Sponsored Links

Sponsored Links

Page 2 of 4 FirstFirst 1234 LastLast
Results 11 to 20 of 33



  1. #11
    Contributor RexVF5's Avatar
    Join Date
    Dec 2007
    Posts
    185
    Sponsored Links
    Sponsored Links
    Do not want to discourage you and I fully do not understand what you are trying to achieve, but you should first read some more on SSL. It uses asymetric cryptography and can be used in various modes.
    • In all cases SSL encrypts the communication and attempts to prevent man-in-the-middle attacks (that is someone inbetween client and server (read: your proxy) that would try to decipher and possibly alter the communication

    • Server authentication: server has got the private key/signature that is used sign the communication to ensure it can be verified it origins from that server. Because you do not have that private key it is impossible for you to decrypt the communication in the middle AND re-encrypt it again so that the final receiver (PS3) still thinks it origins from the server. You can attempt to re-encrypt the data again with your signature but that one will fail the check against certificate authority (PS3 as every browser has got a list of trusted certificates of top-level certificate authorities (like VeriSign) and can use these to verify signature on other keys - read more about SSL and certificates and authorities)

    • There is a mode when public keys of both server and clients are mutually exchanged before any communication - that way clients can ensure they communicate with proper server and server can ensure it communicates with proper clients.

  2. #12
    Contributor ionbladez's Avatar
    Join Date
    Apr 2009
    Posts
    225
    Sponsored Links

    Question

    Sponsored Links
    Yes I am totally aware 100% of what you have stated. The reason I use quotes around "proxy" is because there is not going to be a middle man.

    My program will let the PS3 connect directly to it, and capture the data from the PS3. It will not be sent to the server.

    Then after the program has collected and created new data, the old data will be tossed (The reason is connects and doesn't send is so the PS3 will not disconnect. It will attempt to keep the connection open.)

    I know various methods of cryptography and it's the SSL that breaks it with me.

    After the creation of new data, the program itself will connect to the remote server. No middle-man here, or anywhere. It just throws away the PS3 data, and creates new data to send to the server, therefore the PS3 does not get cut off at any time. After data is received from the server side, the PS3 is alerted while the connection has been on hold (timeout at least 45 seconds)

    Therefore it's not a true proxy, just a WAIT FOR REPLY kinda thing. It does no actual proxy work. It's to collect data from the PS3 and server and just sends BS to the server (On a separate thread+connection).

    I can create a secure connection with the program already to the server. It's the PS3 I haven't tested yet because, well, (I'm not at home, still in Japan and waiting to crack mine open.)

    But you do have valid points, I understand completely, but I haven't exactly told this stuff because I am afraid sony could patch it now that it's out in the open.
    Last edited by ionbladez; 09-17-2009 at 05:56 AM

  3. #13
    Toucan Sam CJPC's Avatar
    Join Date
    Apr 2005
    Posts
    2,174
    Sponsored Links
    Sponsored Links
    Just a heads up (did not see in in the thread) but the PS3 does store (and occasionally updates) the SSL certs on its internal storage - so it compares with whomever says they are "Sony" to ensure that the certificate is valid before accepting it and starting communication.

  4. #14
    Contributor ionbladez's Avatar
    Join Date
    Apr 2009
    Posts
    225

    Cool Heh, what the..

    Sorry guys I haven't updated you all, haven't had a lot of time. Leaving back home in 3 days now and need to pack. I have to wait in LAX for 11 hours until my next flight home after toyko. Anyways, I have some ideas and some questions.

    First, Ya I've noticed the PS3 has picked up certificates from some addresses I've seen on wireshark. Weird how it sends some plain text before hand. My guess (Especially with cryptography) that it's RSA-1024 and would be A pain to crack open. So in the mean time my girlfriend bought a PS3 here in Japan as well (Silver, I wanted her to get a white one, lol)..

    So I'm working away at what I can do with my program here. Again my experience with SSL is pure garbage but I'm looking for any EXAMPLE online to help me. I know a few things, most of the common principles, etc., but I'd like to get this one done.

    The "What's New" board looks HIGHLY hackable, but I have yet to sniff the packets from the PS3 when it d/l's that.. I know it's not encrypted because Proxomitron can receive all of it. I just haven't had time to mess around with it. It'd be great to replace the "What's new" board with Weather, Time, Traffic, stuff like that. Maybe I'll throw it into Connection Stealer - What I'm naming is as of now. People can paste URLs for their current ZIP or something and it will display the image in the box. But this is just a theory now and I'd like everyone to have something like that. Sony strips all the good stuff from what we'd really need.

    Pce guys, again I'll keep you updated with whatever I can get done.

  5. #15
    Contributor Reflecter's Avatar
    Join Date
    Aug 2008
    Posts
    21

    Thumbs Up

    Two thumbs up. It sounds very interesting. I hope we could bypass the firmware check soon. You are the best.

  6. #16
    Contributor livpool's Avatar
    Join Date
    Sep 2009
    Posts
    211
    Quote Originally Posted by ionbladez View Post
    The "What's New" board looks HIGHLY hackable, but I have yet to sniff the packets from the PS3 when it d/l's that.. I know it's not encrypted because Proxomitron can receive all of it. I just haven't had time to mess around with it. It'd be great to replace the "What's new" board with Weather, Time, Traffic, stuff like that. Maybe I'll throw it into Connection Stealer - What I'm naming is as of now. People can paste URLs for their current ZIP or something and it will display the image in the box. But this is just a theory now and I'd like everyone to have something like that. Sony strips all the good stuff from what we'd really need.
    wow, that replacing whats new thing sound awesome!

  7. #17
    Registered User omuyasha's Avatar
    Join Date
    Feb 2009
    Posts
    2

    Big Grin

    Hmm... This sounds very interesting, I cant wait (^_^)

  8. #18
    Contributor NZHawk's Avatar
    Join Date
    Jan 2008
    Posts
    51
    Soooo, Any news?

    Quite a while ago, end of last year, I had a go at making a proxy server, and got pretty far. I just got fed up of coding and stopped, numberous errors that just took way too much time to figure out.

    [Register or Login to view links]

    Thats the 'products' website, or would have been if I finished it. Dont bother clicking the download button, the forum software has gone crazy and doesent work anymore. (Goes into a random loop thing).

    I had coded it to automatically on-the-fly update the ps3update.txt, but apparently this method does not work anymore? (Im on the latest version now so cant test it)

    This project is interesting, and would love to see the source code! xP

    NZHawk,
    Last edited by NZHawk; 10-04-2009 at 08:29 PM Reason: Automerged Doublepost

  9. #19
    Member dondolo's Avatar
    Join Date
    Jan 2009
    Posts
    170
    yes and may we know about a release date for the beta?

  10. #20
    Contributor ionbladez's Avatar
    Join Date
    Apr 2009
    Posts
    225
    I've kinda "reformatted my laptop" in order to sell it. But don't worry I have backed up 100% of my projects for Visual Studio.

    I have built-in a firmware checker that checks at set intervals, as well as a downloader (With resume support) - Sorry for the "steal on idea" but I thought I could make it before someone else did - I just never had the time.

    Currently it's sitting on a 2TB external HDD with no movement. Meaning I haven't touched it for weeks.

    I need to install visual studio on my server, or desktop. Whichever one I have the time for after everything clears up at my house, lol.

    Don't worry I will be providing screenshots soon to come.

 

Sponsored Links

Page 2 of 4 FirstFirst 1234 LastLast
Advertising - Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News