Please note that you are required to have a exploited PlayStation 4 console on firmware 9.00 or lower to run the patches mentioned in this article.
Usually, when an NPC, actor, or Player’s buddies does an action where they would cut Infected’s Head off, they leave behind a severed head.
If a Player decided to throw an object, let’s say a brick or bottle. The game would crash. Why’s that?
PlayStation 3Unofficially Patched
PlayStation 5 Video
PS4/PS5 versions issue still persists on latest patch 1.11
Cut to the Chase
Most of the explaination was already covered in our PS3 version, see that post for more details.
We were only able to get the debugger PS4 Reaper working once due to connection and attaching issues but that was enough for what we needed.
Guessing from PS3 registers, It could be RBX that is holding collision data.
We can do a check if RBX isn’t 0 we can skip and run normally.
006bc849 e8 d0 53 CALL SUB_00c21c1e // jump to code cave 56 00 ~~~ 00c21c1e 48 89 85 MOV qword ptr [RBP + -0xc20],RAX // pervious instruction overwritten by Call e0 f3 ff ff 00c21c25 48 83 fb 00 CMP RBX,0x0 // check if rbx isn't 0 00c21c29 0f 84 04 JZ LAB_00c21c33 // skip 00 00 00 00c21c2f 48 8b 43 40 MOV RAX,qword ptr [RBX + 0x40] // load as normal LAB_00c21c33 00c21c33 c3 RET // return
Let’s implement this fix and see the results.
Success! Doesn’t crash now when throwing an object.
To apply patch and for use on a exploitable PlayStation 4 console, you’ll need to dump the game, modiify the executable with a hex editor and install the fake patch back onto the console.
Thank you to ZEROx for improving over my inital patch. and for believing in x86!