Post: PlayStation Home - IGA (Full Moderator Menu)
Options
02-05-2015, 04:23 PM
#1
An0ny
Guest
PlayStation Home is coming to an end. This was originally sold, however I decided to release it for free as PlayStation Home are closing down in March and I'd like everyone to see how this stuff works out.
IGA, is PlayStation Home's Moderation Menu. This is a tool that moderators on PlayStation Home used to moderate users.
The users that actually modded PlayStation home knows that in 2013 December, the PlayStation Home dev's accidentally put their Developer eboot open for everyone and it was up for over a day. We managed to grab it, which makes our finds extremely easier. The developer eboot was letting us debugging everything on PlayStation home, like any developer would do. With this, we also managed to reverse SSL and other cool stuff.
This is the identical menu that the moderators used before, it lets you kick, freeze and all other kind of stuff. Even stalk them to any space they go to!
Requirements:
- A custom firmware with online access.
- PlayStation home to be downloaded.
- NetCheat (TMAPI or CCAPI)
Credits:
- An0ny
- VX_AG3NT
- Bad
Download:
You must login or register to view this content.
Download:
1.) Replace the eboot's via FTP in your correct destination.
2.) Go on PlayStation Home, load into any server then load up NetCheat. Import the .ncl file then hit write (You must login or register to view this content.)
3.) Once you done that, inspect anyone then hit activate IGA! You can now load IGA without using any kind of method to ICE the LMO.
How we're editing the PlayStation Home Configuration File:
We basically edited a text string in the eboot, it was a URL. We reversed this to our own customized one, we use SSL Certificate to view the original one.
The configuration file contains a lot of hotfixes, some of them are to block PlayStation Home from loading my old custom DNS Server. Whatsoever, i've removed a lot of stuff which makes PlayStation Home load a lot faster.
The netcheat file is a url that we're writing into memory, basically to bypass a IP Authorization. We make it return 200 result, by putting our own url. The ip authorization system that sony used, only works if it returns 200.. which is extremely easy to bypass by changing the url to your own link.
I can't be arsed to explain depth, as there was a lot more than this required in order to load IGA. I have yet to understand what IGA stands for, unless that's it.
I doubt there are any ban risks as PlayStation home are closing in March. Have fun while you can!
The following 33 users say thank you to An0ny for this useful post:
Hammy, 04jberry, BigTrain, CaptainDowntown, Dan Dactyl, DesperateAsshole, Dog88Christian, FallofReach, FearlessModz, FreddieW94, Funzaur, Geo, H-A-X-O, joni_djESP, Kronoaxis, Kryptus, LilBad, RTE, Saint Goofy, samet2013, SavageRising, Script Kiddie, Sluekid, Smoky420, Snoop, Thatguy7, Ciri, Tubifex-90, xGsc-_-Funzo, xXx2o1o
03-12-2015, 08:45 PM
#129
FERNAN-NAVARONE
Keeper
Originally posted by An0ny
Originally posted by awesomemember
I don't know how mentally challanged you can be, it takes a few seconds to replace a fucking EBOOT. If you can't manage to do that, then don't come here and ask for help. Go to the support section.
I'm hosting everything for it, what's the issue? Where are you getting this from that you need to host it yourself? Please get your facts right before coming here and attempting to trash the topic. Idiot.
I found IGA With VX. And I'm hosting it, so how wouldn't I know how it works my self? get the fuck out of here lol.
You said my server is laggy? If it's laggy, why did you say it's not working and I am not explaining everything? lmao.. oh lord. Next time make sense before coming here with bull shit.
calm down man, if your post is a crap nothing happens, We forgive you
03-12-2015, 09:10 PM
#130
VX_AG3NT
Pokemon Trainer
Just a little more info on how we found this exactly for those few who might be curious. After getting the developer version of Home working again we were able to browse through the entire contents of the Home catalogue. This means every single last item that was ever available for PS Home! While looking thru the LMO's we came across one called IGA or In Game Admin. It was discovered that hitting R1 while having this LMO activated loaded up a menu with several scripts that apparently granted admin/mod powers, but the authorization was failing. You could see this by looking in Target Manager while using the dev version of Home which shows tons of debugging info. This by the way is how we got dev access in the first place. Anyways, long story short that debugging info as an0ny already mentioned was key to all our findings. If you know what the error is you can take steps to work around it.
There were 2 parts authorization to IGA. One was for a file called /start hosted on Sony servers. This was IP protected so we just spoofed the auth by changing the link in memory to point to our own start file hosted on our own server. The second part revolved around something called an admin object id. This object would grant you admin powers, but normal users don't have this in their inventory. So using the client config xml we acquired through extracting the Home SSL certificate from memory and downloading the file from Sony's servers we edited that object id to a default inventory item. So in effect, when IGA went to check if you were admin it would appear that you had the proper privileges. This is what the client config xml looks like You must login or register to view this content.
There were 2 parts authorization to IGA. One was for a file called /start hosted on Sony servers. This was IP protected so we just spoofed the auth by changing the link in memory to point to our own start file hosted on our own server. The second part revolved around something called an admin object id. This object would grant you admin powers, but normal users don't have this in their inventory. So using the client config xml we acquired through extracting the Home SSL certificate from memory and downloading the file from Sony's servers we edited that object id to a default inventory item. So in effect, when IGA went to check if you were admin it would appear that you had the proper privileges. This is what the client config xml looks like You must login or register to view this content.
The following user thanked VX_AG3NT for this useful post:
03-12-2015, 09:20 PM
#131
Tubifex-90
Keeper
Originally posted by AG3NT
Just a little more info on we found this exactly for those few who might be curious. After getting the developer version of Home working again we were able to browse through the entire contents of the Home catalogue. This means every single last item that was ever available for PS Home! While looking thru the LMO's we came across one called IGA or In Game Admin. It was discovered that hitting R1 while having this LMO activated loaded up a menu with several scripts that apparently granted admin/mod powers, but the authorization was failing. This was by looking in Target Manager while using the dev version Home which shows tons of debugging info. This by the way how to get dev access in the first place. Anyways, long story short that debugging info as an0ny already mentioned was key to all our findings. If you know what the error is you can take steps to work around it.
There were 2 parts authorization to IGA. One was for a file called /start hosted on Sony servers. This was IP protected so we just spoofed the auth by changing the link in memory to point to our own start file hosted on our own server. The second part revolved around something called an admin object id. This object would grant you admin powers, but normal users don't have this in their inventory. So using the client config xml we acquired through extracting the Home SSL certificate from memory and downloading the file from Sony's servers we edited that object id to a default inventory item. So in effect, when IGA went to check if you were admin it would appear that you had the proper privileges. This is what the client config xml looks like You must login or register to view this content.
There were 2 parts authorization to IGA. One was for a file called /start hosted on Sony servers. This was IP protected so we just spoofed the auth by changing the link in memory to point to our own start file hosted on our own server. The second part revolved around something called an admin object id. This object would grant you admin powers, but normal users don't have this in their inventory. So using the client config xml we acquired through extracting the Home SSL certificate from memory and downloading the file from Sony's servers we edited that object id to a default inventory item. So in effect, when IGA went to check if you were admin it would appear that you had the proper privileges. This is what the client config xml looks like You must login or register to view this content.
And what was mcmar's part in all of this? Lol.
03-12-2015, 09:21 PM
#132
Kronoaxis
You talkin to me?
Originally posted by AG3NT
Just a little more info on we found this exactly for those few who might be curious. After getting the developer version of Home working again we were able to browse through the entire contents of the Home catalogue. This means every single last item that was ever available for PS Home! While looking thru the LMO's we came across one called IGA or In Game Admin. It was discovered that hitting R1 while having this LMO activated loaded up a menu with several scripts that apparently granted admin/mod powers, but the authorization was failing. You could see this by looking in Target Manager while using the dev version of Home which shows tons of debugging info. This by the way how we got dev access in the first place. Anyways, long story short that debugging info as an0ny already mentioned was key to all our findings. If you know what the error is you can take steps to work around it.
There were 2 parts authorization to IGA. One was for a file called /start hosted on Sony servers. This was IP protected so we just spoofed the auth by changing the link in memory to point to our own start file hosted on our own server. The second part revolved around something called an admin object id. This object would grant you admin powers, but normal users don't have this in their inventory. So using the client config xml we acquired through extracting the Home SSL certificate from memory and downloading the file from Sony's servers we edited that object id to a default inventory item. So in effect, when IGA went to check if you were admin it would appear that you had the proper privileges. This is what the client config xml looks like You must login or register to view this content.
There were 2 parts authorization to IGA. One was for a file called /start hosted on Sony servers. This was IP protected so we just spoofed the auth by changing the link in memory to point to our own start file hosted on our own server. The second part revolved around something called an admin object id. This object would grant you admin powers, but normal users don't have this in their inventory. So using the client config xml we acquired through extracting the Home SSL certificate from memory and downloading the file from Sony's servers we edited that object id to a default inventory item. So in effect, when IGA went to check if you were admin it would appear that you had the proper privileges. This is what the client config xml looks like You must login or register to view this content.
that's a long post :madsal:
03-13-2015, 10:41 AM
#134
awesomemember
Grunt
Originally posted by AG3NT
Just a little more info on how we found this exactly for those few who might be curious. After getting the developer version of Home working again we were able to browse through the entire contents of the Home catalogue. This means every single last item that was ever available for PS Home! While looking thru the LMO's we came across one called IGA or In Game Admin. It was discovered that hitting R1 while having this LMO activated loaded up a menu with several scripts that apparently granted admin/mod powers, but the authorization was failing. You could see this by looking in Target Manager while using the dev version of Home which shows tons of debugging info. This by the way is how we got dev access in the first place. Anyways, long story short that debugging info as an0ny already mentioned was key to all our findings. If you know what the error is you can take steps to work around it.
There were 2 parts authorization to IGA. One was for a file called /start hosted on Sony servers. This was IP protected so we just spoofed the auth by changing the link in memory to point to our own start file hosted on our own server. The second part revolved around something called an admin object id. This object would grant you admin powers, but normal users don't have this in their inventory. So using the client config xml we acquired through extracting the Home SSL certificate from memory and downloading the file from Sony's servers we edited that object id to a default inventory item. So in effect, when IGA went to check if you were admin it would appear that you had the proper privileges. This is what the client config xml looks like You must login or register to view this content.
There were 2 parts authorization to IGA. One was for a file called /start hosted on Sony servers. This was IP protected so we just spoofed the auth by changing the link in memory to point to our own start file hosted on our own server. The second part revolved around something called an admin object id. This object would grant you admin powers, but normal users don't have this in their inventory. So using the client config xml we acquired through extracting the Home SSL certificate from memory and downloading the file from Sony's servers we edited that object id to a default inventory item. So in effect, when IGA went to check if you were admin it would appear that you had the proper privileges. This is what the client config xml looks like You must login or register to view this content.
good explanation will, but you exactly tell what fernan already sayd. just more in detail. This hack is only possible with connection to a non-trusted server and if ppl want to run it theyr own, there are missing files.!
--------------------------------------------------------------------------------------------------------------------------------------------
I can just highly recomment not to use that method , or yer all dont need to wonder when your psn-id or your IP adress get publisht and sold on his -SPAM PSN - accounts- Site. (so far vx showed him how to read logfiles lol)
Maybe there some people yet who he can foolish with bluffed skills, boughted or borrowed scripts wich he used to attak little peops pc's to feel big.
@anony: steal stuff with a teamviewer - connection is not a hack lol. you just found someone who is even more stupid then you
its kinda easy to feel big in lilliputs-world. why you not steal the lunch from a scoolboy and post it on facebook? It has more essence. no real coder wasting time on things like that...you should keep your homeshyte on your own site.
The following user thanked awesomemember for this useful post:
03-13-2015, 01:20 PM
#135
Tubifex-90
Keeper
Originally posted by awesomemember
good explanation will, but you exactly tell what fernan already sayd. just more in detail. This hack is only possible with connection to a non-trusted server and if ppl want to run it theyr own, there are missing files.!
--------------------------------------------------------------------------------------------------------------------------------------------
I can just highly recomment not to use that method , or yer all dont need to wonder when your psn-id or your IP adress get publisht and sold on his -SPAM PSN - accounts- Site. (so far vx showed him how to read logfiles lol)
Maybe there some people yet who he can foolish with bluffed skills, boughted or borrowed scripts wich he used to attak little peops pc's to feel big.
@anony: steal stuff with a teamviewer - connection is not a hack lol. you just found someone who is even more stupid then you its kinda easy to feel big in lilliputs-world. why you not steal the lunch from a scoolboy and post it on facebook? It has more essence.
no real coder wasting time on things like that...you should keep your homeshyte on your own site.
--------------------------------------------------------------------------------------------------------------------------------------------
I can just highly recomment not to use that method , or yer all dont need to wonder when your psn-id or your IP adress get publisht and sold on his -SPAM PSN - accounts- Site. (so far vx showed him how to read logfiles lol)
Maybe there some people yet who he can foolish with bluffed skills, boughted or borrowed scripts wich he used to attak little peops pc's to feel big.
@anony: steal stuff with a teamviewer - connection is not a hack lol. you just found someone who is even more stupid then you
its kinda easy to feel big in lilliputs-world. why you not steal the lunch from a scoolboy and post it on facebook? It has more essence. no real coder wasting time on things like that...you should keep your homeshyte on your own site.
Even tho I never did this hack myself. But you could easily sniff the link to the config file on his site with a software like wireshark while using his eboot. Then redirect it to your own server (or to your pc with Apache installed) with Cain or some dns software so you wouldn't need his server anymore. Should work using his eboot without doing any edits to it. Again just a theory...
The following user thanked Tubifex-90 for this useful post:
03-13-2015, 03:25 PM
#136
awesomemember
Grunt
Originally posted by 90
Even tho I never did this hack myself. But you could easily sniff the link to the config file on his site with a software like wireshark while using his eboot. Then redirect it to your own server (or to your pc with Apache installed) with Cain or some dns software so you wouldn't need his server anymore. Should work using his eboot without doing any edits to it. Again just a theory...
ssl-cert aktually only work on a named webserver.
same like mass-ise. make a tuto on how to set up a little ubuntu for linux -noobs would bash the time-frame any way...
i just fight for the princip and this trolls attitude towards other people. he publish a hack where ppl get connected to his shit to collect datas for his spam-tool.
This the only thing i want to make clear here. iga is not interesting for me anyways.
Copyright © 2026, NextGenUpdate.
All Rights Reserved.
