[VIDEO TUT] IT'S EVEN EASIER! Connecting to the PSN

[TheEnd]

[lang=ms]How to Connect to PSN with Custom Firmware v3.55 EASIEST TUTORIAL!

[ame=http://www.youtube.com/watch?v=vziYNyfuxZU]YouTube - How to Connect to PSN with Custom Firmware v3.55 EASIEST TUTORIAL![/ame]

[/lang]

[RatAndDragon]

How to Connect to PSN with Custom Firmware v3.55 EASIEST TUTORIAL!

Where did this meme come from that this is:

Permanent
Unblockable without a console ban

Come from?
3.55 is sent as version to other servers. Easy solutions for Sony -

Once you've got past the auth server, make every other server refuse to speak to you when they detect 3.55.
Use their rumoured "remote execute" capability to grab a version number from another component.
Release 3.57 with a new checksum in the login header.

There are lots of ways, this workaround is just as dumb (by which I mean unsophisticated) as the previous ones!

[TheEnd]

Where did this meme come from that this is:

Permanent
Unblockable without a console ban

Come from?

I read it from someone here on PSX... ah, here (So now were online with CFW....) it is.

Easy solutions for Sony -

Once you've got past the auth server, make every other server refuse to speak to you when they detect 3.55.

How can they refuse to speak with you if it can't be detected in the first place? How would you think connecting to the PSN is even possible as of now without bypassing that check first?

Use their rumoured "remote execute" capability to grab a version number from another component.

That was only "introduced" (in quotes because it is a rumor) in v3.56. If we're on v3.55, that feature does not exist.

Release 3.57 with a new checksum in the login header.

Doesn't matter if a new version is released... if we don't update, that feature is not implemented into the firmware, thus, it cannot be fixed that way.

[RatAndDragon]

I read it from someone here on PSX... ah, here (So now were online with CFW....) it is.

That poster doesn't know what they're talking about. "Spoofing SSL authentication"... LOL.
The ps3 doesn't authenticate itself to Sony using SSL, if it did the simple charles proxy scheme wouldn't work. Notice how we copy a certificate TO the ps3, to make it trust us and talk to us. We don't copy anything FROM the ps3 to use to authenticate with Sony.
All that we're really doing is changing a single 5 to a 6 in a message to one server.

How can they refuse to speak with you if it can't be detected in the first place? How would you think connecting to the PSN is even possible as of now without bypassing that check first?

What makes you think they can't detect it?
I can detect it. You just have to look at the rest of the traffic. The PS3 sends "3.55" as it's version number to at least four other servers over and above the one that's now being told "3.56", and that's just during login.

That was only "introduced" (in quotes because it is a rumor) in v3.56. If we're on v3.55, that feature does not exist.

Yes, so you ask it to do something, and if it can't because it hasn't got the new capability, it's a fake so you kick it off the network.... But yes, that's just a rumour anyway.

Doesn't matter if a new version is released... if we don't update, that feature is not implemented into the firmware, thus, it cannot be fixed that way.

If a new version is released, they could put in a new header in the login procedure, deny access without it. They did it between 3.41 and 3.55 but they made it a static, simple one that's easy to work around. A new one could perhaps be generated by checksumming some of the files on the system and possibly mixing in a timestamp, then encrypting the whole thing with a new key. That wouldn't be impossible to work around, but it would be hard, and it would knock this online method totally out of the water.


Well anyway, I say enjoy it while it lasts, because I don't think it's going to last long.

[TheEnd]

That poster doesn't know what they're talking about. "Spoofing SSL authentication"... LOL.
The ps3 doesn't authenticate itself to Sony using SSL, if it did the simple charles proxy scheme wouldn't work. Notice how we copy a certificate TO the ps3, to make it trust us and talk to us. We don't copy anything FROM the ps3 to use to authenticate with Sony.
All that we're really doing is changing a single 5 to a 6 in a message to one server.

That poster is a moderator, I'd assume he's knowledgeable.

He's right too, the PS3 does use SSL for authentication.

[Kamse]

@RatAndDragon:

The PS3 sends "3.55" as it's version number to at least four other servers over and above the one that's now being told "3.56", and that's just during login.

Do you mind sharing those adresses (i'm quite lazy reinstalling tcpview/wireshark and the rest...).
I can then make a rough test with ****PSN ruby source.
Thanks mate.

By the way, i really enjoy the "Certificate Store" thread, great infos and work in there.
Don't want to pollute it with OT posts, but congo, most of the things we're using rely on your discoveries.

[RatAndDragon]

That poster is a moderator, I'd assume he's knowledgeable.

He's right too, the PS3 does use SSL for authentication.

And I'm a professional software engineer with an interest (and quite a lot of experience) in ssl.

The ps3 does indeed use SSL for authentication, to check that the Sony servers are genuine.

Sony and their servers, however, do not use SSL for authentication. They use your email address and password, and a variety of information about your PS3. What we are doing here is circumventing the authentication that takes place on the ps3, not at Sony's servers. Given how much we've already circumvented on the ps3...

The only hack here in terms of PSN is sending 6 instead of 5 in a version string.

@RatAndDragon:

Do you mind sharing those adresses (i'm quite lazy reinstalling tcpview/wireshark and the rest...).
I can then make a rough test with ****PSN ruby source.
Thanks mate.

By the way, i really enjoy the "Certificate Store" thread, great infos and work in there.
Don't want to pollute it with OT posts, but congo, most of the things we're using rely on your discoveries.

Take a look here (So now were online with CFW....)

[the_gr81]

i can't play any game online always says failed 2 find matches or some other connection problem

[TheEnd]

i can't play any game online always says failed 2 find matches or some other connection problem

Re-check your configs.