Sponsored Links

Sponsored Links

Page 5 of 5 FirstFirst ... 345
Results 41 to 50 of 50



  1. #41
    Banned User cfwmark's Avatar
    Join Date
    Aug 2012
    Posts
    16
    Sponsored Links
    Sponsored Links
    got it to install this far so far on 4.10 techondon. got any ideas how to get around this?

    so close to bypass the need to use an e3 but would I still have trouble with xmb manager I wonder? It stop at 79% look in background.

    turn off PUP build change setting it kind of worked (wild guess I need toggle_pq.pkg like 430.v2)
    Attached Thumbnails<br><br> Attached Thumbnails

    IMG_0590.JPG  

  2. #42
    Registered User fatboyfry's Avatar
    Join Date
    Dec 2012
    Posts
    2
    Sponsored Links
    Sponsored Links
    wow this looks like great news

  3. #43
    Registered User BK Heritage's Avatar
    Join Date
    Sep 2012
    Posts
    5
    Sponsored Links
    Sponsored Links
    Hackers developer are such an intelligent people, we just take for granted for their contribution..

  4. #44
    Registered User michelemotta82's Avatar
    Join Date
    Aug 2010
    Posts
    4

    4.31 private keys ?

    Attachments file rar, confirm this keys ?

    LIST FILE OF RAR

    APP-PRIV-431
    ISO-PRIV-431
    LVO-PRIV-431
    LV1-PRIV-431
    LV2-PRIV-431
    METLDR-PRIV-RETAIL-431

    unknow uploader
    Attached Files Attached Files

  5. #45
    Senior Member elser1's Avatar
    Join Date
    Oct 2010
    Posts
    2,419
    it would be better to display the keys in a post as i doubt anyone will risk downloading files from an unknown source to there pc. i know i wouldn't anyways!

  6. #46
    Contributor fadi's Avatar
    Join Date
    Jul 2011
    Posts
    27
    will hackers ever find a jailbreak for ps3 ofw 4.31?

  7. #47
    Junior Member Ozz465's Avatar
    Join Date
    Sep 2010
    Posts
    49
    Not anytime soon.

  8. #48
    Banned User cfwmark's Avatar
    Join Date
    Aug 2012
    Posts
    16

    4.10

    Back to 4.10 got it to 100% on first screen install. press PS. checking for update... the data is corrupted (8002F15E)

    tried dev file for 4.31 didn't work (hope they work for you)

    can anyone fix this or know how to?

  9. #49
    Registered User d3m0n1q733rz's Avatar
    Join Date
    Apr 2013
    Posts
    5

    Sony PS3 Firmware 4.31 Code Execution

    I just saw this earlier: packetstormsecurity.com/files/121691/sony_ps3_firmware_v4.31-exec.txt
    Code:
    Sony PS3 Firmware 4.31 Code Execution
    
    A local code execution vulnerability is detected in the official PlayStation 3 v4.31 Firmware. The vulnerability allows local attackers to inject and execute code out of vulnerable PlayStation 3 menu main web context.
    
    Title:
    
    Sony PS3 Firmware v4.31 - Code Execution Vulnerability
    
    Date:
    
    2013-05-12
    
    References:
    
    vulnerability-lab.com/get_content.php?id=767
    
    
    VL-ID:
    
    767
    
    Common Vulnerability Scoring System:
    
    6.5
    
    Introduction:
    
    The PlayStation 3 is the third home video game console produced by Sony Computer Entertainment and the successor to the 
    PlayStation 2 as part of the PlayStation series. The PlayStation 3 competes with Microsoft`s Xbox 360 and Nintendo`s Wii 
    as part of the seventh generation of video game consoles. It was first released on November 11, 2006, in Japan, with 
    international markets following shortly thereafter.
    
    Major features of the console include its unified online gaming service, the PlayStation Network, its multimedia capabilities, 
    connectivity with the PlayStation Portable, and its use of the Blu-ray Disc as its primary storage medium.
    
    (Copy of the Homepage: en.wikipedia.org/wiki/PlayStation_3)
    
    PlayStation Network, often abbreviated as PSN, is an online multiplayer gaming and digital media delivery service provided/run 
    by Sony Computer Entertainment for use with the PlayStation 3, PlayStation Portable, and PlayStation Vita video game consoles. 
    The PlayStation Network is the video game portion of the Sony Entertainment Network.
    
    (Copy of the Homepage: en.wikipedia.org/wiki/PlayStation_Network)
    
    Abstract:
    
    The Vulnerability Laboratory Research Team discovered a code execution vulnerability in the official Playstation3 v4.31 Firmware.
    
    Report-Timeline:
    
    2012-10-26:  Researcher Notification & Coordination
    2012-11-18:  Vendor Notification 1
    2012-12-14:  Vendor Notification 2
    2012-01-18:  Vendor Notification 3
    2012-**-**:  Vendor Response/Feedback
    2012-05-01:  Vendor Fix/Patch by Check
    2012-05-13:  Public Disclosure
    
    Status:
    
    Published
    
    Affected Products:
    
    Sony
    Product: PlayStation 3 4.31
    
    Exploitation-Technique:
    
    Local
    
    Severity:
    
    High
    
    Details:
    
    A local code execution vulnerability is detected in the official Playstation3 v4.31 Firmware. 
    The vulnerability allows local attackers to inject and execute code out of vulnerable ps3 menu main web context. 
    
    There are 3 types of save games for the sony ps3. The report is only bound to the .sfo save games of the Playstation3.
    The ps3 save games sometimes use a PARAM.SFO file in the folder (USB or PS3 HD) to display movable text like marquees, 
    in combination with a video, sound and the (path) background picture. Normally the ps3 firmware parse the redisplayed 
    save game values & detail information text when processing to load it via usb/ps3-hd. The import ps3 preview filtering 
    can be bypassed via a splitted char by char injection of script code or system (ps3 firmware) specific commands.
    
    The attacker syncronize his computer (to change the usb context) with USB (Save Game) and connects to the network 
    (USB, COMPUTER, PS3), updates the save game via computer and can execute the context directly out of the ps3 savegame preview 
    listing menu (SUB/HD). The exploitation requires local system access, a manipulated .sfo file, an usb device. The attacker 
    can only use the given byte size of the saved string (attribute values) to inject his own commands or script code.
    
    The ps3 filter system of the SpeicherDaten (DienstProgramm) module does not recognize special chars and does not provide 
    any kind of input restrictions. Attackers can manipulate the .sfo file of a save game to execute system specific commands 
    or inject malicious persistent script code.
    
    Successful exploitation of the vulnerability can result in persistent but local system command executions, psn session 
    hijacking, persistent phishing attacks, external redirect out of the vulnerable module, stable persistent save game preview 
    listing context manipulation.
    
    Vulnerable Section(s):
            [+] PS Menu > Game (Spiel)
    
    Vulnerable Module(s):
            [+] SpeicherDaten (DienstProgramm) PS3 > USB Gert
    
    Affected Section(s):
            [+] Title - Save Game Preview Resource (Detail Listing)
    
    Proof of Concept:
    
    The firmware preview listing validation vulnerability can be exploited by local attackers and with low or medium required user interaction.
    For demonstration or reproduce ...
    
    The attacker needs to sync his computer (to change the usb context) with USB (Save Game) and connects to the network
    (USB, COMPUTER, +PS3), updates the save game via computer and can execute the context directly out of the ps3 savegame preview 
    listing menu (SUB/HD). The exploitation requires local system access, a manipulated .sfo file, an usb device. The attacker 
    can only use the given byte size of the saved string (attribute values) to inject his own commands or script code.
    
    The ps3 filter system of the SpeicherDaten (DienstProgramm) module does not recognize special chars and does not provide 
    any kind of input restrictions. Attackers can manipulate the .sfo file of a save game to execute system specific commands 
    or inject malicious persistent script code out of the save game preview listing.
    
    If you inject standard frames or system unknow commands (jailbreak) without passing the filter char by char and direct sync 
    as update you will fail to reproduce! 
    
    PoC: PARAM.SFO
    
    PSF     @                                       h         %          ,          4       
    $  C    @   (  V       h  j 
       €   p  t    €     
    ACCOUNT_ID ATTRIBUTE CATEGORY DETAIL PARAMS PARAMS2 PARENTAL_LEVEL SAVEDATA_DIRECTORY SAVEDATA_LIST_PARAM SUB_TITLE TITLE    
    40ac78551a88fdc    
    SD  
    PSHACK: Benjamin Ninja H%20'>"<[PERSISTENT INJECTED SYSTEM COMMAND OR CODE!]
    
    Hackizeit: 1:33:07
    
    ExpSkills: VL-LAB-TRAINING
    
    Operation: 1%
    Trojaners: 0%
    ... ~\˜A;    40ac78551a88fdc
    ...
    BLES00371-NARUTO_STORM-0
    HACKINGBKM 1
    PSHACK: Benjamin Ninja H%20'>"<[PERSISTENT INJECTED SYSTEM COMMAND OR CODE!];
    
    Solution:
    
    Restrict the savegame name input and disallow special chars.
    Encode the savegame values and redisplaying in the menu preview of the game.
    Parse the strings and values from the savegames even if included string by string via sync.
    
    Risk:
    
    The security risk of the high exploitable but local vulnerability is estimated as critical and needs to be fixed soon.
    
    Credits:
    
    Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri  (bkm AT vulnerability-lab.com)
    In theory, we might be able to utilize it to return to previous firmwares if we can produce the tools required to do so. However, it's a bit outdated, so another vulnerability that I've been scouting (buffer overflow) might be better if I can keep it from crashing the PS3 entirely. Evil black screen!

    Gee, I wonder why I can't use Flash on my PS3...

    Anyhow, there MAY be another exploit possible for more recent firmwares from a not-so updated software portion of the PS3. It could be as easy as point and click.
    Last edited by d3m0n1q733rz; 05-22-2013 at 02:07 AM Reason: Automerged Doublepost

  10. #50
    Registered User R33L's Avatar
    Join Date
    Oct 2009
    Posts
    2

    PS3 4.31 code execution exploit found

    I got tired of waiting for someone to come across this information. not one single scene site has even noticed this: packetstormsecurity.com/files/121691/Sony-PS3-Firmware-4.31-Code-Execution.html
    Code:
    Sony PS3 Firmware v4.31 - Code Execution Vulnerability
    
    Date:
    
    2013-05-12
    
    References:
    
    vulnerability-lab.com/get_content.php?id=767
    
    VL-ID:
    
    767
    
    Common Vulnerability Scoring System:
    
    6.5
    
    Introduction:
    
    The PlayStation 3 is the third home video game console produced by Sony Computer Entertainment and the successor to the 
    PlayStation 2 as part of the PlayStation series. The PlayStation 3 competes with Microsoft`s Xbox 360 and Nintendo`s Wii 
    as part of the seventh generation of video game consoles. It was first released on November 11, 2006, in Japan, with 
    international markets following shortly thereafter.
    
    Major features of the console include its unified online gaming service, the PlayStation Network, its multimedia capabilities, 
    connectivity with the PlayStation Portable, and its use of the Blu-ray Disc as its primary storage medium.
    
    (Copy of the Homepage: en.wikipedia.org/wiki/PlayStation_3)
    
    PlayStation Network, often abbreviated as PSN, is an online multiplayer gaming and digital media delivery service provided/run 
    by Sony Computer Entertainment for use with the PlayStation 3, PlayStation Portable, and PlayStation Vita video game consoles. 
    The PlayStation Network is the video game portion of the Sony Entertainment Network.
    
    (Copy of the Homepage: en.wikipedia.org/wiki/PlayStation_Network)
    
    Abstract:
    
    The Vulnerability Laboratory Research Team discovered a code execution vulnerability in the official Playstation3 v4.31 Firmware.
    
    Report-Timeline:
    
    2012-10-26:  Researcher Notification & Coordination
    2012-11-18:  Vendor Notification 1
    2012-12-14:  Vendor Notification 2
    2012-01-18:  Vendor Notification 3
    2012-**-**:  Vendor Response/Feedback
    2012-05-01:  Vendor Fix/Patch by Check
    2012-05-13:  Public Disclosure
    
    Status:
    
    Published
    
    Affected Products:
    
    Sony
    Product: Playstation 3 4.31
    
    
    Exploitation-Technique:
    
    Local
    
    Severity:
    
    High
    
    Details:
    
    A local code execution vulnerability is detected in the official Playstation3 v4.31 Firmware.  The vulnerability allows local attackers to inject and execute code out of vulnerable ps3 menu main web context. 
    
    There are 3 types of save games for the sony ps3. The report is only bound to the .sfo save games of the Playstation3.
    The ps3 save games sometimes use a PARAM.SFO file in the folder (USB or PS3 HD) to display movable text like marquees, 
    in combination with a video, sound and the (path) background picture. Normally the ps3 firmware parse the redisplayed 
    save game values & detail information text when processing to load it via usb/ps3-hd. The import ps3 preview filtering 
    can be bypassed via a splitted char by char injection of script code or system (ps3 firmware) specific commands.
    
    The attacker syncronize his computer (to change the usb context) with USB (Save Game) and connects to the network 
    (USB, COMPUTER, PS3), updates the save game via computer and can execute the context directly out of the ps3 savegame preview 
    listing menu (SUB/HD). The exploitation requires local system access, a manipulated .sfo file, an usb device. The attacker 
    can only use the given byte size of the saved string (attribute values) to inject his own commands or script code.
    
    The ps3 filter system of the SpeicherDaten (DienstProgramm) module does not recognize special chars and does not provide 
    any kind of input restrictions. Attackers can manipulate the .sfo file of a save game to execute system specific commands 
    or inject malicious persistent script code.
    
    Successful exploitation of the vulnerability can result in persistent but local system command executions, psn session 
    hijacking, persistent phishing attacks, external redirect out of the vulnerable module, stable persistent save game preview 
    listing context manipulation.
    
    Vulnerable Section(s):
            [+] PS Menu > Game (Spiel)
    
    Vulnerable Module(s):
            [+] SpeicherDaten (DienstProgramm) PS3 > USB Gert
    
    Affected Section(s):
            [+] Title - Save Game Preview Resource (Detail Listing)
    
    Proof of Concept:
    
    The firmware preview listing validation vulnerability can be exploited by local attackers and with low or medium required user interaction.
    For demonstration or reproduce ...
    
    The attacker needs to sync his computer (to change the usb context) with USB (Save Game) and connects to the network
    (USB, COMPUTER, +PS3), updates the save game via computer and can execute the context directly out of the ps3 savegame preview 
    listing menu (SUB/HD). The exploitation requires local system access, a manipulated .sfo file, an usb device. The attacker 
    can only use the given byte size of the saved string (attribute values) to inject his own commands or script code.
    
    The ps3 filter system of the SpeicherDaten (DienstProgramm) module does not recognize special chars and does not provide 
    any kind of input restrictions. Attackers can manipulate the .sfo file of a save game to execute system specific commands 
    or inject malicious persistent script code out of the save game preview listing.
    
    If you inject standard frames or system unknow commands (jailbreak) without passing the filter char by char and direct sync 
    as update you will fail to reproduce! 
    
    PoC: PARAM.SFO
    
    PSF     @                                       h         %          ,          4       
    $  C    @   (  V       h  j 
       €   p  t    €     
    ACCOUNT_ID ATTRIBUTE CATEGORY DETAIL PARAMS PARAMS2 PARENTAL_LEVEL SAVEDATA_DIRECTORY SAVEDATA_LIST_PARAM SUB_TITLE TITLE    
    40ac78551a88fdc    
    SD  
    PSHACK: Benjamin Ninja H%20'>"<[PERSISTENT INJECTED SYSTEM COMMAND OR CODE!]
    
    Hackizeit: 1:33:07
    
    ExpSkills: VL-LAB-TRAINING
    
    Operation: 1%
    Trojaners: 0%
    ... ~\˜A;    40ac78551a88fdc
    ...
    BLES00371-NARUTO_STORM-0
    HACKINGBKM 1
    PSHACK: Benjamin Ninja H%20'>"<[PERSISTENT INJECTED SYSTEM COMMAND OR CODE!];
    
    Solution:
    
    Restrict the savegame name input and disallow special chars.
    Encode the savegame values and redisplaying in the menu preview of the game.
    Parse the strings and values from the savegames even if included string by string via sync.
    
    Risk:
    
    The security risk of the high exploitable but local vulnerability is estimated as critical and needs to be fixed soon.
    
    Credits:
    
    Vulnerability Laboratory [Research Team] - Benjamin Kunz Mejri  (bkm AT vulnerability-lab.com)

 

Sponsored Links
Page 5 of 5 FirstFirst ... 345
Advertising - Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News