Sponsored Links

Sponsored Links

Page 8 of 9 FirstFirst ... 6789 LastLast
Results 71 to 80 of 90



  1. #71
    Banned User
    Join Date
    Mar 2008
    Posts
    303
    Sponsored Links
    Sponsored Links
    @TUHTA: what would be if we get forced the otheros to use other space then the one we wanna read out? is that possible through manipulation?

  2. #72
    Contributor ionbladez's Avatar
    Join Date
    Apr 2009
    Posts
    225
    Sponsored Links
    Sponsored Links
    -rep from me too, please don't post useless information. If you've updated: FINE, if not: Great.

    in another case - I get my 60GB ps3 tomorrow. It has a YLOD so on that fact I'll fix it, and (I don't know the fw version) get linux installed. I do have a small linux project I was working on a while back, involves a text-only shell and very light kernel.

    I'm not sure if I can get it to lock the ethernet controller, but I'm definitely going to try anything I can. I have been out of this for too damn long and honestly - I'm tired of it. If there will be a time a CFW comes out, I'll be on that team to do it

    I'll be going to school some time this year, not sure what exactly but programming will definitely be one of my courses. Regardless of what language or variant. Keep this thread updated [not with useless info], I have a friend willing to help me with his 10+ years of electronics knowledge lol

    Let's see sony stop something that won't be on their network/radar or whatever you want to call it ;] If a CFW is released, I hope they don't expect us to be on their network using it. That would defeat the purpose and they could patch it with one of their updates in a split second without warning.

  3. #73
    Senior Member Preceptor's Avatar
    Join Date
    Apr 2008
    Posts
    146
    Sponsored Links
    Sponsored Links
    Peeps... Sorry for repeating myself but since nobody answered my question, I will ask again... As far as I know, the pups use asymmetric cryptography (meaning that sony puts a public key inside the ps3 and signs every pup with her private key - which never leaves HQ btw - that can only be decrypted using the public key inside the ps3).

    How come now some people are claiming that the pup's only security is a sh1 hashing check and that they can replicate the process using a key and an algorithm retrieved from level 2?

    Nothing makes sense to me... Can someone clear the whole matter up for me?
    Last edited by Preceptor; 05-13-2010 at 01:34 AM

  4. #74
    Toucan Sam CJPC's Avatar
    Join Date
    Apr 2005
    Posts
    2,174
    Quote Originally Posted by Preceptor View Post
    Peeps... Sorry for repeating myself but since nobody answered my question, I will ask again... As far as I know, the pups use asymmetric cryptography (meaning that sony puts a public key inside the ps3 and signs every pup with her private key - which never leaves HQ btw - that can only be decrypted using the public key inside the ps3).

    How come now some people are claiming that the pup's only security is a sh1 hashing check and that they can replicate the process using a key and an algorithm retrieved from level 2?

    Nothing makes sense to me... Can someone clear the whole matter up for me?
    Basically, the PUP file itself is a handful of tar files and a few xml files with a HMAC-SHA1 signature in the header - this prevents tampering with the tar/xml files. Inside the TAR files however, are fully encrypted files for the system controller, CoreOS, dev_flash, etc.

    So, even with figuring out the SHA1 issue (and getting past it) - the best you can do is swap around some encrypted data for other encrypted data.

  5. #75
    Senior Member mushy409's Avatar
    Join Date
    Oct 2008
    Posts
    329
    Quote Originally Posted by CJPC View Post
    Basically, the PUP file itself is a handful of tar files and a few xml files with a HMAC-SHA1 signature in the header - this prevents tampering with the tar/xml files. Inside the TAR files however, are fully encrypted files for the system controller, CoreOS, dev_flash, etc.

    So, even with figuring out the SHA1 issue (and getting past it) - the best you can do is swap around some encrypted data for other encrypted data.
    So basically swap out the files for ones with for example files with Otheros doings and edit the XML's etc to 'adjust' the PUP contents?

  6. #76
    Senior Member CodeKiller's Avatar
    Join Date
    Nov 2009
    Posts
    130
    Quote Originally Posted by Preceptor View Post
    I will ask again... As far as I know, the pups use asymmetric cryptography (meaning that sony puts a public key inside the ps3 and signs every pup with her private key - which never leaves HQ btw - that can only be decrypted using the public key inside the ps3).
    actually the HMAC is symmetric (use only one secret key, and some padding-"keys") [Register or Login to view links]

    But i'm really pessimistic about the key ever get loaded to ram. (They can load it to isolated-SPU from the "bios".)

  7. #77
    Senior Member Preceptor's Avatar
    Join Date
    Apr 2008
    Posts
    146
    Quote Originally Posted by CJPC View Post
    Basically, the PUP file itself is a handful of tar files and a few xml files with a HMAC-SHA1 signature in the header - this prevents tampering with the tar/xml files. Inside the TAR files however, are fully encrypted files for the system controller, CoreOS, dev_flash, etc.

    So, even with figuring out the SHA1 issue (and getting past it) - the best you can do is swap around some encrypted data for other encrypted data.
    Thanks CJPC, I can finally see what the hades team and Geohot are planning. It won´t be a custom firmware at all, it will be a chimera of older retail files with the 3.30 gameOS so that it will be able to retain OtherOS support.

    Quote Originally Posted by CodeKiller View Post
    actually the HMAC is symmetric (use only one secret key, and some padding-"keys") [Register or Login to view links]

    But i'm really pessimistic about the key ever get loaded to ram. (They can load it to isolated-SPU from the "bios".)
    Mate, I know what a HMAC sha1 hashing is but thanks for answering though. The problem was that some people sudenly started treating the process as if it was a CFW creation process and that we would be able to finally create one of our own. It ain't true... And the key probably does get loaded in memory. The system has to do a rehashing of the files to compare with the header provided. The spe decryption wasn´t meant for sha1 hashing, as far as I know.

    So I´m saying goodbye to GameOS homebrew for the time being...

  8. #78
    Toucan Sam CJPC's Avatar
    Join Date
    Apr 2005
    Posts
    2,174
    Quote Originally Posted by Preceptor View Post
    Thanks CJPC, I can finally see what the hades team and Geohot are planing. It won´t be a custom firmware at all, it will be a chimera of older retail files with the 3.30 gameOS so that it will be able to retain OtherOS support.
    Yep - exactly. Its actually quite easy to mix and match PUP contents. I mean, we have done it ages ago with our Service Mode box, for instance having in-game xmb in 1.50, your typical hybrid debug-retail firmware, etc - its actually quite simple.

    The problem becomes the HMAC-SHA1 issue, but find the proper way to recompute that (which, the program segment that checks the PUP's validity would have) - you can make your own PUP - so to say. Of course, you can only use encrypted contents, and it limits you greatly (the whole CoreOS thing).

  9. #79
    Contributor teusjuh's Avatar
    Join Date
    Jul 2007
    Posts
    23

    Question

    is p2 emulation possible with this pup modification?? because other ps3 systems have ps2 support!

  10. #80
    Senior Member CodeKiller's Avatar
    Join Date
    Nov 2009
    Posts
    130
    Quote Originally Posted by teusjuh View Post
    is p2 emulation possible with this pup modification??
    currently NOT
    Quote Originally Posted by teusjuh View Post
    because other ps3 systems have ps2 support!
    No, they don't have! Just the BC models (the ones with 4 usb port). Maybe in the future... after a fully-sw based emu released by sony.
    Quote Originally Posted by Preceptor View Post
    And the key probably does get loaded in memory. The system has to do a rehashing of the files to compare with the header provided. The spe decryption wasn´t meant for sha1 hashing, as far as I know.
    If you check carefully, you see, you don't have to have clear keys to do the hash, so it would be smarter to prepare the 'i_key_pad', pass it to general-hash-algo, then calc the final HMAC in the SPE. And they can use different keys for the different passes, or using non-standard padding data.. so in these cases the possibility to rebuild the key is as much as brute-forcing (I'm sure, i won't let it load to ram, especially not in plain form)

    But be I'm wrong...

 
Sponsored Links

Page 8 of 9 FirstFirst ... 6789 LastLast

Tags for this Thread

Advertising - Affiliates - Contact Us - PS3 Downloads - PS3 Forums - Privacy Statement - Site Rules - Top - © 2015 PlayStation 3 News