FckPSN v0.3 - Another PS3 CFW 3.55 PSN Bypass Application

[morkye]

Hi is there anyway to get your ps to 3.55fw?

[Blade86]

Here are the screens... Tomorrow I ask the author

If anyone here is good in ruby compiling, I could use your help. If I can get it into a whole-in-one exe, it would be awesome.

As you can see in my screens, I managed to externalize all settings...

I cannot get it sorted properly:
1) 1st start
2) Configurator
3) Configurator 2
4) Configurator 3
5) Configurator 4 autostarts main app

OMG, I got it First-Releaseable Version Im soo happy

3 Files:
Blade-Mod.exe [Modded Version] [original created FckPSN by drizzt] [loads its settings from external file]
Blade-Conf.exe [Completly self written Add-on-Configurator] [User friendly way to edit the settings-file]
sampl2.yml [Settings-File]

Everything ready & compiled

Ok now after 2 days of beeing awake, i get some sleep now...

Hey I contacted the author:

Hi,
you can do anything with FckPSN (GPL3 license).
Just remember to publish also the source code (if you want you can
fork my github repo)
Thanks

On Tue, Oct 16, 2012 at 3:12 AM, Blade <blade86@speedymail.org> wrote:
> Hey, thx 4 your awesome work.
> I have writen an (self-made) add-on for your FckPSN & a MODDED ver of
> your FckPSN to allow the addon together with a bit themeing.
> I have everything ready to release & I wrote on the banner of it:
>
> FckPSN
> created by drizzt
>
> modded by Blade.
>
>
> U can look the screenshots on PS3News.com
> I did it for personal use and it went better and better.
> I HAVENT UPLOADED ANYTHING except for the screenshots.
>
> So here I am, asking you politely, if you allow me to share my version.
>
> Please contact me at Ps3-news

Cheers
Blade

[matrixreaver]

What's the catch with the PSN Access PUP... multiman, backups, and online all working?... isn't this too good to be true?

Sent from my Inspire 4G using Tapatalk 2.

[Blade86]

So here we go, I call this Blade-Mod, an FckPSN Mod which includes add-ons, skins, settings and detailed information integrated into the application based off FckPSN by https://twitter.com/drizzthacks.

Download: Blade-Mod: FckPSN Mod with Add-Ons, Skins, Settings and Details / http://tinyurl.com/fckpsngithub

I like this method because all spoofs are on fly by PSN on DEX without installing something on PS3 (except for the ca27).

I know, almost no one needs it anymore (at least not for PS3 Firmware 4.25), but for all those like me, who for example don't want to change IDPS on DEX, or needs some settings to be variable, can use this tool to set all kinds of spoof settings. Get my rar -> its a ready to use pack.

From the ReadMe file:

Blade-Mod.exe: This is the modded Version of drizzt's FckPSN to allow (add-ons, designs & settings) & give you more details. (drizzt is the original creator of FckPSN)

Blade-Conf.exe: This is a self-written Configuration-Add-on for easyly edit all on-fly-by-spoof settings (PS3-FW-Ver, Target-ID, Region, Mainboard Revision, IDPS)

Blade-Settings.yml: Externalized Settings-Communication-File

CA27.cer: You know what it is...

Finally, here is the source code of Blade-Mod.exe (modded FckPSN):

Code:

!/usr/bin/env ruby
#
# FckPsn -- PSN version spoofer
#
# Copyright (C) drizzt <drizzt@ibeglab.org>
#
# This software is distributed under the terms of the GNU General Public
# License ("GPL") version 3, as published by the Free Software Foundation.
#

require 'rubygems'

require 'socket'
require 'openssl'

require 'rainbow'

gem 'rubydns', '~> 0.4.0'
require 'rubydns'

def FckPSN_VERSION=x1
end
def PLATFORM_VERSION=x2
end
def PLATFORM_PASSPHRASE=x3
end
def TARGET_ID=x4
end
def TARGET_ID2=x4
end
def MB_REV=x5
end
def IDPS_REST=x6
end
require 'yaml'
hash = YAML.load_file('Blade-Settings.yml')
#substitution_hash = {:fourth_member => 'Yeon',
#                     :time => Time.new.strftime("%m/%d/%y")}
hash.each_pair do |key, value|
  value = hash[value] if value.class == Symbol
  #puts "Value for key \"#{key}\" is: \"#{value}\""
  FckPSN_VERSION = "#{value}" if "#{key}" == "FckPSN_VERSION"
  PLATFORM_VERSION = "#{value}" if "#{key}" == "PLATFORM_VERSION"
  PLATFORM_PASSPHRASE = "#{value}" if "#{key}" == "PLATFORM_PASSPHRASE"
  TARGET_ID = "#{value}" if "#{key}" == "TARGET_ID"
  MB2 = "#{value}" if "#{key}" == "MB2"
  MB_REV = "#{value}" if "#{key}" == "MB_REV"
  IDPS_REST = "#{value}" if "#{key}" == "IDPS_REST"

  end

# Ocra is the .exe generator
if defined?(Ocra)
	require 'rexec/client'
	exit
end

# Enter in current directory
Dir.chdir File.dirname($0)

# Change 0.0.0.0 to your LAN IP if you want
localHost = "0.0.0.0"

# You don't need to edit below this comment!!

#4.21#PLATFORM_PASSPHRASE='t2wSyoqasqb_wndpmdmbhputnokghlupgtpighyrsygfbmrsectfkqOb'
CON_ID="0000000100#{TARGET_ID}00#{MB_REV}#{IDPS_REST}000000000000000000000000000000000000000000"
IDPS_REST2="#{IDPS_REST}".upcase
TARGET_ID2 = case TARGET_ID
when "80" then "AVTest /  DECR"
when "81" then "Reference Tool"
when "82" then "DEX   /  Debug"
when "83" then "CEX RETAIL JAP"
when "84" then "CEX RETAIL USA"
when "85" then "CEX RETAIL EUR"
when "86" then "CEX RETAIL KOR"
when "87" then "CEX RETAIL UK "
when "88" then "CEX RETAIL MEX"
when "89" then "CEX RETAIL AUS"
when "8A" then "CEX RETAIL S-A"
when "8B" then "CEX RETAIL TWN"
when "8C" then "CEX RETAIL RUS"
when "8D" then "CEX RETAIL CHN"
when "8E" then "CEX RETAIL HON"
when "A0" then "SYS-DEBUG/ ARC"
else "Unknown"
end

TEST="#{PLATFORM_PASSPHRASE}".scan(/.{1,28}/m)

puts "*** ".color(:green) + "-----------------------------------------------------------------------".color(:yellow) + " ***".color(:green)
puts "*** ".color(:green) + "                          FckPSN v#{FckPSN_VERSION} MOD".color(:yellow) + "                              ***".color(:green)
puts "***                           created by drizzt                             ***".color(:green)
puts "*** ".color(:green) + "=======================================================================".color(:yellow) + " ***".color(:green)
puts "*** ".color(:green) + "                modified by ".color(:red) + "--- ".color(:cyan) + "Blade".color(:yellow) + "--- ".color(:cyan) + "The Daywalker".color(:red) +"                  ***".color(:green)
puts "*** ".color(:green) + "=======================================================================".color(:yellow) + " ***".color(:green)
puts "*** ".color(:green) + "      SPOOFED PS3-SYSTEM-FW".color(:red) + " --- ".color(:cyan) + "#{PLATFORM_VERSION}                      ".color(:yellow)  + "             ***".color(:green)
puts "*** ".color(:green) + "      SPOOFED TARGET-ID    ".color(:red) + " --- ".color(:cyan) + "#{TARGET_ID2} ".color(:yellow) + "[0x#{TARGET_ID}]".color(:cyan) + "                   ***".color(:green)
puts "*** ".color(:green) + "      SPOOFED MAINBOARD-REV".color(:red) + " --- ".color(:cyan) + "#{MB2}".color(:yellow) + "[0x#{MB_REV}]".color(:cyan) + "                   ***".color(:green)
puts "*** ".color(:green) + "      SPOOFED BYTES OF IDPS".color(:red) + " --- ".color(:cyan) + "BYTES 9-16     ".color(:yellow) + "[0x#{IDPS_REST2}]".color(:cyan) + "     ***".color(:green)
puts "*** ".color(:green) + "-----------------------------------------------------------------------".color(:yellow) + " ***".color(:green)
puts "*** ".color(:green) + "      SPOOFED PF_PASSPHRASE".color(:red) + " --- ".color(:cyan) + "[PSN]".color(:yellow) + " #{TEST[0]}".color(:green)  + "      ***".color(:green)
puts "*** ".color(:green) + "                           ".color(:red) + "     ".color(:cyan) + "     ".color(:yellow) + " #{TEST[1]}".color(:green)  + "      ***".color(:green)
puts "*** ".color(:green) + "-----------------------------------------------------------------------".color(:yellow) + " ***".color(:green)

# Listening ports
localSslPort = 443
localWebPort = 80
localDnsPort = 53

# PSN (auth.np.ac.playstation.net) IP address
$remoteHost = "173.230.216.161"
$remotePort = 443

$blockSize = 1024

# Initialize OpenSSL library
cert_file = File.join("data", "cert.pem")
key_file = File.join("data", "cert.key")
list_file = File.join("data", "ps3-updatelist.txt")

cert = OpenSSL::X509::Certificate.new(File::read(cert_file))
key = OpenSSL::PKey::RSA.new(File::read(key_file))
@list_str = File::read(list_file)

@ctx = OpenSSL::SSL::SSLContext.new()
@ctx.key = key
@ctx.cert = cert

# Start servers
begin
	sslServer = TCPServer.new(localHost, localSslPort)
rescue Errno::EADDRINUSE
	$stderr.puts "Error".color(:red) + " Port " + localSslPort.to_s + " already in use"
end
begin
	webServer = TCPServer.new(localHost, localWebPort)
rescue Errno::EADDRINUSE
	$stderr.puts "Error".color(:red) + " Port " + localWebPort.to_s + " already in use"
end
begin
	dnsSocket = UDPSocket.new(Socket::AF_INET)
	dnsSocket.bind(localHost, localDnsPort)
rescue Errno::EADDRINUSE
	$stderr.puts "Error".color(:red) + " Port " + localDnsPort.to_s + " already in use"
end

if sslServer.nil? or webServer.nil? or dnsSocket.nil?
	exit 1
end

# Some prints
port = sslServer.addr[1]
addrs = sslServer.addr[2..-1].uniq

puts "*** ".color(:green) + "      TARGET ADDRESS       ".color(:red) + " --- ".color(:cyan) + "[URL] ".color(:yellow) + "auth.np.ac.playstation.net  ".color(:green)  + "      ***".color(:green)
puts "*** ".color(:green) + "      TARGET IP ADDRESS    ".color(:red) + " --- ".color(:cyan) + "[IP]  ".color(:yellow) + "#{$remoteHost}:#{$remotePort}  ".color(:green)  + "             ***".color(:green)
puts "*** ".color(:green) + "=======================================================================".color(:yellow) + " ***".color(:green)
puts "*** ".color(:green) + "      #{Time.new}".color(:red) + " [SSL]".color(:yellow) + " listening on #{addrs.collect{|a|"#{a}:#{port}"}.join(' ')}          ***".color(:green)

port = webServer.addr[1]
addrs = webServer.addr[2..-1].uniq

puts "*** ".color(:green) + "      #{Time.new}".color(:red) + " [WEB]".color(:yellow) + " listening on #{addrs.collect{|a|"#{a}:#{port}"}.join(' ')}           ***".color(:green)

port = dnsSocket.addr[1]
addrs = dnsSocket.addr[2..-1].uniq

puts "*** ".color(:green) + "      #{Time.new}".color(:red) + " [DNS]".color(:yellow) + " listening on #{addrs.collect{|a|"#{a}:#{port}" }.join(' ')}           ***".color(:green)
puts "*** ".color(:green) + "-----------------------------------------------------------------------".color(:yellow) + " ***".color(:green)

# UDP Socket does per packet reverse lookups unless this is set.
UDPSocket.do_not_reverse_lookup = true

# abort on exceptions, otherwise threads will be silently killed in case
# of unhandled exceptions
#Thread.abort_on_exception = true

# have a thread just to process Ctrl-C events on Windows
# (although Ctrl-Break always works)
#Thread.new { loop { sleep 1 } }

R =  Resolv::DNS.new
IN = Resolv::DNS::Resource::IN

# Thread used for DNS connections
def dnsConnThread(local)
	packet, sender = local.recvfrom(1024*5)
	puts "*** ".color(:green) + "[DNS]".color(:yellow) + " receiving from #{sender.last}:#{sender[1]}".color(:green)
	myIp = UDPSocket.open {|s| s.connect(sender.last, 1); s.addr.last }
	RubyDNS::Server.new do |server|
		server.logger.level = Logger::INFO
		Thread.new do
			match("auth.np.ac.playstation.net", IN::A) do |transaction|
				logger.info("#{transaction} query received, returning #{myIp}")
				transaction.respond!(myIp)
			end

			match(/ps3.update.playstation.net$/, IN::A) do |match_data, transaction|
				logger.info("#{transaction} query received, returning #{myIp}")
				transaction.respond!(myIp)
			end

			otherwise do |transaction|
				transaction.passthrough!(R)
			end

			RubyDNS::UDPHandler::process(server, packet) do |result|
				local.send(result.encode, 0, sender[2], sender[1])
			end
		end
	end
	puts "*** ".color(:green) + "[#{Time.new}]".color(:red) + " [DNS]".color(:yellow) + " done with #{sender.last}:#{sender[1]}".color(:green)
end

# Thread used for HTTP connections
def webConnThread(local)
	port, name = local.peeraddr[1..2]
	puts "*** ".color(:green) + "[#{Time.new}]".color(:red) + " [WEB]".color(:yellow) + " receiving from #{name}:#{port}".color(:green)

	puts "[#{Time.new}] ".color(:red) + local.gets.color(:cyan)

	local.write("HTTP/1.1 200/OK\r\nContent-Type: text/plain\r\nContent-Length: #{@list_str.size}\r\n\r\n#{@list_str}").color(:green)
	local.close

	puts "*** ".color(:green) + "[#{Time.new}]".color(:red) + " [WEB]".color(:yellow) + " done with #{name}:#{port}".color(:green)
end

# Thread used for HTTPS connections
def sslConnThread(local)
	port, name = local.peeraddr[1..2]
	puts "*** ".color(:green) + "[#{Time.new}]".color(:red) + " [SSL]".color(:cyan) + " receiving from #{name}:#{port}".color(:green)

	sslLocal = OpenSSL::SSL::SSLSocket.new(local, @ctx)
	sslLocal.accept

	# open connection to remote server
	remote = TCPSocket.new($remoteHost, $remotePort)

	sslRemote = OpenSSL::SSL::SSLSocket.new(remote)
	sslRemote.connect

	# start reading from both ends
	loop do
		ready = select([sslLocal, sslRemote], nil, nil, 120)
		if ready.nil?
			puts "[#{Time.new}]".color(:red) + " timeout".color(:red)
			break
		end
		if ready[0].include? sslLocal
			# local -> remote
			begin
				data = sslLocal.sysread($blockSize)
			rescue EOFError
				puts "*** ".color(:green) + "[#{Time.new}]".color(:red) + " local end closed connection".color(:yellow)
				break
			end

			if data.match('consoleid')
				
				data.sub!(/consoleid=.*/, CON_ID)
				#data.sub!(/consoleid=.*/, '00000001008500050400f344ac4f8d2f000000000000000000000000000000000000000000')
				puts "*** ".color(:green) + "[#{Time.new}]".color(:red) + " Spoofing ConsoleID to CEX".color(:yellow)
			end
			if data.match('X-Platform-Passphrase: ')
				data.sub!(/^X-Platform-Passphrase: .*/, 'X-Platform-Passphrase: ' + PLATFORM_PASSPHRASE)
				data.sub!(/^X-Platform-Version: PS3 .*/, 'X-Platform-Version: PS3_C ' + PLATFORM_VERSION)
			else
				data.sub!(/^X-Platform-Version: PS3 .*/, "X-Platform-Version: PS3_C #{PLATFORM_VERSION}\r\nX-Platform-Passphrase: #{PLATFORM_PASSPHRASE}")
			end
			sslRemote.write(data)
		end
		if ready[0].include? sslRemote
			# remote -> local
			begin
				data = sslRemote.sysread($blockSize)
			rescue EOFError
				puts "*** ".color(:green) + "[#{Time.new}]".color(:red) + " remote end closed connection".color(:yellow)
				break
			end
			sslLocal.write(data)
		end
	end

	sslLocal.close
	local.close
	sslRemote.close
	remote.close

	puts "*** ".color(:green) + "[#{Time.new}]".color(:red) + " [SSL]".color(:cyan) + " done with #{name}:#{port}".color(:green)
end

loop do
	# whenever server.accept returns a new connection, start
	# a handler thread for that connection
	ready = select([sslServer, webServer, dnsSocket], nil, nil)
	if ready[0].include? sslServer
		Thread.start(sslServer.accept) { |local| sslConnThread(local) }
	end
	if ready[0].include? webServer
		Thread.start(webServer.accept) { |local| webConnThread(local) }
	end
	if ready[0].include? dnsSocket
		Thread.start(dnsSocket) { |local| dnsConnThread(local) }
	end
end

# vim: set ts=4 sw=4 sts=4 tw=120

Cheers

Blade (Blade-Conf.exe is my first windows-app)


More PlayStation 3 News...

[PS3 News]

I have now promoted the news to our main page and +Rep for the update Blade86!

[j0hnsmith]

I'm pretty sure I know the answer to this already, but I just wanted to throw it out there. I'm gonna be buying my first Mac Book Pro tomorrow and wondering if there's a Mac version compatible for fckpsn. I'm guessing no?

After checking drizzt's site, he has a Debian/Ubuntu/Linux version. Am I able to install one of those, or would I have to install a Windows virtual machine in order to run the Windows version? Please advise. Thanks!