No, Flatz didn’t just announce CFW for the PS5

I know, it’s easy to get confused. And it still happens to me regularly, so I’m not judging.

Today, PlayStation hacker Flatz announced some significant progress on hacking the PS5 CP Box, an “accessory” for the PS5 used by official developers and testers. Thanks to his findings, Flatz announced Custom Firmware is now possible…for the CP Box. Because that box is a PS5 device, and because it’s easy to get confused, I’m betting a bunch of people misread this as “CFW for the PS5”, which this definitely isn’t.

What’s the CP Box, and what is its EAP Chip?

The CP Box (Communication processor) is an external device with a USB C input, USB C output, ethernet and power cable, which connects to PS5 Test Kits. Its exact purpose is unknown on the scene, but the theory is that it is required for official Devs to authenticate on PlayStation’s Dev Network for testing purposes.

In that context, I’m assuming that the EAP Chip is in charge of handling Authentication via the EAP Protocol. Don’t quote me on that.

The usefulness of reverse-engineering this particular device for the PS5 hacking scene is still unknown, although it is clear some hackers expect to find juicy information within. Zecoxao has stated that this device has “lots of fun things inside”.

What’s now possible with the CP Box?

What FlatZ announced today is a full hack of the CP Box, explicitly stating that it is now theoretically possible to run Custom Firmware on the device. For the time being, that will be useful for the handful of hackers who actually managed to acquire such a device. What PS5-specific secrets they will unlock thanks to this companion box, remains to be seen.

 

Over the past few days, Flatz has also poured a lot of CP Box information into the PS5 Dev Wiki (links below)

My opinion: It is possible some authentication and keys could be leveraged in there, possibly to make a hacked PS5 behave as a TestKit for example. Keeping in mind that the CP Box seems to be specifically intended for communication with Sony’s development servers, it’s an area of “tinkering” I’d personally rather not touch. Sounds like exactly the kind of domain where one could easily get their console banned, or suffer legal repercussions. But who knows, maybe this will also unlock mechanisms to activate one’s console offline (ha, we can always dream).

Bottom line: this is definitely not CFW for the PS5 that got announced today, but it remains an awesome achievement.

Downloads

• • CP Box EAP Partial Dump (decrypted)

• Proxima’s Brute Force Key Search Tool

Additional Details on PS5 CP Box:

• https://www.psdevwiki.com/ps5/CP_Box
• https://www.psdevwiki.com/ps5/Codenames#Shakespeare
• https://www.psdevwiki.com/ps5/Keys#Communication_Processor_.28CP.29_EMC_Keys
• https://www.psdevwiki.com/ps5/CP_Box_Service_Connectors
• https://www.psdevwiki.com/ps5/CP_Box_Non_Volatile_Storage
• https://www.psdevwiki.com/ps5/CP_Box_Boot_Process