Ok tryed AES decrypt on the file you have posted but i got a bad file header error message.I will search for other crypting tools and try the other crypting algos too.
And also i will try the tool that would be used for samy tv's.
Ok tryed AES decrypt on the file you have posted but i got a bad file header error message.I will search for other crypting tools and try the other crypting algos too.
And also i will try the tool that would be used for samy tv's.
Last edited by cfwprophet; 10202011 at 05:06 PM Reason: Automerged Doublepost
Looks like it only decrypts files encrypted with aescrypt...
So I'll teach a lil bit about AES ...
AES stands for Advanced Encryption Standard made by the U.S. Government blah blah blah...
This is what the decipher is:
AES is based on a design principle known as a Substitution permutation network. It is fast in both software and hardware. Unlike its predecessor, DES, AES does not use a Feistel network.
AES has a fixed block size of 128 bits and a key size of 128, 192, or 256 bits, whereas Rijndael can be specified with block and key sizes in any multiple of 32 bits, with a minimum of 128 bits. The blocksize has a maximum of 256 bits, but the keysize has no theoretical maximum.
AES operates on a 4×4 columnmajor order matrix of bytes, termed the state (versions of Rijndael with a larger block size have additional columns in the state). Most AES calculations are done in a special finite field.
The AES cipher is specified as a number of repetitions of transformation rounds that convert the input plaintext into the final output of ciphertext. Each round consists of several processing steps, including one that depends on the encryption key. A set of reverse rounds are applied to transform ciphertext back into the original plaintext using the same encryption key.
Highlevel description of the algorithm
 KeyExpansion—round keys are derived from the cipher key using Rijndael's key schedule (found here: http://en.wikipedia.org/wiki/Rijndael_key_schedule )
 Initial Round
 AddRoundKey—each byte of the state is combined with the round key using bitwise xor
 Rounds
 SubBytes—a nonlinear substitution step where each byte is replaced with another according to a lookup table.
 ShiftRows—a transposition step where each row of the state is shifted cyclically a certain number of steps.
 MixColumns—a mixing operation which operates on the columns of the state, combining the four bytes in each column.
 AddRoundKey
 Final Round (no MixColumns)
 SubBytes
 ShiftRows
 AddRoundKey
The SubBytes step
In the SubBytes step, each byte in the matrix is updated using an 8bit substitution box, the Rijndael Sbox. This operation provides the nonlinearity in the cipher. The Sbox used is derived from the multiplicative inverse over GF(28), known to have good nonlinearity properties. To avoid attacks based on simple algebraic properties, the Sbox is constructed by combining the inverse function with an invertible affine transformation. The Sbox is also chosen to avoid any fixed points (and so is a derangement), and also any opposite fixed points.
The ShiftRows step
The ShiftRows step operates on the rows of the state; it cyclically shifts the bytes in each row by a certain offset. For AES, the first row is left unchanged. Each byte of the second row is shifted one to the left. Similarly, the third and fourth rows are shifted by offsets of two and three respectively. For the block of size 128 bits and 192 bits the shifting pattern is the same. In this way, each column of the output state of the ShiftRows step is composed of bytes from each column of the input state. (Rijndael variants with a larger block size have slightly different offsets). In the case of the 256bit block, the first row is unchanged and the shifting for second, third and fourth row is 1 byte, 3 bytes and 4 bytes respectively—this change only applies for the Rijndael cipher when used with a 256bit block, as AES does not use 256bit blocks.
The MixColums step
In the MixColumns step, the four bytes of each column of the state are combined using an invertible linear transformation. The MixColumns function takes four bytes as input and outputs four bytes, where each input byte affects all four output bytes. Together with ShiftRows, MixColumns provides diffusion in the cipher.
During this operation, each column is multiplied by the known matrix that for the 128 bit key is
The multiplication operation is defined as: multiplication by 1 means leaving unchanged, multiplication by 2 means shifting byte to the left and multiplication by 3 means shifting to the left and then performing xor with the initial unshifted value. After shifting, a conditional xor with 0x11B should be performed if the shifted value is larger than 0xFF.
In more general sense, each column is treated as a polynomial over GF(28) and is then multiplied modulo x4+1 with a fixed polynomial c(x) = 0x03 · x3 + x2 + x + 0x02. The coefficients are displayed in their hexadecimal equivalent of the binary representation of bit polynomials from GF(2)[x]. The MixColumns step can also be viewed as a multiplication by a particular MDS matrix in a finite field. (This is further explained here: http://en.wikipedia.org/wiki/Rijndael_mix_columns )
The AddRoundKey step
In the AddRoundKey step, the subkey is combined with the state. For each round, a subkey is derived from the main key using Rijndael's key schedule; each subkey is the same size as the state. The subkey is added by combining each byte of the state with the corresponding byte of the subkey using bitwise XOR.
Optimization of the cipher
On systems with 32bit or larger words, it is possible to speed up execution of this cipher by combining SubBytes and ShiftRows with MixColumns, and transforming them into a sequence of table lookups. This requires four 256entry 32bit tables, which utilizes a total of four kilobytes (4096 bytes) of memory—one kilobyte for each table. A round can now be done with 16 table lookups and 12 32bit exclusiveor operations, followed by four 32bit exclusiveor operations in the AddRoundKey step.
If the resulting four kilobyte table size is too large for a given target platform, the table lookup operation can be performed with a single 256entry 32bit (i.e. 1 kilobyte) table by the use of circular rotates.
Something Else
Test vectors are a set of known ciphers for a given input and key. NIST distributes the reference of AES test vectors as AES Known Answer Test (KAT) Vectors (in ZIP format)
Using a byteoriented approach, it is possible to combine the SubBytes, ShiftRows, and MixColumns steps into a single round operation.
Here's something I found on this:
Good luck.
Well... those links...
Not sure about that. They can use AES and have changed the header a bit. Like Nintendo do for .wad files and sony for .pkg files which both will be linuxunix standarts since years.
I have found a tool named Cryptool and analyzed the file alot but no luck after all, since we have no idea about the key. Anyway, I have other news.
I have talked to SamyGo guru. The debug port I have found does not use RS232. It is something else. On the bright side, this time, I have found the RS232 ports of the controller chips.
U_RS232_RXD
U_RS232_TXD
Pin numbers 96 and 97 on page 88. Connector name CN5000, CHIP name IC5000.
Look at that picture I have taken: http://www.ps4news.com/forums/attach...chmentid=31502
You can clearly see the 6 pins left side of the chip. Two of them have trace. Those two traces are U_RS232_RXD and U_RS232_TXD, enoguh to get RS232 to work. Now it says 3.3V standby. I think I need to keep the TV in standby mode so that the board will have enoguh current for the rs232 port and the chips to operate.
I will take a look at this tomorrow. The weekend is here!
Great i'm waiting with patience for you to have progress on this. I'm here if you need help for something.
RS232 thing is a little bit risky. I gotta adjust the voltages right so that I won't fry anything. I am talking to other guys. I will inform you when something new happens.
Allright guys. After looking for a needle in the haystack, I have finally found the port, with the help of the SamyGo project leader erdem. Here are the brand new info. Finally, we have an aim.
The port is named DTT. Probabbly stands for Debug Test System, Debug Test Target.
It's an 18 pin port but we are not going to use all of them:
And it's at the back side of the PCB //doh
I even had a picture of it when I opened the TV up back then, how could I know it was the right port
Port name: CN5502 177466751 CONNECTOR, FFC/FPC 18P
Ok guys I need help here. I can not connect RS232 directly to the debug port. That's why I have ordered a USB/TTL converter.
CP2102 based USB/RS232 Transfer circuit
Now the question is, there are 3 GND pins on the port:
http://www.ps4news.com/forums/attach...chmentid=31536
How will I do the wiring? One for M_UART0_RX, another for M_UART0_TX, GND to pin 11 GND.
Do I have to connect 3.3V pin to port 5? Port 14? Or both?
If I was doing this, I would have attached to both of them, seems like enough grounding for 3.3. But I'm a slacker when it comes to hardwarethings, so you may not bother listening to me before someone else, more qualified answers you
Awesome progress, BTW, that thing what you're doing, it's cool.

