BD-JB for up to PS4 12.50
This might be the exploit that was reported by TheFlow and patched at 12.52
Nope TheFlow just confirmed this is not his exploit.
Just take my early Christmas gift :)
No this won't work at PS5.
You need to turn off "Disable Pop-ups while playing video" on notification setting to get notification.
You will find two ISOs in the release:
-
Lapse.iso— Contains the Lapse JAR payload built in.- Automatically loads
payload.binin USB and copies it to/data/payload.bin. - BinLoader always listens to 9020 regardless of whether
payload.binis found or not.
- Automatically loads
-
RemoteJarLoader.iso— Allows you to send your own JAR payload via port 9025.- If you want the same behavior as
Lapse.isowhile using this, sendLapse.jaras the payload.
- If you want the same behavior as
-
Format as exFAT or FAT32.
-
Place your homebrew enabler payload (e.g. GoldHEN, ps4-hen) at the root and rename it to
payload.bin -
For
Lapse.iso: payload.bin will be loaded automatically. -
For
RemoteJarLoader.iso:- Send a custom JAR payload, or send Lapse.jar to mimic
Lapse.iso’s behavior.
- Send a custom JAR payload, or send Lapse.jar to mimic
-
Enable HDCP in Settings (required for Blu-ray playback).
-
If Blu-ray playback is not yet activated which can happen if you are using blu-ray disc for the first time:
- Disable Automatic Updates first to avoid firmware upgrades.
- Connect to the internet once to activate it.
Step-by-step:
-
Insert the USB drive first.
-
Insert the Blu-ray disc (burned with
Lapse.isoorRemoteJarLoader.iso). -
Wait for payload delivery:
- With Lapse.iso: payload.bin loads from USB → /data/payload.bin (If USB is not plugged in)
- With RemoteJarLoader: send JAR payload to port 9025.
-
If exploit fails → Restart the PS4 before retrying.
- Do not simply reopen the BD-J app — stability will drop.
-
BD-J app logs are sent over network.
-
Use RemoteLogger:
- Server listens on port 18194.
- Run
log_client.pyfirst, then launch the BD-J app.
- Windows: Use ImgBurn.
- Linux: Use K3b.
- macOS: Use BD-SimpleBurn.
The AIO fixes resolve black screen and save data corruption issues in certain games.
This is only needed for Lapse 1.0, 1.1 and 1.1b as of 1.2 the fixes are included in the ISO.
Do not use any other AIO related fix or plugins with this.
Video Explanation by @MODDED_WARFARE
https://youtu.be/8LJ4ZFjr2Rw
- Load payload.bin (goldhen or ps4-hen) normally from USB.
- Send "aiofix_network.elf" to HEN's BinLoader using network after HEN is initialized.
- You will get AIO patch completed notification.
- You need to send this elf file everytime you run Lapse exploit.
- Or make elf to plugin to load automatically when HEN is loaded.
| ISO Type | What it Does | Ports Used | Payload Behavior |
|---|---|---|---|
| Lapse.iso | Built-in Lapse JAR payload | 9020 (if bin missing) | Loads payload.bin inside USB → /data/payload.bin |
| RemoteJarLoader.iso | Custom JAR payload | 9025 | Send Lapse.jar for default Lapse behavior or your own JAR |
Use john-tornblom's BDJ-SDK and ps4-payload-sdk for compiling.
Required rt.jar and bdjstack.jar are under PS4's /system_ex/app/NPXS20113
Replace the BDJO file in BDMV when building.
- TheFlow — BD-JB documentation & native code execution sources.
- hammer-83 — PS5 Remote JAR Loader reference.
- john-tornblom — BDJ-SDK and ps4-payload-sdk used for compilation.
- shahrilnet, null_ptr — Lua Lapse implementation, without which BD-J Lapse was impossible.
