(adsbygoogle = window.adsbygoogle || []).push({}); Seeing that everyone has a serious need for FTP, I see it's time for my first post.

Edit: those of you helping, here you are...

You must login or register to view this content.

Before Anything, this thread is for the sole purpose of discussing the sign and encryption process (or algorithm) used on retail .pkg files and attempting to reverse the decryption process made by Mathieulh to sign HOMEBREW for use on KaKaRoToKs CFW v1.1 (or higher), namely OFW 3.55 functionality!

RESOURCES AT BOTTOM

There are definitely those of you interested in learning some sort of cryptography to sign ourselves some homebrew! With that, you might want to read up:

... just kidding, I'll give you guys a quick run-down! Since the PS3 uses asymmetric encryption under the Advanced Encryption Standard (AES), we needed both public keys and private keys used in specific algorithms to actually encrypt and decrypt files.

See You must login or register to view this content. For some extensive details!

Since we have the keys and algorithms for decryption, as provided by Mathieulh, it is possible to obtain an encryption algorithm (or better yet, an automated program to package, encrypt, and sign .pkg sets for us).

Those of you familiar with Visual C/C## will know what to do with Mathieulh's source included below.

For those who are new to it, just follow this quick guide:

1. Download the PSP_PS3_PKG_Decrypter
2. Head into the extractred directory.
3. Continue down the directories until you see this file: FormMain.cs
4. Open With Notepad...
5. And you're on your way! Check out the code, look at some of his comments, do whatever you think can help us get further!

Anyway, I don't fully understand the process used for encryption (or the entire decryption method, for that matter) and this thread should be a great basis for dev talk. Should we come across a functional algorithm, I'll do my best to create some sort of script that could at least make a proof-of-concept HelloWorld.pkg


As for what I know currently:

Decryption Process
-Concerning the case 0x01 (PS3 Decryption, not PSP):

1. Checks file length from address 0x1c of entire pkg for verification.
2. Checks file length from address 0x2c of encrypted file.
3. At address 0x70, the individual pkg key (encrypted) is stored (for later use in decryption, presumably).
4. A series of offsets and processing using public decryption keys stored in the Array are the resulting decrypted pkg (not yet unpacked). How this is done, I'm not entirely sure. The process is, as of yet, beyond me.
5. I haven't analyzed much farther... unpacking, I'm sure. I'll edit in or change according to findings. Outside info welcome! After all, what are forums for?

No way to have encryption without understanding all other aspects! Math concepts, really... single variable solving.

Other info: Both AES 256-bit and 128-bit keys are used (the erk and riv) when it comes down to the encryption process. The problem is how. Should you guys find anything, post away!

PS - I can be wrong, too. Correct me if you have reason. I only just started this little side project. Check out the Wiki below for some serious dev info. For that matter, hit up Lan.st!
Otherwise, I believe I have some decent information.




RESOURCES:
Mods don't want me to post Mathieulh's tool, so go find it yourself! -Google "ps3 pkg decrypter mathieulh"
You must login or register to view this content.

If you modify what I said you go onto a fake online which makes it 100% impossible for sony to ever detect you, assuming you get rid of all sony ip addresses to connect to in the firmware. It would be like being offline with no ethernet cord in no way of connecting to playstation at all.

I really like the idea of modding the firmware.

good luck bro. :y:

Underground PSN eh? I think I can get a server together for testing. That would be a badass idea. Would be like a Tunngle for the PS3. My Skype name is Unknown.Nemesis . Please add it and lets stay in contact on their seeing as I have it open 24 hours a day and it would be easier to collaborate on ideas. I am working straight through the next couple of days on getting some of these packages signed. So when will they post that "How to modify the PS3 Firmware guide?" I would like to get my hands on that to see if I can tweak it to allow online play elsewhere. I have a few friends who would also like to take a crack at this.

:dingding: I can see where CFW would be a better LONG TERM solution but untill we can manage to sign and distribute pkg theres no sense in wasting time IMO that being said i like his idea of OFFLINE


BUT I SAY 100% OFFLINE CFW is made FOR PIRATES (so they CANT GET CAUGHT AND AGREE TO SACRIFICING ONLINE FOR THERE REAL INTENTION...LETS NOT LIE ABOIUT "im lazy and dont wanna get a disc" thats my excuse for piracy... The excuse is you dont want to pay for games any more than i do and you WILL FIND A WAY TO PIRATE THEM AND IF YOU ASK ANY MAJOR HACKER they will tell you that WILL...ALWAYS finds a way

So all you moral whitehats can "talk up your neticate all you like be a hacktivist all you want to" but keep in mind if someone does a SHTY JOB AND DOES MANAGE PIRACY your gonna wish you listened and gave the pirates a CFW OFFLINE ONLY

When scea patches CFW BECAUSE A PIRATE WAS ONLINE WITH A CFW THAT WORKED FOR PIRACY then youll wish as a major developer youd had SOME SAY...

Just sayin we have all been doing this since the dreamcast (least i have) and history repeats its more a matter of WHEN than a matter of IF lol

In the 44 min video marcan indicated that these syscalls are in there everything we need is in there we just have to get to it
:derp::dingding:

ALSO THERE IS AN UNDERGROUND PSN You must login or register to view this content. you can download AND INSTALL A PKG FROM YOUR WEB BROWSER wanna test it lets do that IN THIS POST shall we

Download and Install GRAND TOURISMO TO YOUR PS3 FROM THIS POST IN THE PS3 WEB BROWSER:

How to Download and Install from ps3 web browser:

Step 1: plug your Usb hard drive (fat32 format)

Step 2: come to this post on your PS3 Web Browser If your not already.

Step3: Highlight the address after pkg file: You must login or register to view this content. with your pointer…

Step 4: While the pointer is on the address of the PKG file …Press Triangle …Choose FILE…. Choose SAVE TARGET… Choose USB HDD as the destination and let the file download to your usb hdd..

Step5: After it has finished downloading go to the icon under GAME on your CFW 3.55 v1.2 (only custom firmware users have this icon) and locate the icon that says INSTALL PACKAGE FILES open it click on the file you downloaded and install it ..DONE

ENJOY YOUR FULL GAME THAT INSTALLED NP ON 3.55 CFW


Theres no reason i cant make a site with a list of these and repeat what you just did above and need NO PC AT ALL to get that file from the net and download it to my usb and install it AND YES I HAVE DONE THIS MYSELF I SHARED THIS ON MY BLOG

You best believe there are more that want the pirate aspect of it than the ones who don't. Alot of people can't afford the shit in the first place but there are others who can but choose not too. Doesn't matter to me if people wanna pirate games or not personally. I don't take my PS3 online at all as it is so it means no difference lol. Thanks for the blog to the Underground PSN. I like that idea. I'll check into it and get back to you. :hitman:

---------- Post added at 06:27 PM ---------- Previous post was at 06:20 PM ----------

You got the wrong idea bud. I'm talking about a network for us who don't want to be on Sony's networks to play games with each other. Such as messaging and all that shit built into a server so it would replicate playing online on Sony's network. So we could use our HDD backup games without the hassle of worrying about connecting to Sony what so ever. Not really a underground Playstation Store. Cool idea though. :pirate:

not bad idea but when its ran unassigned its going to make it easier for them to detect that your running it if its not signed with their signature im sure the server will pick it up.

Of course it will be picked up. That's why his method is an epic FAIL. Continue with pkg signing for now. That CFW bit he's talking about wont fly for some time to come.