Welcome to Richard's Blog

Blog

  • SOP: PS4 Extended Storage & Save Resigning on Non-Jailbreak with Save Wizard PS4 Maxโ€”Only works on 13.00 or below.

    Method: Vue-After-Free
    | Target: Non-Jailbroken PS4 Consoles
    |Credit: ALL credit is in here ->README.md
    | Link: https://github.com/Vuemony/vue-after-free

    ๐Ÿ“‹ Prerequisites & Tools

    Ensure you have all items listed below before starting. Missing one step in this chain will result in a “Data Corrupted” error on the PS4.

    • Console: PS4 with an active internet connection.
    • Network: Must use Earthonion DNS – 127.0.0.2 or 62.210.38.117.
    • PSN Account: A legitimate or “fake” activated user profile.
    • Hardware: USB 3.0+ External Drive (HDD/SSD), minimum 256 GB.
    • Software (PC): * BalenaEtcher (for image flashing).

    ๐Ÿ› ๏ธ Phase 1: Drive & App Preparation

    Goal: Prepare the external storage so the PS4 recognizes the modified capacity.

    1. Flash the Image: Open BalenaEtcher on your PC and flash the Earthonion image onto your USB drive.
      Note: The drive may show as 256GB initially; this is normal.
    2. After you are done, flash Drive, USB Flash Drive plug in front of the USB port.
    3. Internal Move: On your PS4, move the PlayStation Vue app to the internal storage.
    4. Not have toโ€”You can skip to Phase 2,
      Format Drive: Connect the USB to the PS4. Navigate to Settings > Devices > USB Storage Devices and select Format as Extended Storage.
    5. Not have toโ€”You can skip to Phase 2,
      Final Migration: Move the PlayStation Vue app from Internal Storage back onto the Extended Storage drive.

    ๐Ÿ“ค Phase 2: Exporting the Base Save

    Goal: Extract your unique profile signature so the PC software can recognize you.

    1. Generate Error: Launch PlayStation Vue. Wait for the error code to appear, then close the app.
    2. Export Save: Navigate to Settings > Application Saved Data Management > Saved Data in System Storage.
    3. Plug a different USB flash drive (ExFat) into the PS4’s second port.
    4. Transfer: Select Copy to USB Storage Device and choose the PlayStation Vue save file.
    5. Then unplug the USB flash drive from the PS4 and plug it into the laptop (32 GB or any of your preferred storage size for save game and Homebrew and payload.bin), not the external drive from Earthonion, which is a separate flash drive.

    ๐Ÿ’ป Phase 3: PC Modification & Resigning

    Goal: โ€œSignโ€ the hack so your PS4 thinks you created it.

    Part A: Directory Setup

    1. Connect the save game USB to your PC.
    2. Ensure the file path is exactly: USB Drive > PS4 > SAVEDATA > 4f73272fd28f38284 (my profile ID). And create a folder in SAVEDATA -> 1111111111111111 for to do the resign to match your profile ID.
    3. Copy the CUSA00960 folder from the Earthonion download into the 1111111111111111 folder.

    Part B: Save Wizard Registration

    1. Open Save Wizard for PS4 and go to the Re-sign tab.
    2. Find CUSA00960, right-click your Profile/PSN ID, and select Register.
    3. Select the 1111111111111111 folder and click Resign.
    4. When prompted to overwrite the original, select Yes.

    ๐Ÿ“ฅ Phase 4: Final Import & Bypass

    Goal: Apply the modified data to the console.

    1. Plug the USB into the PS4.
    2. Go to Settings > Application Saved Data Management > Saved Data on USB Storage Device.
    3. Select Copy to System Storage and pick PlayStation Vue.
    4. Confirm the overwrite when prompted.
    5. Launch PlayStation Vue. The error should now be bypassed.

    Troubleshoot:

    IssuePotential CauseSolution
    Save not showing on PCIncorrect folder structureEnsure path is PS4 > SAVEDATA > [Numbers] > CUSA00960
    “Data Corrupted” on PS4Profile mismatchEnsure you Registered your PSN ID in Phase 3, Part B.
    Drive capacity errorFormatting sequenceRepeat Phase 1; ensure the app is moved after the format.

  • SOP: Installing T7 GSC Injector for Black Ops 3 (GoldHEN)

    Purpose

    To install and configure the T7 GSC Injector plugin for use with Call of Duty: Black Ops 3.

    Requirements

    • GoldHEN enabled
    • FTP access to the console
    • T7_GSC_Injector.prx file
    • A compatible .gscc menu file

    Procedure

    Step 1: Download the Plugin

    1. Download the file T7_GSC_Injector.prx to your computer.

    Step 2: Transfer Plugin to Console

    1. Connect to your console using FTP FileZilla.
    2. Navigate to the following directory:
    /data/GoldHEN/plugins/
    1. Upload T7_GSC_Injector.prx to this folder.
    2. Do NOT rename the .prx file.

    Step 3: Create Injector Directory

    1. In FTP, navigate to:
    /data/
    1. Create a new folder named exactly:
    T7 GSC Injector

    Step 4: Add and Rename Menu File + Download Link For menu by Muzzman

    Download
    1. Upload your .gscc menu file into:
    /data/T7 GSC Injector/
    1. Rename the file to:
    gssc_0

    Important:

    • Remove the file extension completely.
    • The file must NOT have .gscc after renaming.
    • If using multiple menus, increment the number (e.g., gssc_1, gssc_2).

    Step 5: Launch the Game

    1. Start Call of Duty: Black Ops 3.
    2. Enter the multiplayer or Zombies lobby.
    3. A notification should appear showing how to open the injected menu.

    Verification Checklist

    • Plugin file is in /data/GoldHEN/plugins/
    • Folder /data/T7 GSC Injector/ exists
    • Menu file is renamed to gssc_0 with no extension
    • In-game notification appears

  • Huge Thanks to EarthOnion โ€“ Vue-after-Free on My PS4 ๐ŸŽฎ

    I want to give a huge thank you to EarthOnion for providing Vue-after-Free for the PS4. Because of this, I was able to restore the system backup on my PS4, open PS Vue, and successfully run the jailbreak exploit.

    Everything worked perfectly โ€” I truly appreciate the effort and contribution to the scene!

    Non-Jailbroken PS4 System Backup Guide from his GitHub,

    Official Repository

    Full instructions and files are available here:

    https://github.com/Vuemony/vue-after-free

    โš ๏ธ Important:
    A network connection is required before running Vue. It does not need internet access โ€” a local network is enough. Connect immediately after restoring the system backup.

    If your network does have internet access, make sure you read the official connection instructions first.

    Step 1 โ€“ Prepare Your USB Drive

    1. Format your USB drive to exFAT.

    โš ๏ธ Warning:
    Formatting will erase all data on the drive. Back up anything important first.

    Step 2 โ€“ Download the System Backup

    1. Download either:
      • VueSystemBackup.7z
      • VueLiteSystemBackup.7z

    If you choose Lite Mode, the exploit will automatically launch when opening the app after the initial prompt.

    1. Extract the contents of the archive onto your USB drive.
    2. Plug the USB into your PS4.

    Step 3 โ€“ Backup Your Data (Optional but Recommended)

    If you have a real PSN account on the console:

    • Go to:
      Settings > Application Saved Data Management > Saved Data in System Storage
    • Back up your save data to the USB.
      (Make sure you have enough free space.)

    If you cannot access saved data, your console likely does not have a real PSN account or is not activated. In that case, you cannot back up saves unless you jailbreak first.

    Also back up captures:

    • Go to:
      Settings > Storage > System Storage > Capture Gallery > All
    • Back up your captures to USB.

    Step 4 โ€“ Restore the System Backup

    1. Go to:
      Settings > System > Back Up and Restore > Restore PS4
    2. Select the system backup from your USB.
    3. Restore it.

    After reboot, you will have:

    • A fake activated user account
    • PS Vue installed
    • Exploit data ready

    Step 5 โ€“ Prepare the Payload

    1. Place your payload (HEN or GoldHEN) on the root of your USB.
    2. Rename it to:
    payload.bin

    After the first run, it will be loaded from /data/, so the USB will not be needed again.

    Step 6 โ€“ Run the Exploit

    1. Connect safely to any network (local is fine).
    2. Open PS Vue.
    3. You will see:

    “This service requires you to sign in to PlayStation Network”

    Press OK to continue.

    1. Press the Jailbreak button to run the exploit
      OR configure:
      • Auto Loader
      • Auto Close

    โš™๏ธ Important for HEN Users

    Before enabling Auto Close:

    • Edit config.js
    • Add 20 seconds to the close delay by setting:
    20000

    Then back up the current save file to USB via console settings.

    Optional โ€“ Avoid PSN Pop-Up

    After jailbreaking, you can run the np-fake-signin payload to avoid the PSN sign-in pop-up.

    User Account Information

    • Default User Account ID:
    1111111111111111

    This cannot be changed.

    However, you can:

    1. Create a new user.
    2. Fake activate it.
    3. While jailbroken, set up PS Vue under the newly activated account.
    4. Resign an OnlineSave if exploit files become corrupted.

  • Fail2Ban + n8n Webhook SOP (SSH Permanent Ban)

    Document Owner: IT / Network

    Scope: Linux servers running OpenSSH where Fail2Ban enforces bans and notifies n8n via webhook.

    Goal: Permanently ban brute-force SSH IPs locally (bantime = -1) and send events to n8n for enrichment/alerting.

    Table of Contents

    1. Architecture
    2. Prerequisites
    3. SOP 1 โ€” Install Fail2Ban
    4. SOP 2 โ€” Create n8n Webhook Action
    5. SOP 3 โ€” Configure SSH Jail (Permanent Ban + Multi-Action)
    6. SOP 4 โ€” Validate & Test
    7. SOP 5 โ€” Operations (Monitoring & Health Checks)
    8. SOP 6 โ€” Manual Unban
    9. SOP 7 โ€” Incident Recovery (Accidental Self-Ban)
    10. SOP 8 โ€” Secure the Webhook (Production Standard)
    11. SOP 9 โ€” Change Control

    Architecture

    This design keeps Fail2Ban as the local enforcement layer and uses n8n for centralized alerting/intel.

    • sshd writes auth failures to /var/log/auth.log (or journald).
    • Fail2Ban detects brute-force patterns and applies a local ban.
    • n8n receives webhook events to enrich (IP intel), notify (Slack), and correlate across servers.
    sshd logs โ†’ Fail2Ban jail โ†’ firewall ban (%(action_)s)
                         โ†˜๏ธŽ webhook notify โ†’ n8n workflow

    Prerequisites

    • Ubuntu/Debian server (or compatible)
    • OpenSSH installed and running
    • Log file exists: /var/log/auth.log
    • Outbound HTTPS allowed to your n8n domain
    • n8n webhook endpoint created (POST)

    SOP 1 โ€” Install Fail2Ban

    Procedure

    1. Install packages:
    sudo apt update
sudo apt install -y fail2ban
sudo systemctl enable --now fail2ban

    Validation

    systemctl is-active fail2ban
sudo fail2ban-client ping

    SOP 2 โ€” Create n8n Webhook Action

    Create a custom Fail2Ban action that calls n8n when an IP is banned or unbanned.

    Procedure

    1. Create the action definition:
    sudo nano /etc/fail2ban/action.d/n8n-webhook.conf

    Paste the following:

    [Definition]

# NOTE:
# - actionban/actionunban are all we need for webhook notifications.
# - actionstart/actionstop/actioncheck are intentionally omitted.

actionban = curl -sS -m 8 -X POST "<n8n_url>" \
  -H "Content-Type: application/json" \
  -d '{"event":"fail2ban_ban","jail":"<name>","ip":"<ip>","fq_hostname":"<fq_hostname>","failures":"<failures>","time":"<time>","token":"<token>"}' \
  >/dev/null 2>&1 || true

actionunban = curl -sS -m 8 -X POST "<n8n_url>" \
  -H "Content-Type: application/json" \
  -d '{"event":"fail2ban_unban","jail":"<name>","ip":"<ip>","fq_hostname":"<fq_hostname>","time":"<time>","token":"<token>"}' \
  >/dev/null 2>&1 || true

[Init]
n8n_url =
token =
fq_hostname =

    Notes

    • Why no actionstart/stop/check? Webhooks donโ€™t require lifecycle setup; only ban/unban events matter.
    • Timeout: -m 8 prevents Fail2Ban from hanging on slow networks.
    • Reliability: || true prevents webhook failures from breaking Fail2Ban operations.

    SOP 3 โ€” Configure SSH Jail (Permanent Ban + Multi-Action)

    Procedure

    1. Edit the jail configuration:
    sudo nano /etc/fail2ban/jail.local

    Add/replace the SSH jail:

    [sshd]
enabled = true
port = 22
filter = sshd
logpath = /var/log/auth.log
backend = auto

maxretry = 5
findtime = 600
bantime = -1

# Multi-action:
# 1) %(action_)s = default firewall ban action
# 2) n8n-webhook = notify n8n
action = %(action_)s
         n8n-webhook[n8n_url="https://YOUR_N8N_DOMAIN/webhook/fail2ban", token="YOUR_TOKEN", fq_hostname="YOURSERVER.example.com"]

    Critical Token Warning

    Avoid tokens containing # unless you escape it, because # can be treated as a comment delimiter.

    • Good: SecureToken_ABC123
    • If you must keep #: escape it like \# (example: abc\#123)

    Apply

    sudo systemctl restart fail2ban

    SOP 4 โ€” Validate & Test

    Check SSH jail status

    sudo fail2ban-client status sshd

    Tail Fail2Ban logs

    sudo tail -n 200 /var/log/fail2ban.log

    Test a ban safely

    • Use a separate source IP (not your admin IP)
    • Attempt several failed SSH logins to trigger maxretry

    Verify n8n

    • Confirm the webhook executed in n8n
    • Confirm payload includes event, ip, fq_hostname, and jail

    SOP 5 โ€” Operations (Monitoring & Health Checks)

    Daily quick checks

    systemctl is-active fail2ban
sudo fail2ban-client status sshd

    Investigate suspicious spikes

    sudo tail -n 200 /var/log/fail2ban.log
sudo grep "Ban" /var/log/fail2ban.log | tail -n 50

    Expected behavior

    • Fail2Ban stays active
    • Banned IPs accumulate gradually
    • No repeated webhook/curl failures in logs

    SOP 6 โ€” Manual Unban

    List current bans

    sudo fail2ban-client status sshd

    Unban a specific IP

    sudo fail2ban-client set sshd unbanip 1.2.3.4

    SOP 7 โ€” Incident Recovery (Accidental Self-Ban)

    Recovery steps

    1. Use console access (cloud console / physical / out-of-band)
    2. Unban your public IP:
    sudo fail2ban-client set sshd unbanip YOUR.PUBLIC.IP.ADDRESS

    Optional: protect stable admin IP

    If your admin IP is stable, add it to ignoreip:

    [sshd]
ignoreip = 127.0.0.1/8 YOUR.PUBLIC.IP.ADDRESS

    SOP 8 โ€” Secure the Webhook (Production Standard)

    • Validate token in n8n as the first step
    • Return 401/403 on invalid token
    • Rate-limit the webhook at reverse proxy (Nginx/Traefik/Cloudflare)
    • Optionally restrict source IPs to only your servers

    SOP 9 โ€” Change Control

    Backup config before changes

    sudo cp -a /etc/fail2ban /etc/fail2ban.bak.$(date +%F)

    After changes

    sudo systemctl restart fail2ban
sudo fail2ban-client status sshd
sudo tail -n 100 /var/log/fail2ban.log

    Document changes: date/time, what changed, why, and expected impact.

    End of SOP.

Secret Link