matem6

matem6 / P2JB-Y2JB-Porting

Public

PS5 jailbreak via the Y2JB. Ports Gezine's p2jb kqueueex cr_ref overflow

79
6
50% credibility
Found May 22, 2026 at 79 stars -- GitGems finds repos before they trend. Get early access to the next one.
Sign Up Free
AI Analysis
JavaScript
AI Summary

This project is a PlayStation 5 jailbreak tool that exploits a memory overflow vulnerability in the console's kernel. It runs inside a modified YouTube app (via the Y2JB framework) and takes approximately two hours to complete. Once successful, it grants root-level access, enables the hidden debug menu, and activates a loader that can receive and run custom programs from a connected computer. The jailbreak works on PS5 firmware versions 9.00 through 12.40 and includes workarounds for known stability issues. Users can then load additional tools like the BD-UN-JB persistent unpatcher to make the jailbreak survive console restarts.

How It Works

1
🎮 You hear about a PS5 jailbreak

You discover there's a way to unlock extra features on your PlayStation 5, like developer menus and running custom programs.

2
📋 You check if your console is compatible

You verify your PS5 is running a supported system version between 9.00 and 12.40, with firmware 11.60 being the tested sweet spot.

3
🔧 You set up the YouTube app framework

You install the Y2JB backup on your PS5 and launch the modified YouTube app, which becomes the home for the jailbreak code.

4
⏱️ You start the jailbreak and wait

You send the payload from your computer and watch as it spends about two hours exploiting a memory bug deep in the console's brain.

5
🔓 Your console gets root access

The exploit chain completes and your PS5 gains full kernel access, enabling the debug menu and unlocking system capabilities.

6
You load custom code onto your console
🛡️
Apply persistent jailbreak

You send the BD-UN-JB unpatcher to make the jailbreak survive reboots and app closures.

🎯
Load homebrew software

You use tools like hermes-link to send custom programs that run on your now-unlocked console.

Your PS5 is jailbroken

You've successfully unlocked your PlayStation 5 with debug menus, root access, and the ability to run custom code.

Sign up to see the full architecture

5 more

Sign Up Free

Star Growth

See how this repo grew from 79 to 79 stars Sign Up Free
Repurpose This Repo

Repurpose is a Pro feature

Generate ready-to-use prompts for X threads, LinkedIn posts, blog posts, YouTube scripts, and more -- with full repo context baked in.

Unlock Repurpose
AI-Generated Review

What is P2JB-Y2JB-Porting?

This is a PlayStation 5 jailbreak payload written in JavaScript. It ports Gezine's kernel exploit to run inside the Y2JB framework (a modded YouTube TV app that executes arbitrary JavaScript on the PS5). The exploit uses a cr_ref overflow through kqueueex syscalls to gain kernel read/write access, elevate to root, enable the debug menu, and expose a TCP ELF loader on port 9021. You send the payload from a PC over the local network, and the JavaScript runs on the console itself.

Why is it gaining traction?

This gives PS5 owners on firmware 9.00-12.40 a jailbreak path without needing a separate hardware dongle or a separate Lua loader. Everything runs through the YouTube app you already have, making it low-friction for people already in the scene. The documentation walks through the full flow: preparing a USB drive, waiting for the host to stabilize, monitoring pipe fd counts as a reliability signal, and applying BD-UN-JB for persistence. Once complete, you can load any ELF binary over the network on port 9021.

Who should use this?

This is for PS5 owners stuck on firmware 11.60 (the only hardware-tested version) who want to experiment with homebrew, save editing, or debugging. If you are on a different firmware in the supported range, you are relying on theoretical compatibility. Scene developers working on kernel research may also find the porting notes useful for understanding how the original luac0re exploit translates to a different host environment.

Verdict

The repo is honest about its limitations: only one firmware tested, a ~2-hour runtime, and a known kernel panic if you close YouTube before applying persistence. At 79 stars and a 0.5% credibility score, this is early-stage work from someone who explicitly says they are learning the subject. The README is thorough and the code is documented, but proceed only if you understand what can go wrong and are comfortable troubleshooting.

Sign up to read the full AI review Sign Up Free

Similar repos coming soon.