PS3 fail0verflow

[magus]

a twitter of these hacker guys says that the only reason it lasted so long it's because nobody ever bothered looking.....

..... tough i find that kind of fishy,if it was so basic then any idiot could have done it and we sure didn't need any sort of super hackers

"Basic"? Hehe. Did you watch the CCC presentation? There is very little that is "basic" about this hack, it involved a lot of crazy HW stuff. And these guys aren't just "regular programmers" either, they are pretty damn clever with electronics as well.

isn't the whole hack "LOLZ THE PRIVATE KEY DOESN'T USE ANY RANDOM NUMBER SO WE REVERSE ENGINERED IT!"

i don't have any idea what you need to do to reverse engineering a private key but i seems to understand any monkey could have figured the "doesn't use a random number" part
 

[T-Short]

isn't the whole hack "LOLZ THE PRIVATE KEY DOESN'T USE ANY RANDOM NUMBER SO WE REVERSE ENGINERED IT!"

i don't have any idea what you need to do to reverse engineering a private key but i seems to understand any monkey could have figured the "doesn't use a random number" part
 

hehe yeah

all the monkey had to do was

* get a jailbroken PS3
* HW hack it enough to be able to dump the memory in realtime to figure out the boot process
* write a bootloader which replaces GameOS and supports external scripting from a PC
* write a script for the PPE which asks the secure SPE to decrypt something
* dump this process and reverse engineer the instructions to reveal the command that copies the encrypted file into restricted SPE memspace for decryption
* use this command to buffer overflow the secure memspace to reveal the plaintext SELF for the loader and its AES keys
* look at the SELF and understand its components
* look at the hashed signature in the header, and have enough crypto knowledge to know that it is an ECDSA signature
* compare this signature with a signature for another file and realise that the R in these sigs are constant
* calculate k

private key get!

[magus]

well gee i'm sorry it's just that these guys made it sounds so easy "SONY SECURITY EPIC FAIL THEY CAN'T EVEN GET A RANDOM NUMBER GENERATOR RIGHT!!!1!"

[T-Short]

hehe. well it is epic fail, just not easy to find out.

[maxy]

magus to hack 3DS,Evilbore exclusive

[naff]

well gee i'm sorry it's just that these guys made it sounds so easy "SONY SECURITY EPIC FAIL THEY CAN'T EVEN GET A RANDOM NUMBER GENERATOR RIGHT!!!1!"

Well yeah that's the shtick right they're l33t haX0rz, ain't no thang

[demi]

magus is one of those people they described, that profit off other people's hard work.... piraters dont actually hack.

[demi]

It's epic fail for people who work in security. What's to understand?

It's obviously above any of us, so of course we're gonna be like, well, duh.

[cool breeze]

Lyte, now us PSPGo owners could rejoice at the eventual hacking of the Go to play non PSN titles, which are numerous.

Not sure if this is new for the Go, but:
http://pspslimhacks.com/6-31-and-6-35-hen-released-for-minna-no-sukkiri-demo-exploit/

Got prometheus to work on my 6.35 3000. 

Gamestop is doing a 50% hardware bonus for systems, so the 3000 nets $105.  PSPGo is $99, so I might make that trade tomorrow.  The Go looks like it'll be more uncomfortable to play on its own, but with PS3 controller support, I might just leave the thing hooked up to my TV and play it like that. 

I've had a go for a little under week and it is surprisingly comfortable for the size.  At least for games that use the analog nub, the placement and feel of it is more natural; 3000 is better for games like Ys or Prinny where you use the d-pad more.

I don't know if I should upgrade it to 6.35 yet.  I want to so I can get those three free games, but at 6.20 the iso loader and other things work.  Hopefully there are more breakthroughs within the next month or so since that free game deal ends in march.

[demi]

uh. if you have a voucher for free games, just get them now. why wait. you bought the machine, they're yours, no need to argue with the devil and angel on your shoulder.

[cool breeze]

doesn't work like that. 

Once you purchase the PSP go system, getting the emailable game voucher is easy. If you already have a PlayStation®Network account, just sign into your account using your PSP go system or if you are brand new to the PlayStation® family, just register for the Network via your new PSP go system. Once you sign in a game code will be sent to the email address associated with your PlayStation®Network account within 7-10 business days.

You need to sign into PSN to get them to email the codes to you, but you can't sign into PSN without having the most recent firmware (6.35). 

[Eel O'Brian]

is the voucher still included in new systems, or is that promo over now?

[demi]

So download the ISOs and play them on your ISO loader. Duhhhhhhhhhhhhhhhhhhhhhh

[brob]

http://www.psp-hacks.com/2011/01/03/hen-homebrew-enabler-for-psp-6-31-and-6-35-released/#more-17696
 
6.35, hell any firmware, is a non-issue at this point. bring on the iso loaders and emulators. PSP Go best handheld since the micro

[Sho Nuff]

BTW on an unrelated note, what's the current CFW that I should be rocking on my PSP-2000?

[Don Flamenco]

isn't the whole hack "LOLZ THE PRIVATE KEY DOESN'T USE ANY RANDOM NUMBER SO WE REVERSE ENGINERED IT!"

i don't have any idea what you need to do to reverse engineering a private key but i seems to understand any monkey could have figured the "doesn't use a random number" part
 

hehe yeah

all the monkey had to do was

* get a jailbroken PS3
* HW hack it enough to be able to dump the memory in realtime to figure out the boot process
* write a bootloader which replaces GameOS and supports external scripting from a PC
* write a script for the PPE which asks the secure SPE to decrypt something
* dump this process and reverse engineer the instructions to reveal the command that copies the encrypted file into restricted SPE memspace for decryption
* use this command to buffer overflow the secure memspace to reveal the plaintext SELF for the loader and its AES keys
* look at the SELF and understand its components
* look at the hashed signature in the header, and have enough crypto knowledge to know that it is an ECDSA signature
* compare this signature with a signature for another file and realise that the R in these sigs are constant
* calculate k

private key get!

I was gonna do all that, but I figured some other average joe had already done it.

[MyNameIsMethodis]

Good thing I still have a HDDVD player in a closet somewhere.

The HDDVD drive is hackable?

[magus]

I was gonna do all that, but I figured some other average joe had already done it.

[ManaByte]

Good thing I still have a HDDVD player in a closet somewhere.

The HDDVD drive is hackable?

No, but it'll play movies from every studio on the planet who's bailing from BluRay now that there's zero copy protection.

[Great Rumbler]

Good thing I still have a HDDVD player in a closet somewhere.

The HDDVD drive is hackable?

No, but it'll play movies from every studio on the planet who's bailing from BluRay now that there's zero copy protection.

[T-Short]

lol

[MyNameIsMethodis]

Good thing I still have a HDDVD player in a closet somewhere.

The HDDVD drive is hackable?

No, but it'll play movies from every studio on the planet who's bailing from BluRay now that there's zero copy protection.

Blu-Ray != PS3 encryption. And you're acting like Blu-Rays aren't already piratible and able to be burned onto.

[ManaByte]

(Image removed from quote.)

lol

This is Sony's Wikileaks.

[maxy]

http://i.imgur.com/sfKPo.jpg

lol

I see that world is crumbling for some sfags,they should just place PS3 inside PC casing and pretend that nothing happened

gaf thread is nearing melting point

[maxy]

It would be beyond ironic if PS3 killed blu-ray...
It basically created it

Not happening though,studios don't care about PS3 anymore

My dream about having solid state media is delayed indefinitely  

[Dickie Dee]

Just checked it and saw this:

<Mathieulh> well they can ban your consoles, but then you can change your console id as many times as you like...

 

[maxy]

So theoretically if somebody remotely changes your id to a banned one...banned

bu bu bu i didn't do anything
banned


You can now be a PSN admin

damn

[Brehvolution]

Good thing I still have a HDDVD player in a closet somewhere.

The HDDVD drive is hackable?

No, but it'll play movies from every studio on the planet who's bailing from BluRay now that there's zero copy protection.

[ManaByte]

Rumor has it, this really is Sony's Wikileaks. Don't report on it if you want in to the Sony E3 party!

[Eel O'Brian]

man, the cheating and hacks are just gonna be out of control in multiplayer games

i mean, people were already cheating in some games but now it'll be aimbots, wall hacks, no damage modifiers, etc. out the ass for every game

so much for free online multiplayer!

[Shaka Khan]

So theoretically if somebody remotely changes your id to a banned one...banned

bu bu bu i didn't do anything
banned


You can now be a PSN admin

damn

I'm gonna ban Kagari.

[Shaka Khan]

man, the cheating and hacks are just gonna be out of control in multiplayer games

i mean, people were already cheating in some games but now it'll be aimbots, wall hacks, no damage modifiers, etc. out the ass for every game

so much for free online multiplayer!

Yeah, I mean a lot of my friends who play CoD are already complaining about how the few who have they PS3s jailbroken are already ruining the online mode for them, but now that the hacks are gonna be easier to install and are future proof, prepare for a really crappy online experience on the triple. I just hope we get some decent homebrews out of this.

[Great Rumbler]

man, the cheating and hacks are just gonna be out of control in multiplayer games

i mean, people were already cheating in some games but now it'll be aimbots, wall hacks, no damage modifiers, etc. out the ass for every game

so much for free online multiplayer!

I'm kind of out of the loop on haxoring, but is this kind of thing a problem on Xbox Live?

[Stoney Mason]

man, the cheating and hacks are just gonna be out of control in multiplayer games

i mean, people were already cheating in some games but now it'll be aimbots, wall hacks, no damage modifiers, etc. out the ass for every game

so much for free online multiplayer!

I'm kind of out of the loop on haxoring, but is this kind of thing a problem on Xbox Live?

There is hacking on the 360 yes. But its relatively rare in my experience. It does exist though. There is always a bit of a cat and mouse thing. Some devs update their code to try to catch these things. 

[Eel O'Brian]

I don't play much online (360) but I've run into it a couple of times in different games, most recently with RDR a couple of months ago.

A dude came up griefing our posse while we were trying to do the gang hideouts, just slaughtering us over and over.  Which was fine, dude had excellent aim.  I noticed, however, that we were shooting him over and over and although you could clearly see the hits registering he wasn't going down (and it doesn't take many shots to kill you in that game).  The people I was with were complaining about him killing them over and over and he just laughed it off, but when I pointed out that we'd shot him over a dozen times without killing him (I'd hit him almost point blank in the face with a shotgun blast) he quickly disconnected from the game.

[Eel O'Brian]

man, the cheating and hacks are just gonna be out of control in multiplayer games

i mean, people were already cheating in some games but now it'll be aimbots, wall hacks, no damage modifiers, etc. out the ass for every game

so much for free online multiplayer!

Yeah, I mean a lot of my friends who play CoD are already complaining about how the few who have they PS3s jailbroken are already ruining the online mode for them, but now that the hacks are gonna be easier to install and are future proof, prepare for a really crappy online experience on the triple. I just hope we get some decent homebrews out of this.

Yeah, not to mention there'll probably be ways of making them invisible to any kind of anti-cheat systems Sony might try to put in place.  And even if they get banned, well, they can always change IDs and be right back at it a few minutes later.  MP on PS3 just went into the shitter in a big way.

[archie4208]

man, the cheating and hacks are just gonna be out of control in multiplayer games

i mean, people were already cheating in some games but now it'll be aimbots, wall hacks, no damage modifiers, etc. out the ass for every game

so much for free online multiplayer!

Don't worry.  Server admins will be able to kick che....oh. 

[Eel O'Brian]

better shift focus to co-op, sony!

[Mr. Gundam]

Does anyone else get the feeling that Manabyte is genuinely upset at Sony for something?

I've been getting that impression for quite a while now.

[Purple Filth]

Does anyone else get the feeling that Manabyte is genuinely upset at Sony for something?

Its been obvious for a while.

[Don Flamenco]

Guess there's a custom firmware out.  Probably a matter of days before this shit is busted open like 90s jenna jameson

[MCD]

Custom firmware already? 

[pilonv1]

I don't think it does much though.

The next month is going to be great.

[Smooth Groove]

neither Bill Gates nor Gabe Newell are crying. Meanwhile sfags, before even 1 game copy was pirated on the PS3, act like this is the end of the world and cry to postpone Uncharted 3 to PS4.

Ridiculous.

Seriously?  WTF

Most of them must be Sony shareholders like you said. 

[maxy]

man, the cheating and hacks are just gonna be out of control in multiplayer games

i mean, people were already cheating in some games but now it'll be aimbots, wall hacks, no damage modifiers, etc. out the ass for every game

so much for free online multiplayer!

Don't worry.  Server admins will be able to kick che....oh. 

Dedicated servers?
System is now wide open and some PS3 games use them,somebody should figure that out

[naff]

What makes me laugh about this whole situation (apart from Sony) is these fail0verflow guys get so high and mighty about openness and showing these big vendors what's up, when nobody (apart from a very small minority) actually gives a fuck about being able to run linux or homebrew apps on their console. They obviously know this, they even had a presentation on how what they do leads to rampant piracy (not a world embrace of homebrew and open source software.), like how they said "1% of all people with wii's have the homebrew channel *AUDIENCE CLAPS*" What for? Piracy and maybe some emulators, I'd say 1% of that 1% actually care about anything apart from piracy, yet they're all like "hurr durr l33t fail nubz LINUX WINS". I'm not some pissed gaffer all angsty about PS3s status but fuck these self entitled nerds piss me off sometimes. I actually believe if Sony did keep the shitty OtherOS functionality it would've held out a lot longer but that's beside the point, Sony have always been dumb, but these so called Open Source proponents are fucking over industries because of their standards. The whole hacking scene is so half witted and arrogant, get a life (and a real job) douchebags.

[MyNameIsMethodis]

so will one of you usless fucks provide a link to download this hack?

[demi]

Nailed it. Poor AND lazy... go away

[Eel O'Brian]

I was thinking that it would be cool to be able to rip my game discs to the HDD and just play them straight from there, but then I remembered I only own 3 PS3 games so it's not even worth the trouble

[demi]

I was thinking that it would be cool to be able to rip my game discs to the HDD and just play them straight from there, but then I remembered I only own 3 PS3 games so it's not even worth the trouble

Pretty much. I would be more interested in playing PS1, like PSP.

[Shaka Khan]

I'd be more interested in playing PSP games on the triple, honestly. That's all I want out of this.

[M3wThr33]

Desired 'features' from me:

Region-free PS1 games
Region-free PS2 games
Region-free DVD/BRD

Remove copy-protection on game saves
Remove expiration date from downloads (Some demos, like the Rock Band ones, expire after a certain date)

Ability to rip/store/compress PS1/PS2/PS3 games onto the hard drive for play later
Ability to play PSP games. (Already possible, ESPECIALLY since you already can download PSP games AND play minis)
Ability to play Tetris mini on the PS3 (It's the only blocked mini, I believe)
Ability to delete individual DLC files

Hack the Move to work as a pointer in the web browser

Modify Singstar to allow swapping to out-of-region PS2 discs

Manual sort for PS1/2 memory cards

Anytime-XMB access to change/disable the default microphones

Sync trophies at shutdown

Custom Rich Presence (The line that says what you are currently playing on your buddy list)

Bring back the Playstation logo and chime when you start a game

Be able to store MULTIPLE wifi SSIDs. Jesus Christ, is that so hard?

That covers most of it. A bonus feature down the road would be about hacking DLC to load whatever we want, which would lead to custom DLC for Guitar Hero/Rock Band/Singstar like the Wii currently has.

[Brehvolution]

Not looking forward to waiting for weeks while a 15gb+ iso DLs so I probably won't bother.

[Smooth Groove]

Not looking forward to waiting for weeks while a 15gb+ iso DLs so I probably won't bother.

Gamefly, moran...

but then again...

I was thinking that it would be cool to be able to rip my game discs to the HDD and just play them straight from there, but then I remembered I only own 3 PS3 games so it's not even worth the trouble

Pretty much. I would be more interested in playing PS1, like PSP.

I'd be more interested in playing PSP games on the triple, honestly. That's all I want out of this.

nobody seems to want PS3 games even when they're free.   

[Shaka Khan]

Desired 'features' from me:

Decent list, almost killed by the center alignment, wtf?

[WrikaWrek]

Can't wait to play pirated copies on my ps3.

[demi]

Can you really play PSP games direct on the PS3? That's awesome. I would love that too 

[Don Flamenco]

do minis run on a PSP emulator in the PS3?

[Mr. Gundam]

I want the ability to add subtitle tracks to Blu-rays and translation patches for games. Other than that I don't really care.

[Smooth Groove]

I only want PSP games on the PS3 if they can be run in HD, otherwise that would defeat the purpose.