.jpg
new Icon
2024-12-24 16:17:16 -05:00
README.md
etaHEN update 2.2B
2025-06-10 22:45:32 -04:00
send_payload.ps1
Formatting fix
2025-02-15 20:56:46 -05:00

README.md

etaHEN - AIO Homebrew enabler

etaHEN

🚀 Support the Project

If you find this project useful and would like to support its continued development, consider buying me a coffee! ko-fi

Official PS5 exploit website

Recommended self-host exploits

Payload PowerShell Script usage for Windows (send_payload.ps1)

if you haven't already, you will need to either enable script execution globally via

Set-ExecutionPolicy Bypass

in an admin PowerShell window or run the script with this command after replacing the script path

powershell.exe -ExecutionPolicy Bypass -File C:\Path\To\send_payload.ps1

Script Usage

.\send_payload.ps1 -Payload "C:\path\to\example.elf" -IP "192.168.xxx.xxx" -Port XXXX

OR

.\send_payload.ps1

cmdlet send_payload.ps1 at command pipeline position 1
Supply values for the following parameters:
(Type !? for Help.)
Payload: C:\path\to\example.elf
IP: 192.168.xxx.xxx
Port: XXXX
  • Common Ports: SB elfldr 9021, exploit elfldr 9020

Features

  • ★ etaHEN toolbox (debug settings replacement)
  • Custom etaHEN Plugins
  • [Toolbox] Install the Homebrew Store on the console
  • [Toolbox] ★Rest Mode Options
  • [Toolbox] Remote Play Menu
  • [Toolbox] Plugin Menu and Plugin auto start menu
  • [Toolbox] External HDD Menu
  • [Toolbox] TestKit Menu
  • [Toolbox] Cheats Menu (WIP)
  • [Toolbox] Controller Shortcuts
  • [Toolbox] PS5 webMAN Games menu
  • [Toolbox] Disable toolbox auto start
  • [Toolbox] Blu-Ray license activation
  • [Toolbox] etaHEN credits and supporters
  • [Toolbox] Custom debug settings text and icon
  • [Toolbox] Auto open menu after etaHEN loads
  • [Toolbox] a number of different toolbox settings
  • React bundle (all FWs) & Self (only on 2.xx) FTP decryption Support
  • 2 seperate daemons for improved stability and reliability
  • the Util daemon willl be auto restarted by the main etaHEN daemon
  • Custom System Software version (custom System info)
  • kstuff for fself and fpkg support
  • etaHEN log in /data/etaHEN
  • (optional) System-wide controller shortcut to open itemzflow
  • Debug Settings
  • Game Dumper (Intrgrated with Itemzflow)
  • HEN config file for settings
  • Jailbreak IPC call (jailbreaks Homebrew apps)
  • Update blocker (unmounts update partition)
  • Optional Illusions cheats/patches Plugin
  • Optional FTP server on port 1337
  • Optional /data allowed inside apps sandboxes
  • Klog server on port 9081
  • elf loader on port 9021 (use Johns elfldr)
  • Optional PS5Debug
  • Itemzflow intergration
  • Optional Discord RPC server on port 8000, click here for setup instructions
  • Optional Direct PKG installer V2 service with WebUI on http://PS5_IP:12800
  • Optional Direct PKG installer service on port 9090

etaHEN SDK

make your own custom plugins via the etaHEN SDK More info Here

Upcoming features

  • [Toolbox] FPS Counter
  • [Toolbox] On-Screen temps and other info (for retails)
  • More userland patches
  • Improved PS5 Game support (itemzflow)
  • More (consider donating)

etaHEN INI Configuration file

etaHEN's ini settings file can be found at /data/etaHEN/config.ini and can be accessed using the built-in FTP and is automatically created when you run etaHEN for the first time

Configuration Layout (toolbox)

INI Key Description Default value
PS5Debug 0 = disables PS5Debug (Sistr0) auto load 1 = enable PS5Debug auto load 0 (disabled)
FTP 0 = disables etaHEN built-in FTP 1 = enables it 1 (enabled)
discord_rpc 0 = disables Discord RPC server 1 = enables it 0 (disabled)
toolbox_auto_start 0 = auto replaces debug settings 1 = OG Debug settings only 1 (enabled)
Allow_data_in_sandbox 0 = disables /data in an apps sandbox 1 = enables it 1 (enabled)
DPI/ DPIv2 0 = disables The Direct PKG Installer service 1 = enables it 1 (DPIv2 enabled)
Klog 0 = disables kernel logging, 1 = enables it 0 (disabled)
ALLOW_FTP_DEV_ACCESS 0 = disables FTP developer access, 1 = enables it 0 (disabled)
StartOption 0=None, 1=Home menu, 2=Settings 3=Toolbox, 4=itemzflow 0 (None)
Rest_Mode_Delay_Seconds Delay in seconds before patching shellui coming out rest mode 0 (no delay)
Util_rest_kill 0 = dont kill the util daemon during rest, 1 = Do kill it on rest 0 (disabled)
Game_rest_kill 0 = dont kill the open game during rest, 1 = Do kill it on rest 0 (disabled)
toolbox_auto_start 0 = disabled, 1 = enabled 0 (disabled)
DPI_v2 0 = disabled, 1 = enabled 0 (disabled)
disable_toolbox_auto_start_for_rest_mode 0 = disabled, 1 = enabled 0 (disabled)
Cheats_shortcut_opt Multi-select option 0 (disabled)
Toolbox_shortcut_opt Multi-select option 0 (disabled)
Games_shortcut_opt Multi-select option 0 (disabled)
Kstuff_shortcut_opt Multi-select option 0 (disabled)

DPI API details for tool creators

etaHEN's Direct PKG Installer currently is very simple and is considered a WIP the service flow is as follows

  1. Connect to etaHEN's TCP server via port 9090 (using the PS5s IP)
  2. Send a URL to etaHEN in the following json format
{ "url" : "http://xxxx" }
  1. etaHEN will then send back the return value (0 on success)
{ "res" : "0" }
  1. etaHEN will close the client socket after the return json is sent

Jailbreaking an app (FPKG) using etaHEN (non-whitelist method, Network required)

enum Commands : int {
  INVALID_CMD = -1,
  ACTIVE_CMD = 0,
  LAUNCH_CMD,
  PROCLIST_CMD,
  KILL_CMD,
  KILL_APP_CMD,
  JAILBREAK_CMD
};

struct HijackerCommand
{
  int magic = 0xDEADBEEF;
  Commands cmd = INVALID_CMD;
  int PID = -1;
  int ret = -1337;
  char msg1[0x500];
  char msg2[0x500];
};

int HJOpenConnectionforBC() {

  SceNetSockaddrIn address;
  address.sin_len = sizeof(address);
  address.sin_family = AF_INET;
  address.sin_port = sceNetHtons(9028); //command serve port
  memset(address.sin_zero, 0, sizeof(address.sin_zero));
  sceNetInetPton(AF_INET, "127.0.0.1", &address.sin_addr.s_addr);

  int socket = sceNetSocket("IPC_CMD_SERVER", AF_INET, SOCK_STREAM, 0);
  if (sceNetConnect(socket, (SceNetSockaddr*)&address, sizeof(address)) < 0) {
    close(socket), socket = -1;
  }

  return socket;
}

bool HJJailbreakforBC(int& sock) {

  // send jailbreak IPC command
  HijackerCommand cmd;
  cmd.PID = getpid();
  cmd.cmd = JAILBREAK_CMD;

  if (send(sock, (void*)&cmd, sizeof(cmd), MSG_NOSIGNAL) == -1) {
      puts("failed to send command");
      return false;
  }
  else {
    // get ret val from daemon
    recv(sock, reinterpret_cast<void*>(&cmd), sizeof(cmd), MSG_NOSIGNAL);
    close(sock), sock = -1;
    if (cmd.ret != 0 && cmd.ret != -1337) {
      puts("Jailbreak has failed");
      return false;
    }
    return true;
  }

  return false;
}

int main()
{

     int ret = HJOpenConnectionforBC();
     if (ret < 0) {
         puts("Failed to connect to daemon");
         return -1;
     }
     if (!HJJailbreakforBC(ret))
     {
          puts("Jailbreak failed");
          return -1;
     }

     return 0;
}

Contributors

Testers

Join us on the Support Discord

Reference in New Issue View Git Blame Copy Permalink
Description
No description provided
Readme GPL-3.0 62 MiB
Languages
C++ 50%
C 49%
CMake 0.5%
Python 0.3%