1. Forums /
  2. Gaming Lounge /
  3. PS3 /
  4. PS3 Mods and Cheats /
  5. How to secure the Vulnerability in PS3LIb *NOTICE*
Post: How to secure the Vulnerability in PS3LIb *NOTICE*
02-20-2015, 06:31 AM #1
BaSs_HaXoR's Avatar
BaSs_HaXoR
Hurah!
(adsbygoogle = window.adsbygoogle || []).push({}); This is a thread purely about how to secure your software and understand the exploit in the 3rd party library PS3Lib. created by iMCSx.

PROTECT YOUR SOFTWARE:
PS3Lib source files to put into your project: ... (Will be up soon)

Example Project: ... (Will be up soon)

Here's a video of me showing the vulnerability as well as explaining it:



Here's how to fix the vulnerability:
Take the classes of PS3Lib and put them in your project, rather then compile them as a library (.dll). Have them embed in within the source of your software you're developing, and create objects of PS3TMAPI and CCAPI classes within the main form of your application. Now when you encrypt/pack/obfuscate your software, it will be that much more secure. Keep in mind, your software is still vulnerable to other data leaks, such as: packet manipulation, debugging/Low-Level Memory peek-poking, and CCAPI/ControlConsole in itself.

ex.
    

//In your main form (C#)

PS3Lib.PS3API PS3 = new PS3Lib.PS3API(PS3.SelectAPI(ControlConsole));

//and/or

PS3Lib.PS3TMAPI PS3 = new PS3Lib.PS3TMAPI();

PS3Lib.CCAPI PS3 = new PS3Lib.CCAPI();


If this is removed, I will have no reason to be on NGU anymore. I should be able to post things that are important to the community, and not of any harm. This vulnerability is not a 'crack', but that of a security flaw. Bringing something like this to attention shouldn't be shoved under the rug, but brought to attention. I'm purely for the fact trying to see that others understand how important it is to know how things work so you can protect your data.

This is NOT a tutorial on how to exploit the vulnerability, just purely on how to fix it. Video is just a reference so you can understand where the vulnerability lies and how easy it is to do.


-) This vulnerability will dump the address and bytes in any tool that is dependent/supportable with PS3Lib.dll (official).

-) Encryption & Obfuscation is useless to this vulnerability.

Credits:
Creator of PS3Lib.dll (official) - iMCSx
Eddie Mac
Programming of "GrabData.cs" and implementing it into PS3Lib - BaSs_HaXoR (Me)
(adsbygoogle = window.adsbygoogle || []).push({});

The following 17 users say thank you to BaSs_HaXoR for this useful post:

B777x, Boliberrys, br0wniiez, Confusing, Eddie Mac, ICS Vortex, kiwi_modz, Kryptus, Luma, policedu, SyGnUs, TotalModzHD, Turk_Warrior, yaumebz
02-20-2015, 06:59 AM #2
Confusing's Avatar
Confusing
Climbing up the ladder
what you're other thread go deleted Gasp
02-20-2015, 07:03 AM #3
BaSs_HaXoR's Avatar
BaSs_HaXoR
Hurah!
Originally posted by Confusing View Post
what you're other thread go deleted Gasp


Yes, I've cleared things up hopefully with the admin as well as a couple mods. As long as I don't directly post the [source (of the)] vulnerability on this site, only explain it and how to protect yourself it should be fine.

Copyright © 2026, NextGenUpdate.
All Rights Reserved.

Gray NextGenUpdate Logo