Skip to content

PS5 Hack: Keys incoming for the mysterious CP Box?

Scene developer Zecoxao added some information to the “CP Box” page on the PS5 Dev Wiki today, and stated that hackers are working on extracting some of its encryption keys. Little is known (publicly) on the scene about this PS5 Development accessory, although it’s likely official PlayStation development studios know more specifically what it does.

What is the PS5 CP Box?

The CP Box is a black box with a USB C input, USB C output, ethernet and power cable, which connects to Test Kits. Its exact purpose is unknown on the scene, but there are theories.

There are two modes the CP Box can run in “Engineering Mode” and “Normal Mode”. In engineering mode the CP Box is simply plugged into power, with the USB-C Cable in the PS5. In Normal mode, the CP Box USB-C Port is plugged into a USB-C Portable Hard Drive, and the Ethernet is plugged into your router / network hub, and the USB-C Cable into the ps5. (source)

Pictures of the PS5 CP Box started appearing pretty soon in the console’s life cycle, with some pictures actually leaking before the actual console release. The internet being what it is unfortunately, a lot of the original sources are gone, but this article on TwistedVoxel has a copy of the pictures. They theorized at the time that this might have been an SSD for the console.

Early guesses also included a “Breakout Box for the PS VR”, and the scene’s current explanation is that this box could possibly be used to enable Dev mod on PS5 Test Kits, and/or maybe to check for account/hardware activation on Sony’s DevNet . From PS5 Dev wiki:

Although its unknown at the moment exactly what the CP Box is for – it is to enable dev mode on test and dev kits. possibly the ethernet connection is for checking activation online on DevNet? and the USB Hard Drive maybe for Packages? or games?

Or perhaps its related to the Communication Processor similar to that on the PSVita, maybe its just an external version of it? I don’t know ;-;

The PS5 Dev Wiki mentions that these CP Boxes might not be needed for DevKits (only testkits), and that maybe the functionality is embedded in Dev Kits.

The NCC page for the DevKit makes no reference to a “CP Box” it appears to be built into it instead

I personally like this educated guess from user Farncone on Reddit:

As the “testing kit” is a normal PS5 as opposed to that V shaped development kit, and that small box has network indicators and a RJ-45 jack in it, it’s probably to facilitate a network testing scenario as the PSN for PS5 games is not enabled yet. Developers will have to test their online functions in a closed testing environment. Typically the network would have a PROD and DEV side for production/commercial fully tested games, and a development side. This looks like a box to enable the network testing in the DEV environment – ​​and it would allow them to do this with the real PS5 testing model.

And this follow up by doctorlongghost in the same thread makes sense to me as well:

The one thing that comes to mind for this is that it could be used for throttling the Internet. I’m a web developer and the main browsers all come with integrated dev tools that let you intentionally slow down your Internet so you can test your code to see how it performs on slower networks (like 3G/4G cells). So this could be for something like that. To let devs intentionally slow down or sever the network connection to the console.

Test Automation site Suite.st says they support PS5 Devkits and TestKits, for automation testing of HTML based applications (I’m thinking maybe media apps like Netflix, Disney+ et. al. might have some HTML-based pages?). On their help page for the PS5, they do mention the CP Box. So it could make sense that the box is here to test various network conditions through throttling mechanisms.

How is the CP Box relevant for PS5 Hacking?

It is unclear if the CP Box could be useful for PS5 Hacking. It is very likely that the PS5 firmware doesn’t inherently trust any accessory that gets plugged in to it, but it’s also possible that an official Sony component has a higher level of trust than other devices.

Either way, it won’t stop Reverse Engineers from trying, at least to extract as much information as possible from the box. Zecoxao has mentioned today that hackers are looking to extract some keys from the device’s firmware. He stated the keys will be published on the PS5 Dev week once available.

Whatever comes out of this, stay tuned for more details!

References

  • https://www.reddit.com/r/PSVR/comments/je2dfq/leak_of_ps5_dev_hardware_includes_mysterious/
  • https://playstationdev.wiki/ps5devwiki/index.php/CP_Box
  • https://www.psxhax.com/threads/ps5-cp-communication-processor-box-playstation-5-dev-prototype-images.9995/
  • https://suite.st/docs/devices/playstation-5/
  • https://twistedvoxel.com/ps5-black-dualsense-controller-testing-kit-images/