Fondatore PS3ita
1281
18 dic 2006, 15:28
Nel server di questo sito (in letargo)
0.00
Ps3ita Team
4205
19 dic 2006, 15:22
nell' anno 1977
Rancid0x0
4.05
Hacked2123's Final Release - PS3 Tri-Fold Attack Potential
It's been a long time coming, but 06/12 is finally here. For months, I've held a secret, something that may have the shear potential to ultimately unlock the PS3. A few select, knew of my work, and my prospects for this project, and a few select others were told "06/12 is the day."
Explanation: So on this day I give to you a tri-fold potential hack, all stemming from one game that has a very grave security flaw.
Call of Duty 3: Many games prior to discovering this one, had great potential to write files to the PS3 HDD, such as Resistance: FoM, Motorstorm, and Warhawk. Warhawk was a particularly good one at that cause at the time we managed
to overwrite other game param.sfo's.
The major flaw that came about was patches, and game updates that blocked our methods. At the time we had little knowledge of the HDD's true importance to the system's operation, as with prior PS3 Dev news on AIX.
This leads me to the security flaw of CoD3, it can't be patched without an entire Firmware update. This means all PS3 Dev's who choose to continue research in this area will find it always available to them, should they not update (which was not the case for Warhawk that used a "Server Down" call message to direct users to the PSN Store to update).
Note: This is the only game on the PS3 that allows updating to occur without being logged into your Playstation Network Account :D
Description 1 (The File Writer potential)
CoD3 uses a per file public key verification on its updates. Files can be added to the list to update at will and
write with a root location of /BLUS30012/. Files can be written within that directory with /folder/file.name and to
other directories with ../otherBLUS/file.name. I have successfully over written other files on the HDD such as
ICON0.PNG to other PSN titles, by renaming the *.cod verified file to ICON0.PNG. Through some RAM dumps, and some
skill this verification scheme can be broken, and may lead to the modification of PRX files contained on the PS3.
EXAMPLE
Source - http://codupdater.ps3.activision.com/pa ... _ps3f.self
Destination - cod_ps3f.self
Verification key - TkjcgKa44eanDv1ySRpEf6fBeHekbMFeI/yAhSVALY+vcKzAeOztb4KIAzPBFgP3wb8yqRAJHivTZtzb0UqYpc6OtvMh6GHKU+QHmYAumm0HmEn64h4DN
6PyHWE1sY9HvK6rXPAZRfNUM9t3ceMTOytxidFA6te1Mn83NHd5d1Q=
Description 2 (The Soft Reset potential)
As demonstrated in the video, following what I believe to be a stack overflow, and "Quit Game" the system performs a
soft reset. This is, to my knowledge, the first reproducible occurrence of this. With a soft reset, depending on
how it's being executed, may leave certain variables in memory, or create new ones without the same security
procedures.
Description 3 (The Stack Overflow potential)
The most valuable of the three attack potentials is what is, in my understanding, a stack overflow. Should I be
wrong, it may either be a parsing error (highly unlikely), or an error in the writing of param.sfo. Should it be a
stack overflow, through RAM dumps, ultimately execution of unsigned code is highly probable; unfortunately I do not
have access to these dumps, and can't deem this a successful hack just yet. (Other tested methods include
array-overflowing, and memory buffer overflows, which resulted in the game's termination and the XMB prompting an
error)
To test remove one "1" from the "Game.VER" included and see that the installation continues normally.
Tools Needed:
1. SimpleDNS (and the included "Simple DNS Records.rar") (STRONGLY RECOMMENDED TO BACKUP YOUR EXISTING SimpleDNS DIR)
2. Apache Web Server (and the included "Update Descriptors.rar")
3. A router/hub of some sort.
Instructions:
1. Extract the contents of "Simple DNS Records.rar" & "Update Descriptors.rar" to the C: directory of your computer
(all file paths there after have been preserved)
2. Restart/Start SimpleDNS and Apache
3. Boot your PS3 and enter network settings
4. Select Custom, and then when IP Address Setting appears select Manual
5. Assign an IP address suitable for your network (ex. 192.168.0.99 or 192.168.1.99), subnet 255.255.255.0, default
router = your computer's IP (this will help prevent it from updating on the PSN), and Primary DNS also your
computer's IP.
6. Execute CoD3 and witness the "update" screen
For those of interested in the file protection extract "Update 1.0 files (not needed).rar" and in the Apache folder
use "original GAME.VER" instead of GAME.VER.
NOTE: This is my final release to the hacking community, and will no longer be Hacked2123. I have tried so much,
and so hard, to further my existence and to exhibit my knowledge and understanding to the world for the purpose of
advancing my life. I have found this to be a dream, I have gained nothing, I work the same job, and all the work I
have put forth in the community is deemed "fake".
As always, feel free to donate (http://hacked2123.com/Donate.php) or email me @ hacked2123 -at- yahoo.com .
Ps3ita Team
1655
2 mar 2007, 23:16
Terremotolandia
airart_0
Cfw4.50 DEX ps3ita
Visitano il forum: Nessuno e 3 ospiti