Page 8 of 10 FirstFirst ... 678910 LastLast
Results 71 to 80 of 97



  1. #71
    Member jd200's Avatar
    Join Date
    Jul 2007
    Posts
    122

    guide

    is there like a video guide you can make how to setup hardware to use and config to sniff ps3 packets then we can inspect info.

  2. #72
    Junior Member denunes's Avatar
    Join Date
    Dec 2007
    Posts
    52
    wired i don't know how. wireless i will say use linux tools, there are many.

  3. #73
    Contributor ionbladez's Avatar
    Join Date
    Apr 2009
    Posts
    225
    Hey guys, I've been running multiple packet sniffers (through Wifi), -- that SSL packet that was uploaded to this thread, I've caught that very same packet before, and I can't get it again.

    If we can hot-edit this packet to match some servers, we can fake the *.*.*.dl.playstation.net BS.

    I've caught it once, somehow I believe I was using wireshark, but I've used that, net tools (all of the packet sniffers) etc,.

    I can't seem to get it again, I think it may be a cold-boot thing, that's all I haven't tried yet, but this could be a sweet key to let non-debug unit users download pkg's from the PSN store in the links section.

    I'll keep you guys posted.

  4. #74
    Registered User LABO2LOGAN's Avatar
    Join Date
    Nov 2007
    Posts
    6

    Urls

    I hope that will help!
    Very interesting link... http://forum.gamer.com.tw/C.php?bsn=60281&snA=46952&tnum=1

    Some urls :
    ac.playstation.net (主控幾個 xxxx.np.ac.playstation.net server)
    admin.playstation.net
    community.playstation.net
    dl.playstation.net
    mail.playstation.net
    ns00(~05).playstation.net
    ns21(~25).playstation.net
    service.playstation.net
    update.playstation.net

    Bye

  5. #75
    Member DemonSeed's Avatar
    Join Date
    Jun 2009
    Posts
    31
    Nice info LABO2LOGAN.

    For those asking about sniffing packets on the ps3, there are two things to note. You may arpspoof and sslstrip for the ssl packets, everything else you will have to sniff tcp/udp traffic incoming/outgoing from ps3 ip via your gateway or whatever. Good luck and let us know if anyone comes across the directory structure.

  6. #76
    Contributor ionbladez's Avatar
    Join Date
    Apr 2009
    Posts
    225
    I'm already working on this.
    It seems the PS3 is like a standard computer (when it comes to networking).

    It chooses a random port to connect FROM to the server.
    Also, the ns00(>05).platystation.net are in fact secure file servers, I've tried to load it in the browser and gets me nowhere: but I'm sure it does nothing but store game updates, etc;.

    This is all I got from the stream:

    1............101.0.168.192.in-addr.arpa.....1 ...........100.0.168.192.in-addr.arpa.....1............101.0.168.192.in-addr.arpa.............Q............p.... ..:...Q.1!...........1.0.168.192.in-addr.arpa.....1"...........254.1.168.192.in-addr.arpa.....1"...........254.1.168.192.in-addr.arpa................
    .launchmodem.1#...........launchmodem.....1#...... .....launchmodem.....................1 ...........100.0.168.192.in-addr.arpa.....1 ...........100.0.168.192.in-addr.arpa.............Q............p.... ..:...Q.1!...........1.0.168.192.in-addr.arpa.....1!...........1.0.168.192.in-addr.arpa.............Q............p.... ..:...Q.1$...........35.15.13.76.in-addr.arpa.....1$...........35.15.13.76.in-addr.arpa..................cs107.msg.ac4.yahoo.com .1%...........cs107.msg.ac4.yahoo.com.....1%...... .....cs107.msg.ac4.yahoo.com.................L
    .#1&...........250.255.255.239.in-addr.arpa.....1&...........250.255.255.239.in-addr.arpa..............m.-.dot.ep.net.
    hostmaster.>..mD..Q...*0..:...Q.1'...........120.2 33.142.68.in-addr.arpa.....1'...........120.233.142.68.in-addr.arpa..................sip65.voice.re2.yahoo.c om.1(...........sip65.voice.re2.yahoo.com.....1(.. .........sip65.voice.re2.yahoo.com................ .D..x1)...........85.65.75.168.in-addr.arpa.....1*...........105.254.48.208.in-addr.arpa.....1+...........156.159.125.74.in-addr.arpa.....1,...........218.76.105.203.in-addr.arpa.....1+...........156.159.125.74.in-addr.arpa.................
    yi-in-f156.google.com.1-..........
    yi-in-f156.google.com.....1-..........
    yi-in-f156.google.com.............Q...J}..1)...........8 5.65.75.168.in-addr.arpa.....1*...........105.254.48.208.in-addr.arpa.....1,...........218.76.105.203.in-addr.arpa.....1)...........85.65.75.168.in-addr.arpa..............,...tag
    contextweb.com.1............tag
    contextweb.com.....1............tag
    contextweb.com..................KAU1*...........10 5.254.48.208.in-addr.arpa.....1,...........218.76.105.203.in-addr.arpa.....1,...........218.76.105.203.in-addr.arpa..................ns00.playstation.net.1/...........ns00.playstation.net.....1/...........ns00.playstation.net..............:...i L.1*...........105.254.48.208.in-addr.arpa.....1*...........105.254.48.208.in-addr.arpa.....
    tag.contextweb.com ?? What?
    Never seen that, will look into this. seems it's a cross-server authentication system or something.

    I've just actually tried to open it in Firefox (https://):
    It's definitely a SSL server.
    So this must be under some secure BS (if you know what I mean).

    Something is hidden here, and it's not cupcakes.
    All I am seeing is an "Under Construction" Page, clearly copied from a microsoft template (idiots!).

    I've messed around a bit more and found this:

    1............101.0.168.192.in-addr.arpa.....1 ...........100.0.168.192.in-addr.arpa.....1............101.0.168.192.in-addr.arpa.............Q............p.... ..:...Q.1!...........1.0.168.192.in-addr.arpa.....1"...........254.1.168.192.in-addr.arpa.....1"...........254.1.168.192.in-addr.arpa................
    .launchmodem.1#...........launchmodem.....1#...... .....launchmodem.....................1 ...........100.0.168.192.in-addr.arpa.....1 ...........100.0.168.192.in-addr.arpa.............Q............p.... ..:...Q.1!...........1.0.168.192.in-addr.arpa.....1!...........1.0.168.192.in-addr.arpa.............Q............p.... ..:...Q.1$...........35.15.13.76.in-addr.arpa.....1$...........35.15.13.76.in-addr.arpa..................cs107.msg.ac4.yahoo.com .1%...........cs107.msg.ac4.yahoo.com.....1%...... .....cs107.msg.ac4.yahoo.com.................L
    .#1&...........250.255.255.239.in-addr.arpa.....1&...........250.255.255.239.in-addr.arpa..............m.-.dot.ep.net.
    hostmaster.>..mD..Q...*0..:...Q.1'...........120.2 33.142.68.in-addr.arpa.....1'...........120.233.142.68.in-addr.arpa..................sip65.voice.re2.yahoo.c om.1(...........sip65.voice.re2.yahoo.com.....1(.. .........sip65.voice.re2.yahoo.com................ .D..x1)...........85.65.75.168.in-addr.arpa.....1*...........105.254.48.208.in-addr.arpa.....1+...........156.159.125.74.in-addr.arpa.....1,...........218.76.105.203.in-addr.arpa.....1+...........156.159.125.74.in-addr.arpa.................
    yi-in-f156.google.com.1-..........
    yi-in-f156.google.com.....1-..........
    yi-in-f156.google.com.............Q...J}..1)...........8 5.65.75.168.in-addr.arpa.....1*...........105.254.48.208.in-addr.arpa.....1,...........218.76.105.203.in-addr.arpa.....1)...........85.65.75.168.in-addr.arpa..............,...tag
    contextweb.com.1............tag
    contextweb.com.....1............tag
    contextweb.com..................KAU1*...........10 5.254.48.208.in-addr.arpa.....1,...........218.76.105.203.in-addr.arpa.....1,...........218.76.105.203.in-addr.arpa..................ns00.playstation.net.1/...........ns00.playstation.net.....1/...........ns00.playstation.net..............:...i L.1*...........105.254.48.208.in-addr.arpa.....1*...........105.254.48.208.in-addr.arpa.....10...........102.67.125.74.in-addr.arpa.....10...........102.67.125.74.in-addr.arpa.................
    gw-in-f102.google.com.11...........79.65.75.168.in-addr.arpa.....12..........
    gw-in-f102.google.com.....12..........
    gw-in-f102.google.com.............Q...J}Cf11...........7 9.65.75.168.in-addr.arpa.....11...........79.65.75.168.in-addr.arpa..............,...media
    contextweb.com.13...........media
    contextweb.com.....13...........media
    contextweb.com..............6...KAO14...........10 2.0.168.192.in-addr.arpa.....15...........255.0.168.192.in-addr.arpa.....14...........102.0.168.192.in-addr.arpa.............Q............p.... ..:...Q.15...........255.0.168.192.in-addr.arpa.....15...........255.0.168.192.in-addr.arpa.............Q............p.... ..:...Q.
    media.contextweb.com

    Obviously this is definitely a file server (as I thought!).
    I'll snoop around a bit, and get back with some good info.

  7. #77
    Member DemonSeed's Avatar
    Join Date
    Jun 2009
    Posts
    31
    contextweb is one of those ad based things (alternative to adsense). They do contextual and behavioural targeting for ads etc on dynamic pages (advertising sales, publishing services, business development, marketing, finance related stuff).

  8. #78
    Contributor ionbladez's Avatar
    Join Date
    Apr 2009
    Posts
    225
    I figured as much, the PS3 wasn't requesting anything from that site.

    Anyways, I have yet to get my hands tapping the keyboard - My experience with SSL is pure $HI+.

    I was thinking maybe something simple in Vb.Net (2.0)
    Make a program that can intercept the packets, and edit them live before transfer.
    I know this concept seems a bit out of mind (it definitely is..)
    But a theory is there, and needs to be tested.

    Anyone have and vb.net source codes for SSL, examples; maybe?
    Thanks in advance.

    I don't wanna mess with Visual C#.
    That's a pain.

  9. #79
    Member DemonSeed's Avatar
    Join Date
    Jun 2009
    Posts
    31
    Well I am currently working on a cross platform alternative proxy solution (currently the windows version works properly compared to the others, the linux version has a gtk problem and the mac version has a messed up gui which is easily fixable) and still trying to find a way to display ssl in cleartext format.

    It still has a long way to go but right now I'm trying to get it to spit out the encrypted data to sslstrip and it has problems with it [sslstrip is giving me a code 400, or at least something is]. Capturing the encrypted traffic is no problem on my end via the proxy - sslstrip seems to be either interpreting my data wrong or I don't know what. Still messing with it. If you program you could use something like the komodia sdk to display the ssl data in clear text. Will let you know if anything proper comes out of it or I might have to just setup bt3 and do mitm on it.

    Here's a screenshot of a work in progress:

    Attached Images<br><br> Attached Images


  10. #80
    Contributor ionbladez's Avatar
    Join Date
    Apr 2009
    Posts
    225
    Nicely done, you mind sharing your source with me? I wouldn't mind helping.
    I'm good with text manipulation and conversion as well as tcp/ip works.

    Doesn't matter what language it's in, I'm highly adaptable, and if necessary I could convert it over to VB.net or C#.net

    Up to you, send me a PM .

    *or current test program, I could work something out if you already have the right stuff setup.

    Well, I've been thinking: since the Hypervisor is nothing but a core in the CELL;
    We need to get cracking on the processor itself.

    Maybe it's easier than we actually think and are told.
    This can't be something too hard to crack into.
    We need to probe between the CPU and the chip that contains the keys.

    Sorry, it's not in my topic, but it's an idea.
    Last edited by ionbladez; 06-21-2009 at 02:31 PM Reason: Automerged Doublepost

 


 
Page 8 of 10 FirstFirst ... 678910 LastLast