The above video goes away if you are a member and logged in, so log in now!
this fking NPDRM key needs to get out fast, if only for backup up PS store games.
I've been trying a hybrid between a dictionary attack and a bruteforce attack on the NPDRM keys today -- sadly no result has been turned up in the first few files I expected.
As geohot released both a plain text key (for the AES implementation to use) and an encrypted key (for the PS3 to decrypt), and as it's known Sony has the key used for decrypting this in some of the data, I used an application (messy C# code) to interpret every 48-byte pair in various files as a 32-byte key/16-byte IV, encrypt the plain text, and compare the encrypted data to geohot's key.
Sadly, this has resulted in nothing when ran on (decrypted, obviously) SELFs in a) CORE_OS_PACKAGE.pkg and b) /sys/internal/ in dev_flash, which might be for one of the following reasons:
1) the IV doesn't immediately follow the key, like with the normal key/IV pairs (in appldr, for instance) -- this could increase processing time anywhere from *2 to ^2.
2) the key isn't in any of the locations I checked -- for instance, Waninkoko mentioned (regarding the PSP keys) a file named 'spu_handler.isoself', which I can't find in any of those 2 locations.
3) there's an implementation bug in my code, though I tested it by encrypting a random set of plaintext data with the appldr 3.15 key/IV (using the openssl command line, with similar parameters to geohot's commented out code) and running appldr through my code -- it found the key/IV. it could be geohot's commented code is intentionally wrong to hamper people going from it for finding out the key... which would be annoying.
hey with a bit of luck sony will make it public as "evidence" and say they found it on geo's machine. lol!
Not 100% sure if this is the right file, but I did manage to find a SacModule.spu.isoself in the /dev_flash/vsh/module folder
Originally Posted by NTAuthority
January 18, 2011 at 5:47 am
Uploaded my new stuff: NPDRM, SYSCON, HV exploit from GameOS and other things.
With NPDRM payload you won’t be able to decrypt all NPDRMs.
this should help right..?