Sponsored Links

Sponsored Links

Page 1 of 9 123 ... LastLast
Results 1 to 10 of 90



  1. #1
    Forum Moderator PS3 News's Avatar
    Join Date
    Apr 2005
    Posts
    27,699
    Sponsored Links

    Rumor: PS3 Master Key / Device Key Finally Uncovered?

    Sponsored Links
    Update #2: Now zAxis reports that the news of the PS3 Master Key was not legitimate after all.

    Update: graf_chokolo has now confirmed he found the PS3 Master Key, and plans to release it publicly after PSGrade is updated with it and is spread!

    Today Estx on xorloser's blog (linked above) has announced that he has uncovered the PS3 Master Key and will post it shortly, however, some users including phiren believe it is really the Device Key and are awaiting more details.

    Below are some comment and code excerpts, as follows:

    Estx: I’ve found the Masterkey from bruteforcing dumps from my system.

    Took 27 minutes, over 8,100,000 possible keys. Lol – could’ve waited but ah well.

    If anyone is interested in doing the same, you can find it on 3.41.
    Code:
    for(int i = 0; i < list.length; i++)
    if(HMAC-SHA-1(key[i]).ComputeHash(encryptChallengeBody) == matchResponseBody)
    {
    Success;
    }
    Challenge and response I took from the dumps reported on psx-scene. If graf doesn't find it by tomorrow – I'll release the key. Only reason I'm holding it back – is because no one helped me when I asked for it. (;

    phiren: Either your code you supplied is nothing like the actual code you used, or you managed to fluke the correct device key for the device that was used to generate that response, not the master key.

    Estx: It’s just psuedo code. Actual code has a few more lines than this. Inclusive of byte conversion, list generating from binary dumps and other trivial functions.

    I have no way to dump the data between my at90usb192 and PS3 so I can’t post any challenge/response logs.

    And it’s not a magic key – it is the master key. I have tried it so far from 3.41 and 3.50 on my slim and fat.

    That’s the actual loop there: [Register or Login to view links]
    Code:
    for(int i = 0; i < lineArray.Length; i++)
    			{
    				Console.WriteLine("Trying {0}", lineArray[i]);
    				dummyKey = strToByt(lineArray[i]);
    				hSha1 = new HMACSHA1(dummyKey);
    				
    				rcv = hSha1.ComputeHash(encryptMe);
    				
    				if(rcv == matchMe)
    				{
    					Console.WriteLine("Success is mine.");
    					Console.WriteLine("\nMaster Key\n");
    					Console.WriteLine("HEX: (" + rcv.Length.ToString() + " bytes)\n" + formatString(BitConverter.ToString(rcv).Replace("-"," ")));
    					return;
    				}
    			}
    Prior to this is generation of the list etcetera.

    phiren: I’m thinking more of the code which does an SHA1-HMAC between the master key and the dongle ID to generate the device key which is finally SHA1-HMACed with the challenge. A single device key will work on all firmware versions, which makes it just as useful as the master key for our purposes.

    It just means that Sony can revoke that single device and you can’t possibly generate another device key. But since Sony will probably revoke every single device and start again with a new master key with the next firmware version, having the master key isn’t that useful.

    Estx: That’s what I was thinking as I was learning how to generate the correct response before constructing a quick loop. The expected response is 20 bytes of what you suggested above.

    I’ve found no other use of the master key yet.. so you’re quite right. Mind you, I’m not as talented as some of the other developers here, I’m still playing around with new things I’m finding in the firmware’s. And thank’s to graf’s work – there’s even more to play around with.


    More PlayStation 3 News...

  2. #2
    Registered User evilsperm's Avatar
    Join Date
    Sep 2007
    Posts
    476
    Sponsored Links
    Sponsored Links
    Calling BS 27 mins... lmfao this is just too damn funny, someone can go ahead and do the math on how long it would actually take to brute force a key and by all means you can factor in luck if you really want because I would love to see 27 mins.

  3. #3
    Banned User
    Join Date
    Apr 2007
    Posts
    351
    Sponsored Links
    Sponsored Links
    Wow, If this is really true then this has been an extra busy productive week for PS3 hackers, great progress, keep up the good work guys but ill wait for conclusive proof too! The layers of Sony's security do just keep falling though, what next I wonder! I wouldnt be surprised if a full-on open source downgrader is on the way before next week!
    Last edited by DeViL303; 12-04-2010 at 03:09 AM

  4. #4
    Registered User al5911's Avatar
    Join Date
    Dec 2009
    Posts
    4
    Damn it!!! If this is real then CFW is on da' way. You're such one lucky dude... but why not just sharing it for a proof??

  5. #5
    Forum Moderator PS3 News's Avatar
    Join Date
    Apr 2005
    Posts
    27,699
    I guess we'll know soon enough, eh? Estx stated: "If graf doesn't find it by tomorrow – I'll release the key."
    Quote Originally Posted by al5911 View Post
    Damn it!!! If this is real then CFW is on da' way. You're such one lucky dude... but why not just sharing it for a proof??
    This was his explanation on why, for what it's worth: "Only reason I'm holding it back – is because no one helped me when I asked for it. (;"

  6. #6
    Senior Member spark32's Avatar
    Join Date
    Mar 2008
    Posts
    207
    Quote Originally Posted by evilsperm View Post
    Calling BS 27 mins... lmfao this is just too damn funny, someone can go ahead and do the math on how long it would actually take to brute force a key and by all means you can factor in luck if you really want because I would love to see 27 mins.
    8,100,000posibilities/27mins/300,000% Luck
    =
    3

    Which means it's a 1 in 3 chance of getting it when you factor in the 300,000% BS.

  7. #7
    Senior Member Bishoff's Avatar
    Join Date
    Jun 2010
    Posts
    244
    well, the guy will either lose all credibility or gain a lot of fame shortly... let's wait and see.

  8. #8
    Banned User
    Join Date
    Apr 2007
    Posts
    351
    Ya he must have been real lucky , to test half that amount of keys he would need to be doing 2500 a second!

  9. #9
    Registered User al5911's Avatar
    Join Date
    Dec 2009
    Posts
    4
    Let's hope he is telling the truth or he'll RIP. If it is true then S.C.E will RIP and to S.C.E, you guy can start working on your PS4...
    Last edited by al5911; 12-04-2010 at 03:31 AM

  10. #10
    Registered User xMotorhead's Avatar
    Join Date
    Nov 2010
    Posts
    14

    Big Grin

    Come on man, make my day~!

 

Sponsored Links
Page 1 of 9 123 ... LastLast
Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News