How-To: Compiling PS5 Payloads with the PS5SDK on Windows

admin

Hi folks, here’s a guide on how to compile PS5 Payloads on Windows, using SpecterDev‘s PS5SDK. (This will let you compile payloads compatible with the Webkit version of the exploit).

There are multiple ways you could achieve this (see FAQ below), but I chose to use Microsoft’s own WSL (Windows Subsystem for Linux), a lightweight Virtual Machine, which will, for all intents and purposes, let you run a Linux Distribution directly from Windows, and use the PS5 Community development tools (as well as many more tools used in the hacking community).

As such, this guide assumes you have some basic Linux skills, but frankly if you’re going to dive into scene development, that’s pretty much a prerequisite anyway.

What we’ll be doing in this guide

    1. Install WSL on Windows
  1. Install the necessary libraries and dependencies for PS5SDK
  2. Setup the basic environment variables for PS5SDK
  3. PS5SDK Toolchain setup, and compile a test ELF file from the examples folder

1. Install WSL and a Linux distro on windows

WSL (Windows Subsystem for Linux) is a Virtual Machine that lets you run any Linux Distribution on Windows. Although it does have some limitations, for the sake of our goal today it will behave like a regular Linux.

  1. To install WSL, just open a windows cmd shell and type wsl –install
    • Note: if all you get at this point is a wsl help message, it’s probably because you already have wsl installed. Skip to the next step
  2. Once wsl is installed, typing wsl –list –online will show you a list of all available Linux distributions you can potentially install. Pick one. Personally I’d recommend Debian or the latest Ubuntu, but if you have a preferred one, go for that.
  3. install the distro you want with wsl –install [distro name] e.g. wsl –install Ubuntu-22.04

2. Install the necessary libraries and dependencies

Now that you have installed your distribution of choice, simply typing “wsl” will launch your Linux session. Initially the system might ask you to create a default user and password, so do that first.

    1. Now that you’re running Linux, and before getting started, you’ll want to make sure your package repository is up to date. Type sudo apt-get update, then once it’s done type sudo apt-get upgrade
  1. You’ll need a basic text editor, I personally use emacs (sudo apt install emacs-nox)
  2. the PS5SDK relies on a handful of libraries and programs you’ll want to install, here’s the quick list which should do the trick:
    1. sudo apt install cmake
    2. sudo apt install ninja-build
    3. sudo apt install clang
    4. sudo apt install lld

3. Setup the basic environment variables

SpecterDev’s PS5 SDK requires some basic environment variables to be defined, namely the location of the SDK, and your firmware version.

    1. Now is a good time to download the PS5SDK and extract it in a folder of your choice
  1. using your text editor in linux, add the following lines to you home folder’s ~/.bash_profile (create the file if it doesn’t exist)

export PS5SDK=”/path/to/ps5sdk/”
export PS5SDK_FW=”0x[Your firmware here]”

Important notes:

  • PS5SDK_FW here should be 0x followed by your PS5’s Firmware, e.g. 0x300 or 0x403, etc…. This variable is important because some ELF files are Firmware dependent (ideally we want to avoid that, but that is the state of things for now).
  • PS5SDK is the path to your SDK folder. Note that your Windows Drives such as C:, D:, etc… are located in /mount/c/mount/d, and so on.
  • In my experience, the Linux shell did not take me to my linux home folder by default, but instead to my Windows home folder. make sure to cd ~ before creating/editing .bash_profile
  • To test that your environment variables are working, close your linux terminal, reopen it (type “wsl” in a windows command), then type echo $PS5SDK. This should give you the location of the SDK files

4. Bringing it all together: toolchain setup, and compiling your first ELF

  1. go to the root of your PS5 SDK, and type ./build.sh. This should setup the PS5 SDK Toolchain for you. If you run into issues, see the Troubleshooting section below
      1. It is possible some of the samples will fail. In my case, because my PS5 Firmware is set to 0x300, but one of the samples is designed for Firmware 4.03 only, the build for that one will fail. This is expected.

  2. Try to build one of the examples. e.g. cd examples/hello_socket then ./build.sh
  3. You can now test the generated ELF on your PS5

Troubleshooting

Here are a few issues you might run into, and suggested solutions:

  • clang: error: invalid linker name in argument ‘-fuse-ld=lld’
    • It’s likely you’re missing the lld library: try sudo apt install lld
  • clang is not a full path and was not found in the PATH
    • It’s likely you’re missing clang: try sudo apt install clang
  • Running ‘/usr/bin/ninja.exe’ –‘version’ failed with no such file or directory
    • This can be a caching issue where CMake incorrectly mapped your binaries (happened to me when I messed up between cygwin and wsl for a while).  Try deleting the file CMakeCache.txt
  • unable to locate package ‘[packagename]’ (when running e.g. sudo apt install cmake)
    • It is possible your package repositories aren’t updated. Try sudo apt-get update, then once it’s done type sudo apt-get upgrade

Warnings:

    • clang: warning: -Wl,-z,norelro: ‘linker’ input unused [-Wunused-command-line-argument]
  • clang: warning: argument unused during compilation: ‘-pie’ [-Wunused-command-line-argument]
    • In my limited tests, these warnings didn’t prevent me from building operational binaries. Would love to hear people’s feedback on that.

FAQ

Why not use Windows directly?

You should be able to install LLVM and all the required stuff (Clang, etc..) directly for windows, and the PS5SDK should work in Windows directly, without going through WSL. In my experience though, running these things directly on Windows will be harder to debug because most folks on the scene do these things on Linux. Running this in WSL gets you closer to what people do on Linux, while still having your computer on Windows. The Virtual Machine is an added bonus, ensuring your PS5 experiments don’t actually mess with your main OS.

Why not use Cygwin?

I’ve been using cygwin on Windows for years, and I love it. Unfortunately, clang and llvm aren’t maintained on cygwin, which means it’s not practical to try and use SpecterDev’s tools in such an environment. The clang/llvm versions are so old, basically nothing will work with the PS5SDK on Cygwin, without heavy effort.