Thread: Proof of giulio's fake
Proof of giulio's fake
I hate to do thinks like this, but i think it's right to clear all the dub.
Everybody remember that string:
[HeX][de 7f 35 e6 52 d8 34 ef 20 da 6b 9a 24 a8 87 84] = Hello, *** World
After some days this was changed a little a giulios transform this in:
[HeX][de 7f 35 e6 52 d8 34 ef 20 da 6b 9a 24 a8 87 84] = Hello, RC4 World
and post a script in perl into another forum whit some little difference here. He assume that this string is the proof that he is able to write date into ps3 hdd.
I say that this is the proof that i don't nothing about this infact i invite all the person expecially who beleave in him to see that link:
We can see the same script censored in part by him and at the end of the page the same string. This page show only an example of RC4 algo in a perl script. and giulio when know that RC4 was present in ps3 crypt(information may be received from other) found this and post like his discovery.
I want to inform all about this fake (SLUMP 2) i call. And i want to tell everybody that the idea of giulio about backup it's nice. Me and my Team are strongly working in that way, we done a lot of test and now we know much bettere how ps3 create a backup and a part of content of the files from backup (archive;archive_00;archive2;archive2_00)
Everything it's crypted but we now were stored config music picture demo savegame. But just now we aren't able to decrypt (may be we now the algo used for crypt) and in this moment we haven't found an exploit.
With our test the different type of injection give different resoult. but we now for sure that the file archive_00 do not contain pkg and it's wrong to inject pkg there.
In conclusion for now it's impossible to inject somethink into backup and we gived information about the fake and our test.
Thank for the attention on this. I ask sorry for my english but i'm italian.
01-12-2009 #3Banned User
- Join Date
- May 2008
I'll immediately reply about all this:
1) The RC4 is an Algorithm, so if I say "Hello Wolrd" in the encrypted language there'll be always the same thing.
2) You can't Decrypt .dat files. They're protection it self. You cant open a .dat file without know how it has been created.
and what about your PHP encrypter? It doesn't mean that is not a fake.
1: you off a script like yours was just an example of implementation of RC4 algo
using the keyword mysecret
if you decript the hex code using this key you will see hello, rc4 world
2:Sony don't crypt in RC4 using mysecret and for that reason you can't write in crypted mode onto hdd.
.Dat are crypted and it's not possible to open for now until someone find the key of RC4 or other algo used i think are used more that an algo plus an hash protection for each file.
it is not fake but is impossible on this way.
01-12-2009 #7Banned User
- Join Date
- May 2008
1) I'm sorry but that script it's not an example.
2) Who tell you that SONY don't Crypt using RC4?
Please found some infos because you have confusion in your Head.
As I said you can't open .dat files beacouse of Encryption but because thery're .DAT.
Ok... so it is fake or not? Make up your mind!
About time somebody caught this chum for who he was, I said all along in IRC that it makes no sense how the PS3 would remotely know to unpack a pkg file from a .dat file in the first place. Second when the beta files were posted and my anti virus detected a trojan that kind of blew it too.
I believe what demonhill is trying to say is that backup method he discovered is something that can still be explored but that Giulio is passing off other peoples code as his own. He also believes that there is more than one type of encryption being used, think of multiple layers of encryption possible using 2 different kinds of algo's.
Backup method = still explorable
Giulio so called RC4 decrypt = Fake!