PS3 Downloads   PS3 Forums   PS3 Guides   PS3 Releases   PS3 Themes   PS3 Trophies   Register  
Notices
Hey, YOU browsing these forums. You know you're not Registered, right? Registering at PS3 News you can:

• Access the PS3 Dev and PS3 Hacks areas and the PS3 Downloads!
• Search ALL Site News Articles with the PS3 News Database Search Engine!
• Read replies to Forum threads and comments from other PlayStation 3 fans!
• Post questions for the resident Sony experts and exchange cheats, tips and secrets.
• View LESS ADS while browsing this site (upon Registration mail confirmation).
• Submit News right to our main page, for all to see and discuss.

Registration is FAST, simple and absolutely FREE! Sign up quickly HERE right now!
 
Go Back   PS3 NEWS - PlayStation 3 News - PS3 Hacks » PlayStation 3 News » PS3 HDD News
Reload this Page Random PlayStation 3 HDD & RAM Dumping Bug Discovered
PS3 HDD News Reserved for PS3 hard disk drive help and discussion.
Latest PS3 News
Video: God Of War 3 PS3 Glitch - Skip Battling Hermes
Posted 10 hours ago by
PS3 News with 3 Comments 		BenQ iXtreme LT & LiteOn iXtreme LT v1.1 for XBox 360 Released
Posted 11 hours ago by
PS3 News with 4 Comments 		Video: LittleBigPlanet PS3: Sack It To Me - The Hedgehog Edition
Posted 2 days ago by
PS3 News with 3 Comments
Video: Fat Princess: Fistful of Cake PSP Trailer and Interview
Posted 2 days ago by
PS3 News with 1 Comment 		Sony BAFTA Video Games Awards 2010 Nominations Detailed
Posted 2 days ago by
PS3 News with 2 Comments 		Heavy Rain Taxidermist PS3 DLC Hits April 1 - No April Fool's Joke
Posted 2 days ago by
PS3 News with 2 Comments
Reply
 
Thread Tools
Random PlayStation 3 HDD & RAM Dumping Bug Discovered
  #1 (permalink)  
Old 09-09-2009
PS3 News's Avatar
PS3 News Online
Boss
  
Random PlayStation 3 HDD & RAM Dumping Bug Discovered
Today SKFU has shared a bug he found in PS3 Firmware 2.8 (although he said it should be present since 2.0 through 3.0) that allows you to dump random data from the PlayStation 3 HDD and RAM.

To quote: There's a little "bug" in the PlayStation3's NAT test which causes that you can dump random data from the HDD and RAM. Why exactly this appears; I don't know, yet. But well, it is interesting.

The way how to do it is pretty simple. Set up http://www.wireshark.org/download.html on the PC and activate ICS (Internet Connection Sharing).

Connect the PS3 with the PC via LAN and start Wireshark's logging/sniffing feature on the LAN device. Now go to Settings on the PS3 and start a Internet Connection Test in the Network option.

When the PS3 starts the NAT testing it will send default STUN packets together with several IP Fragments. Those both packet types will contain random data which the PS3 grabs from the HDD and/or RAM. There you go.

Random PlayStation 3 HDD & RAM Dumping Bug Discovered

More PlayStation 3 News...

Reply With Quote
  #2 (permalink)  
Old 09-09-2009
PSPSwampy's Avatar
PSPSwampy Offline
Senior Member
  
Interesting, but i don't see how this can really help (unless it can be forced to send specific memory addresses etc).

Basically what we're saying here is that you can sniff small amounts of completely random data using this method. So you presumably have absolutely no idea where this data actually originated (as in disk or memory addresses) so cannot possibly hope to combine any larger sets of data.

I guess the only use would be if you sat there long enough you might discover some previously unknown function calls or something - but that's gotta be like looking for a needle in the worlds largest haystack.

Or am i missing the point on this one?

Have to say - still an interesting news item, but seems a bit pointless to me (but then i'm no PS3 arcitecture expert!).

PSPSwampy.

Reply With Quote
  #3 (permalink)  
Old 09-09-2009
Ihatecompvir's Avatar
Ihatecompvir Online
Junior Member
  
Lightbulb
It would be awesome if we could somehow dump the Encryption keys from the PS3.
If you tried it with No HD, would it only dump from RAM?

Last edited by Ihatecompvir; 09-09-2009 at 08:27 PM.
Reply With Quote
  #4 (permalink)  
Old 09-09-2009
CJPC's Avatar
CJPC Online
Right Hand Man
  
Well, assuming you could boot without a HDD - the system would be quite unstable to say the least, in theory it COULD pull from ram - then again, it might only pull from application area of that PRX, there are just too many variables and not enough data to make a conclusion - even testing would not answer the problem, due to the amount of randomness!

Reply With Quote
  #5 (permalink)  
Old 09-09-2009
Ihatecompvir's Avatar
Ihatecompvir Online
Junior Member
  
Oh I see. I'm still gonna dump a few times just to confirm this works on 3.0.

Reply With Quote
  #6 (permalink)  
Old 09-09-2009
PS3 News's Avatar
PS3 News Online
Boss
  
Quote:
Originally Posted by Ihatecompvir View Post
Oh I see. I'm still gonna dump a few times just to confirm this works on 3.0.
That will be appreciated, mainly as he said on IRC he believes it's 2.0-3.0 but couldn't confirm it himself as he's on 2.8 at the moment.

Reply With Quote
  #7 (permalink)  
Old 09-10-2009
bidomo's Avatar
bidomo Offline
Newbie
  
Lightbulb
Could it possibly be related to uPnP?

I just hope a big NO!

Reply With Quote
  #8 (permalink)  
Old 09-10-2009
SCE's Avatar
SCE Online
Member
  
Lightbulb
What about sending calls or commands to the console via LAN. Maybe, during the testing, instead of sending usual answers to the PS3, one can send different codes to PS3 and look what happens. (I am sure it was already done though.)

Reply With Quote
  #9 (permalink)  
Old 09-10-2009
kakarotoks's Avatar
kakarotoks Offline
PS3 Dev
  
Humm.. I'm not sure if I should trust this.. has it been confirmed by anyone else?

I know STUN (hell, I wrote a full (RFC3489 and RFC5389) STUN library) and I don't see how it could contain any random data.. a basic Binding request (for NAT discovery) would only be 20 bytes long (only the header, no attributes), 4 bytes in there are important (type of request + size of payload), then you get 16 bytes of "cryptographically random" transaction ID.. I would guess that maybe the transaction id is just a random, uninitialized pointer, instead of being filled with /dev/urandom data..

If that's the case, then yeah, maybe it is possible, but I would doubt such a simple RFC would be implemented as badly as this (most library that do not care about the transaction id send "0000000000000000" as transaction id (which is perfectly fine/valid))...

I don't know about the IP (or UDP) layers, but I doubt it would contain uninitialized data...

In any case, this isn't helpful, since you can't predict which memory address will be captured... so you can't really 'reconstruct' the RAM's content or anything like that (and even if you could, 16 bytes at a time is really small), so it's not that useful in itself..

But if it's confirmed true, it's still a nice find

Thanks for sharing.

Reply With Quote
  #10 (permalink)  
Old 09-10-2009
PS3 News's Avatar
PS3 News Online
Boss
  
I will answer (since nobody else has ) as this is what SKFU said on IRC in reply to your post:
Quote:
<SKFU> im kinda to lazy to answer but mainly i also don't know why exactly it grabs the data that's why i called it a bug :P
So basically, this hasn't been tested/confirmed by anyone else and even SKFU himself pretty much have "moved on" from it.

He only wanted to make mention of the bug finding itself, but (in my opinion) it's safe to place this on the back burner now as none of the other Devs are interested/plan to follow-up on this either.

If anyone does, feel free to share your findings... but chances are most share the same thoughts as PSPSwampy and kakarotoks stated above on it.

Reply With Quote
Reply

« Previous Thread | Next Thread »
Thread Tools

Powered by vBulletin® Version 3.8.4
Copyright ©2000 - 2010, Jelsoft Enterprises Ltd.
Search Engine Friendly URLs by vBSEO 3.0.0
vBulletin Skin developed by: vBStyles.com
© 2010 PlayStation 3 News
Register to Remove Ads!






PS3 News - Contact Us - Archive - Top