1. Forums /
  2. Gaming Lounge /
  3. PS3 /
  4. PS3 Mods and Cheats /
  5. Theory for PSN on Homebrew PS3
Post: Theory for PSN on Homebrew PS3
05-26-2012, 03:09 AM #1
pcfreak30's Avatar
pcfreak30
>> PCFreak30.com Happy<<
(adsbygoogle = window.adsbygoogle || []).push({}); Well I posted this on my blog and I thought NGU might be interested.

Originally posted by another user

I was talking to Choco of NGU on skype about black ops and hacking/modding it. From there I spawned a simple idea that may or may not be complex but seems simple in concept. Granted I am not very deep in the PS3 firmware or its inner-workings, but what I am about to propose to everyone is this.

We all know you can use a mod-chip with the PS3, use a dual-nand type system or any other hardware related hack. I am ALSO aware that people are able to dump the NAND if a PS3 with the proper hardware. So here is my thinking.


Step 1 is DUMP the NAND from a 4.11 PS3 from a hardware level.


Step 2 is alter the image data and replace the SSL Certificate 24/25 like we used to with the Chariles proxy hack with the demo one from Charlies proxy.


Step 3 is write the image data BACK to the nand and boot it up.


Step 4 is set up proxy settings and intercept the connection between the PS3 and PSN and get all that good info.


Step 5 is analyze it to get the passphrase and see what rhey have changed and see if there is any new security to handle.


Step 6 is optionally try to re-program 3.55 in a CFW to implement the new security if there is any.


I will say that I don’t know how complex this would really be but in concept it should not be hard. I hope I at-least gave everyone something to think about and possibly someone a new project


Comments ?


Source: You must login or register to view this content.
(adsbygoogle = window.adsbygoogle || []).push({});

The following 2 users say thank you to pcfreak30 for this useful post:

NZWarrior, swerve420

The following user groaned pcfreak30 for this awful post:

Alexis Rhodes
05-27-2012, 09:24 PM #11
soppan96's Avatar
soppan96
Haxor!
I´ve talked with a few guys about the same thing and you can see what adress the ps3 connects to while doing stuff related with internet with a program, you basicly connect ps3 via proxy and then you can see every ip/adresses the ps3 connects to, you can also change it to connect to a adress you can choose by your self...
And they also metioned a program that "checks" every files/packeges that the ps3 "sends" out... By this we can se what files exactly are beeing checked by psn and then work with those..
If you want help I am more than glad to help Smile
05-27-2012, 10:12 PM #12
lfclegend321's Avatar
lfclegend321
Vault dweller
eeh i dont have a clue what that means or does :/
05-27-2012, 10:21 PM #13
Default Avatar
Jakes625
Guest
Originally posted by pcfreak30 View Post
Keep in mind the biggest discoveries are overlooked because people believe it must be something complicated or true to work.


true.. very true.

you still have to realise, the people creating these things are way advanced beyond our capabilities and have been doing this for probably 10-20+ years... But saying we overlooked this without previous knowledge prior to obtaining the key is simply... crazy.

Now possible for mauth/graf/kako... yeah sure.

The following user thanked Jakes625 for this useful post:

05-28-2012, 12:56 AM #14
pcfreak30's Avatar
pcfreak30
>> PCFreak30.com Happy<<
Originally posted by SatanicAmerican View Post
true.. very true.

you still have to realise, the people creating these things are way advanced beyond our capabilities and have been doing this for probably 10-20+ years... But saying we overlooked this without previous knowledge prior to obtaining the key is simply... crazy.

Now possible for mauth/graf/kako... yeah sure.


Actually your not fully right there. I have been in computers for 10+ years and I am 20. Yes that means all my life and been doing it professionally for a long time. The only thing they have over me and a handful of others is they program in c++ and ASM way better than I do and take the time to figure out what sony created and how they created it.

And what key are you referring to. This isn' exactly crazy, more of real simple. You just need a NAND/NOR programmer and you alter the data.

soppan96, There isn't any program that "checks" what the PS3 sends out. The PS3 does check what is receives and verifies it though. So theres no files to check. I am not sure if everyone even fully understood what I said and are just pretending to.

The thing here is i CAN'T do anything with this. I don't ave the equipment or the experience to deal with said equipment. Someone who is a hardware hacker would need to take apart a PS3, pull out the motherboard (mobo), and solder and dump the nand/nor. They would then alter the data/image and flash it back. Its the same deal to un-brick a PS3.

Also I just searched, and it appears you can use You must login or register to view this content. E3-Flasher to backup the nand/nor (dump) then write back. If anyone has this and are willing to take a risk on a 4.11 we could get somewhere Smile.
05-28-2012, 12:59 AM #15
Default Avatar
Jakes625
Guest
Im not trying to start an argument here at all, even though it wasn't really turning into one lol.

but like....

3/4 the people on this site will never even get close to accomplishing it. That's what I'm getting at... they can try all they want but they need experience. That is key.
05-28-2012, 07:12 AM #16
soppan96's Avatar
soppan96
Haxor!
I have an e3 flasher so I can make dumps... Im going to see if I can find what the program was called Smile
05-28-2012, 04:40 PM #17
CHAOZ's Avatar
CHAOZ
Banned
Originally posted by pcfreak30 View Post
What you guys DON'T Get is this is HOW you get the pass-phrase. The thing here is why would I want to do this if I am not getting the pass. The PS3 SENDS the code to the auth server along with its firmware version. All we need to do is intercept it.

The pass is in vsh.self i believe via reading. It is in 2 places but only 1 is used. We don't need to decrypt that. We just need to read it as it is sent out. This is assuming there's no CRC checks on the CERT files or anything else un-forseen.

So you get the info, then you take it to 3.55 and your online...


I can't recall at this moment, but there is a tool that allows you to intercept data being sent from the server to the console ( vice versa) , maybe this will be of some help if I or any one can remember the name!
05-28-2012, 04:42 PM #18
soppan96's Avatar
soppan96
Haxor!
Originally posted by RUFFINGUY View Post
I can't recall at this moment, but there is a tool that allows you to intercept data being sent from the server to the console ( vice versa) , maybe this will be of some help if I or any one can remember the name!


I just said this Not Happy or Sad
05-28-2012, 09:50 PM #19
pcfreak30's Avatar
pcfreak30
>> PCFreak30.com Happy<<
Geeze. I ALREADY know what to use as software. Thing is its SSL encrypted which is WHY you must hardware hack the NAND/NOR and replace the SSL CERT to allow yourself to DECRYPT the connection.

I have found I need someone with E3-Flasher and a 4.11 PS3. Who ever has this and is willing to risk messing with their PS3 should contact me.

Copyright © 2026, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo