Page 8 of 10 FirstFirst ... 789 ... LastLast
Results 71 to 80 of 97

Thread: New idea for multiple exploits..

  1. #71
    jd200 Guest


    is there like a video guide you can make how to setup hardware to use and config to sniff ps3 packets then we can inspect info.

  2. #72
    denunes Guest
    wired i don't know how. wireless i will say use linux tools, there are many.

  3. #73
    ionbladez Guest
    Hey guys, I've been running multiple packet sniffers (through Wifi), -- that SSL packet that was uploaded to this thread, I've caught that very same packet before, and I can't get it again.

    If we can hot-edit this packet to match some servers, we can fake the *.*.* BS.

    I've caught it once, somehow I believe I was using wireshark, but I've used that, net tools (all of the packet sniffers) etc,.

    I can't seem to get it again, I think it may be a cold-boot thing, that's all I haven't tried yet, but this could be a sweet key to let non-debug unit users download pkg's from the PSN store in the links section.

    I'll keep you guys posted.

  4. #74
    LABO2LOGAN Guest


    I hope that will help!
    Very interesting link...

    Some urls : (主控幾個 server)


  5. #75
    DemonSeed Guest
    Nice info LABO2LOGAN.

    For those asking about sniffing packets on the ps3, there are two things to note. You may arpspoof and sslstrip for the ssl packets, everything else you will have to sniff tcp/udp traffic incoming/outgoing from ps3 ip via your gateway or whatever. Good luck and let us know if anyone comes across the directory structure.

  6. #76
    ionbladez Guest
    I'm already working on this.
    It seems the PS3 is like a standard computer (when it comes to networking).

    It chooses a random port to connect FROM to the server.
    Also, the ns00(>05) are in fact secure file servers, I've tried to load it in the browser and gets me nowhere: but I'm sure it does nothing but store game updates, etc;.

    This is all I got from the stream: ..:...Q.1!""
    .launchmodem.1#...........launchmodem.....1#...... .....launchmodem.....................1 ..:...Q.1!! ..:...Q.1$$
    hostmaster.>..mD..Q...*0..:...Q.1'...........120.2' om.1( .D..x1)*,}..1)...........8*,,...tag*...........10,, L.1** ?? What?
    Never seen that, will look into this. seems it's a cross-server authentication system or something.

    I've just actually tried to open it in Firefox (https://):
    It's definitely a SSL server.
    So this must be under some secure BS (if you know what I mean).

    Something is hidden here, and it's not cupcakes.
    All I am seeing is an "Under Construction" Page, clearly copied from a microsoft template (idiots!).

    I've messed around a bit more and found this: ..:...Q.1!""
    .launchmodem.1#...........launchmodem.....1#...... .....launchmodem.....................1 ..:...Q.1!! ..:...Q.1$$
    hostmaster.>..mD..Q...*0..:...Q.1'...........120.2' om.1( .D..x1)*,}..1)...........8*,,...tag*...........10,, L.1**}Cf11...........7, ..:...Q.

    Obviously this is definitely a file server (as I thought!).
    I'll snoop around a bit, and get back with some good info.

  7. #77
    DemonSeed Guest
    contextweb is one of those ad based things (alternative to adsense). They do contextual and behavioural targeting for ads etc on dynamic pages (advertising sales, publishing services, business development, marketing, finance related stuff).

  8. #78
    ionbladez Guest
    I figured as much, the PS3 wasn't requesting anything from that site.

    Anyways, I have yet to get my hands tapping the keyboard - My experience with SSL is pure $HI+.

    I was thinking maybe something simple in Vb.Net (2.0)
    Make a program that can intercept the packets, and edit them live before transfer.
    I know this concept seems a bit out of mind (it definitely is..)
    But a theory is there, and needs to be tested.

    Anyone have and source codes for SSL, examples; maybe?
    Thanks in advance.

    I don't wanna mess with Visual C#.
    That's a pain.

  9. #79
    DemonSeed Guest
    Well I am currently working on a cross platform alternative proxy solution (currently the windows version works properly compared to the others, the linux version has a gtk problem and the mac version has a messed up gui which is easily fixable) and still trying to find a way to display ssl in cleartext format.

    It still has a long way to go but right now I'm trying to get it to spit out the encrypted data to sslstrip and it has problems with it [sslstrip is giving me a code 400, or at least something is]. Capturing the encrypted traffic is no problem on my end via the proxy - sslstrip seems to be either interpreting my data wrong or I don't know what. Still messing with it. If you program you could use something like the komodia sdk to display the ssl data in clear text. Will let you know if anything proper comes out of it or I might have to just setup bt3 and do mitm on it.

    Here's a screenshot of a work in progress:

  10. #80
    ionbladez Guest
    Nicely done, you mind sharing your source with me? I wouldn't mind helping.
    I'm good with text manipulation and conversion as well as tcp/ip works.

    Doesn't matter what language it's in, I'm highly adaptable, and if necessary I could convert it over to or

    Up to you, send me a PM .

    *or current test program, I could work something out if you already have the right stuff setup.

    Well, I've been thinking: since the Hypervisor is nothing but a core in the CELL;
    We need to get cracking on the processor itself.

    Maybe it's easier than we actually think and are told.
    This can't be something too hard to crack into.
    We need to probe between the CPU and the chip that contains the keys.

    Sorry, it's not in my topic, but it's an idea.

Page 8 of 10 FirstFirst ... 789 ... LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts