Post: [UPDATED] PS3 'Private Key,' Enabling Unauthorized Code
Options
12-29-2010, 10:52 PM
#1
CLM
[b]They say sorry Mr. West is..[/b]
PS3 'Private Key,' Enabling Unauthorized Code
UPDATE: Some tools for ps3 files. Expect some fail, this is still WIP. Check it out here: You must login or register to view this content.
UPDATE:
UPDATE: Sha1 hashes for some keys
UPDATE: The scam videos are gone now but the fake Fail0verflow account is still there. Don't get fooled by imposter's.
UPDATE: Watch out for Fail0verflow impersonators. They will scam you.
UPDATE: What Sony has to do to patch this! (Thanks manster)
1) Respin the hardware. There's an incredible exploit in that the verification of bootloaders loaded off the NAND/NOR is verified after they've been loaded, and then they're allowed to continue to execute. This is why ALL EXISTING PS3s on the market are from now on hackable. Really. There's nothing that can be done to stop this.
2) Design new firmware(s) that contains the infamous "whitelist" of all previously (and erroneously) signed software, but with new keys and new signature verification algorithms. Deploy these firmwares/loaders ONLY on the respinned hardware (see above).
3) For older hardware (that is, everything already produced from the factory and on the market) release new firmware that contains the new signature verification algorithms, but NOT any of the new keys. Remember, what you deploy on the old hardware is fully transparent. Update the loaders as well, as talked about in the presentation, since that will force everyone who wants to have a still jailbroken console to install a modchip (see #1).
4) Dual-sign all new stuff. Old broken consoles will be able to run it, and the new secure model will verify with new keys. Previously signed software will only execute on the new systems if they pass the whitelist-test.
UPDATE: What Marcan had to install in order to dump/change the NOR chip. This is probably what your going to have to do.
UPDATE:
This should be released by January
Fail0verflow releases this statement about Geohot
UPDATE: Marcan @ 27C3 Lightning Talk
[ame]https://www.youtube.com/watch?v=lGI0EnNQ5GE[/ame]
Read the slide presentation during the conference here: You must login or register to view this content.
UPDATE: PS3 Demo NOW in #Saal3 at #27c3
You must login or register to view this content.
WATCH HERE: You must login or register to view this content.
(Note: Streaming from that room is a little overloaded atm. If you can't connect be patient)
You must login or register to view this content.
You must login or register to view this content.
You must login or register to view this content.
WATCH HERE: You must login or register to view this content.
(Note: Streaming from that room is a little overloaded atm. If you can't connect be patient)
You must login or register to view this content.
You must login or register to view this content.
Fail0verflow, the hackers responsible for the Wii's Homebrew channel, gave a presentation during the Chaos Communication Conference 27C3 in which they are claiming they have figured out the 'private key' used by Sony to authorize code to run on retail PS3 systems. This could potentially give "full control of the PS3 system," without having to use a usb device. For those of you who don’t understand yet, this will make us able to sign our own files with Sony’s encryption will and allow us to create our own software/homebrew and load it without even needing to jailbreak the PS3, because it will look like a legit piece of software from Sony.
Btw: PSN ACCESS NOT YET CONFIRMED
The group will explain more when their website launches, and have planned a demo for tomorrow's conference. But what they have explained is how Sony didn't bother generating any random numbers to secure the PS3. Look at the picture below.
Read the tweet below on what this is supposed to do. As it is not meant to enable PS3 game piracy.
But don't expect to see the website launch tomorrow. Fail0verflow told Joystiq the folllowing via twitter.
UPDATE: Full presentation after the break, courtesy of PSGroove.
[ame]https://www.youtube.com/watch?v=HEFMAP0mTvY[/ame]
[ame]https://www.youtube.com/watch?v=qFuTCEtK6l8[/ame]
[ame]https://www.youtube.com/watch?v=84WI-jSgNMQ[/ame]
Fail0verflow just launched another statement on the PS3's security
To keep up to date with Fail0verflow's progress and work, check out their You must login or register to view this content. and You must login or register to view this content.
Note: Their website is currently down at the moment because they are working on a demo.
Source: You must login or register to view this content.
Last edited by
CLM ; 01-02-2011 at 11:15 PM.
The following 64 users say thank you to CLM for this useful post:
-Smurf-, $oulja, Alpha, Analdogfag, angel_of_deth, balerdoni, benyon, BooshMayne, Carbon0x, MikeOxBig, Clutch Hunterr, CRACKbomber, CRaZyY, danielsarpa, davirus_, dela_tiges12, divybc, DR-Dizzy, egonadrian, Extrazior, helpmeoprah, I'm A Rep Whore, I3LaCkOuTz, ihatecompvir, ihaxgames, johndahon94-PS3, JP, jubz-2k10, juddylovespizza, kaliboi, Kill_tony485, kjoshi, Kombust, LAD_Dodgers, legitmod, Lick, Lucy Pinder, Matteram, MBO, Mr. DarkKV, Mr. Star, Mr.MoldyOrange, Mw21212, Night Wolf, NorskTnaka, NwO_OweN, ogbrandon, River J, CHAOZ, sauronith, Shieldsy, ShottinG STarzz, Sk8erFerSur, Skylines, snipedu7512, sofeball, tcwyw, Teh Niganator, the stuff, Vampytwistッ, w8t4it, Weehuntz, xCamoLegend, xMagiik
12-30-2010, 06:11 PM
#92
juddylovespizza
I'VE GOT JUNGLE FEVER
YAA PS3 is ****ed now, and only sony can blame it on themselves 
The following user thanked juddylovespizza for this useful post:
12-30-2010, 06:57 PM
#94
juddylovespizza
I'VE GOT JUNGLE FEVER
Originally posted by ccfc
waits for sony to file a lawsuit
all they have done is reverse enginer find a law where it states thats illegal
12-30-2010, 07:09 PM
#95
E0000B6FAF25838
Nikolai Reznov
Originally posted by IIIII
I want this to come out but how r we hackers with the USB going to make money 
if everyone hacks then the game would be full of hackers and us hackers with the USB won't make any money
if everyone hacks then the game would be full of hackers and us hackers with the USB won't make any money
You're not supposed to be making money.
But I find it funny how the PS3's security is actually worse than the Wii's. And SONY would have been perfectly fine if they hadn't been trying to promote their overpriced processing...devices... (don't remember what they called them
)
The following user thanked E0000B6FAF25838 for this useful post:
12-30-2010, 07:14 PM
#97
rebels-ccfc
I am error
Originally posted by juddylovespizza
all they have done is reverse enginer find a law where it states thats illegal
if sony can find a law to sue ppl over selling usb's they are going to over this! :y:
12-30-2010, 07:22 PM
#98
juddylovespizza
I'VE GOT JUNGLE FEVER
Originally posted by ccfc
if sony can find a law to sue ppl over selling usb's they are going to over this! :y:
No because the PsJAILBREAK had stolen sony software on it thats how it worked.
12-30-2010, 07:26 PM
#99
gaz189
Brute
Originally posted by F
The next firmware updated will probably change the private key or something...
they cannot change there security code lol they even said it jaja
FAIL for SONY
---------- Post added at 03:26 PM ---------- Previous post was at 03:23 PM ----------
Originally posted by E0000B6FAF25838
You're not supposed to be making money.
But I find it funny how the PS3's security is actually worse than the Wii's. And SONY would have been perfectly fine if they hadn't been trying to promote their overpriced processing...devices... (don't remember what they called them)
But I find it funny how the PS3's security is actually worse than the Wii's. And SONY would have been perfectly fine if they hadn't been trying to promote their overpriced processing...devices... (don't remember what they called them
)
But if you watched the video where they showed the table of days, weeks, months, n years. it took the PS3 4 years to be hacked and yet its not really hacked just a exploit with the dongle
12-30-2010, 07:31 PM
#100
rebels-ccfc
I am error
Originally posted by juddylovespizza
No because the PsJAILBREAK had stolen sony software on it thats how it worked.
maybe ur right im not sure we'll see
Copyright © 2024, NextGenUpdate.
All Rights Reserved.
