Printable View
send it to me as well, is he referring to the dev servers, they are a different story completelyQuote:
Originally Posted by krazyone2011
@ratanddragon thanks for the excellent explanation dude as far as i know about ssl it uses the same private key every time and i guess it generates new seesion keys only, so one ps3 hacked =all hacked. Anyway, previously with
the change in cert. if we didn't have the private keys how did the handshake get completed, I am a bit confused here.
Quote:
Originally Posted by alifaraz21
We never had any of Sony's private keys.
The way the SSL communications were being decoded was by putting our own public key on the system and then using a proxy. That's why you had to write CA27 or CA24 to the machine using freeflash or whatever.
The playstation connected to the proxy (charles, f*ckpsn, whatever), which then decoded everything and altered some traffic, then the proxy connected to sony's servers. Two separate SSL connections, one of them using keys we generated and controlled.
If you want to decode the traffic from a machine with 3.60 you need to do the same trick, you need to get your own certificate on to the ps3 and have it use that for a proxy connection or you can't read what it's doing.
I'll repeat this - we *never* had any Sony private keys for SSL.
Thanks, again! ok 1 more thing if we never had the sony public or private key, how the hell did the Pc send the info to PSN server, without the proper encryption
Anyway do you think it is possible to spoof mac address on psn dev servers??
why dont you just use a webdav attack.
Or make a cloud program that uses our own private servers, that works just like PSN. All the function/pre-proccessor commands are avalaible in the ps3devwiki.
There would be no need to ever use sony servers again for online play, using the individual game server IP's will also allow a route into the same, individual game servers as PSN use, our own private servers would be used to just direct the traffic to the same places wich are nothing to do with sony.
Obviously this will entail c++ programing using, network syscalls 700-726, LV2 syscalls & some file syscalls. We have the 3.55 Lv2 System Table Offset wich is 0x346570.
The client system in an SSL connection doesn't need to be authenticated (unless it does... but that's unusual). No private key required on the PC<-->PSN connection.Quote:
Originally Posted by alifaraz21
You don't even *need* the authority public key at that point, unless you care about making sure the sony servers are who they say they are, but you can use it because the signing authority public key is in the CA files on the playstation itself.
I'm not sure why this would be useful, what makes you think of this?Quote:
Anyway do you think it is possible to spoof mac address on psn dev servers??
Besides which, your MAC address doesn't leave your local network.
?!?!Quote:
Originally Posted by ARVI
I wouldn't know about that. I may read up on what you mean and see if it can be applied here.
I wasn't aware that was a possibility, I'd been working on the assumption that the PSN passed off some sort of authentication token to the third party servers (or some such thing) and that to get on a game server you needed to be genuinely logged into the PSN.Quote:
Or make a cloud program that uses our own private servers, that works just like PSN. All the function/pre-proccessor commands are avalaible in the ps3devwiki.
There would be no need to ever use sony servers again for online play, using the individual game server IP's will also allow a route into the same, individual game servers as PSN use, our own private servers would be used to just direct the traffic to the same places wich are nothing to do with sony.
TBH, since the last online "hack" fest during the 3.56->3.60 update period I've kinda given up on playing with the ps3 comms. I had started to work on my own server setup. But would you really need to make custom code for the ps3?Quote:
Obviously this will entail c++ programing using, network syscalls 700-726, LV2 syscalls & some file syscalls. We have the 3.55 Lv2 System Table Offset wich is 0x346570.
I had been starting to implement a set of Apache servers that would mimic the PSN and allow the ps3 to sign on to a false network through the standard, integrated PSN functions in XMB. All I reckoned you would need is a DNS server (dnsmasq will do, custom DNS code isn't hard and I have a python implementation too), a few webservers and possibly something custom to catch the other, weirder comms that come out of the machine.
I never did get very far with that project tho 'cos my obsession switched to homebrewed beer and that's totally taken over as a hobby...
does fu*k psn not work anymore - i am a noob
No longer working, as all bypass methods.