(adsbygoogle = window.adsbygoogle || []).push({});
Well this is not a tutorial. I just though I would explain to you guys, who are even interested, in what is going on and what this "hack", or "bypass" is doing.
Lets begin.
First what is a proxy? We all know we can use it at school/work to un-block websites...
A proxy is a middle-man so-to-speak. When you request a webpage (website) from a proxy server, it will go out and contact that website/server, request the page and give it to you.
Proxies are used to stay anonymous, as the IP address getting logged accessing the site is the proxy's, NOT yours. A proxy also keeps a copy, or cache of the websites for faster access (doesn't need to re-request).
Now, everyone has been talking about DNS, but what the hell is it.
DNS, is Domain Name System.
When you access google.com, your web browser usually says "looking up google.com". When it does that, it is contacting DNS servers ran by your ISP (Internet Service Provider, who you pay for teh netz), and saying in enlgish the following
**Blue is you
**Green is your ISP DNS Server
**Connection to DNS Server Opens**
Hello, do you have and records for the website GOOGLE.COM?
Um, yes we have a handful of records. What do you need?
I need the A record please?
Ok, Please Wait...
Record results are GOOGLE.COM is listed in our database as 72.14.209.104..
Ok, thank you..
**Connection to DNS Server Closes**
Ok, so if thats DNS, what is SSL? SSL is like a secure line from your computer to a remote server. You both have a key to open that line, and no one else has that key. If anyone else did, then they could just use that to open the line for themselves and knows whats going on.
When you are logging into PSN, your PS3 has a special key it uses to open a secure line with sony. Because it is encrypted, you can read or modify any data on the connection.
What this SSL bypass is doing, is you are accessing the location of that key, and replacing it with your own. Now because the PS3 is using YOUR key, not sony's, you can listen in and know whats going on.
You are also setting up a DNS server for yourself to redirect all requests for Sony PSN login and UPDATE servers to your computer, instead of the real location. This is called spoofing. It is a type of main-in-the-middle attack, which is a term commonly used in internet security...
When the PS3 uses your ip for the servers, and NOT the real IP's, then the proxy you have running picks up those requests and is able to modify them, assuming it has the SSL key too, to listen in.
It will then go and modify the requests as you have told it to, send them to the real sony, then send the PS3 the response from sony...
The only reason we are able to do this, is because we have FULL access to the PS3 system.
so as a general Diagram, here is the whole process in a decent visual:
PS3 (configured DNS and Proxy) -> Router -> Your PC (DNS) -> Your PC (Proxy) -> SSL decryption and changing data (Spoofing) -> Request sent to sony -> Sony responds thinking your are 3.56 -> response sent to PC -> PC send response to PS3
Because you are using a proxy, you must continue to keep the proxy running so this chain of events can continue. lot of people have asked if you have to keep the computer running, so ya you do...
If there is anything else you want to know, ask and I might update this thread to include that information...