PS4 News on Facebook! PS4 News on Twitter! PS4 News on YouTube! PS4 News RSS Feed!

Home PS4 News - Latest PlayStation 4 and PS3 News

February 25, 2009 // 8:15 pm - Update: It's now confirmed as a fake guys.

Today Spanish PS3 Developer DemonHades has announced news that they may have decrypted the Sony PS3 HDD. We will update the 'rumor' status of this when more questions are answered of course.

Several PS3 Devs including NDT are currently investigating whether the method can be repeated in other PS3 consoles, or just for one console only (possibly brute-forced?) as it's already known the key differs between each.

Below is a picture of a font on the PS3 decrypted, followed by some preliminary (roughly translated) details:

The key is 512bytes is a sha1-4096 (512 bytes per sector). The key is xoreada own... To be sure it was not a simple xor as speculation... text still appears ... /cell_mw_cfs and more text:

PspSaveData tb

The method I can/should I even say it is very close to an update could change the key or decryption/encryption. The first is to investigate all of its content and then go looking at what interests us is that we have to go 40gbs decoding one by one and is not easy.

But since you said that all the published info that this method allows for and is something that decode the hdd, as advice... I will not make an actualizar. It's about read PS3 hdd content (512 bytes xored key has been decoded), by the moment this means that hard disk content could be read, but not all info about this have been revealed.

Rumor: PlayStation 3 Hard Disk Drive Decrypted?

Follow us on Twitter, Facebook and drop by the PS3 Hacks and PS3 CFW forums for the latest PlayStation 3 scene and PS4 Hacks & JailBreak updates with PlayStation 4 homebrew.

#12 - idone - February 26, 2009 // 1:24 am
idone's Avatar
Quote Originally Posted by PS3 News View Post
Ya, the issue is according to CJPC everything 'shown' thus far is present and accessable with a Debug console.

this was my concern when i spoke with him also about the file posted in their news being one easily dump'd from a debug...i have seen other hex shots and he assures me it is being done on retail.

#11 - PS4 News - February 26, 2009 // 1:17 am
PS4 News's Avatar
Quote Originally Posted by idone View Post
i spoke with DemonHades the other day before this was posted here and he told me this is repeatable on more than one console and is indeed real and and being done on retail consoles.

Ya, the issue is according to CJPC everything 'shown' thus far is present and accessable with a Debug console.
Quote Originally Posted by idone View Post
To be honest i would rather see the method withheld until something more can be done than to just decrypt the hdd.

I don't think you'll have to worry about that, it's been the word all day pretty much.

#10 - idone - February 26, 2009 // 1:06 am
idone's Avatar
Sorry i have been gone all day but to let you all know i spoke with DemonHades the other day before this was posted here and he told me this is repeatable on more than one console and is indeed real and and being done on retail consoles.

To be honest i would rather see the method withheld until something more can be done than to just decrypt the hdd.

#9 - adrianc1982 - February 25, 2009 // 11:49 pm
adrianc1982's Avatar
Im mexican if you need any translation I can do it too. Ill stick to the forums as much as I can to translate if needed. Today Im going to see ironmaiden but ill be back around 1 or 2am central time.

All this was posted by demonhades in the last 2 days..
Como vemos muestra la ruta no solo de redireccion(como dije hace muxo tiempo) si no que se ven los certificados de autentificacion y validacion junto con la key del juego para que ps3 lo ejecute.


As we can see we didnt only get the redirection route(like I said a long time ago) this also shows the autentification and validation certificates with the game key for the ps3 to execute.

ummmmm el metodo no lo puedo/debo de decir aun porque esta muy proxima un update que podria cambiar el tipo o clave de descifrado/cifrado.

Lo primero es investigar todo su contenido y luego ir mirando lo que nos interesa,son 40gbs que hay que ir descifrando uno por uno y no es cosa facil jajajja

Pero ya os comento que se publicara toda la info que este metodo permita y sea para algo mas que descifrar el hdd,como consejo.........yo no voy a actualizar.cada uno que haga lo que crea conveniente.

1saludo y paciencia

hmmm.. the method I can't/should'nt tell because theres an update coming soon that could change the type of key to decrypt/crypt.

First thing to do is investigate all the content and look for what could interest us, its 40gbs of things that need to be decrypted one by one and thats not an easy thing to do hahaha

But let me tell you that all the info this method shows will be published and lets hope its for something else than to decrypt the hdd, take my advise and do not update, let everyone do what they see fit.

Paciencia es pronto llevamos 3 dias dia y noche sin parar de hacer pruebas,formateos,extracciones etc

todo a su debido momento

Patience its still soon we only have 3 days wokring day and night without stoping making tests, formats and extractions etc.

everything at its due time.

Esta investigacion lleva ya tiempo,hace 2 aņ empece en teknoconsolas y en eol(eol chapo el hilo por ser una tonteria)hay esta el resultado de trabajar sin cesar en lo que te interesa y te gusta....

This investigation has already time on the works, 2 years ago we started in teknoconsolas and eol(I give the link for being a waste of time) theirs the result of working without stoping in something that we are interested and we like.

Previously ifcaro also said:

como q cual es una fuente? :confundido: :confundido:

lo q quiero decir esq deduzco q los datos de la imagen son de una fuente tipografica al haber palabras como Font y Bold xd

EDITO: concretamente "SCE-PS3 NewRodin JPNBold"

What do you mean by what is a font?

What I mean is that I can make out the things of the image are from a typography font because there are words like font and bold XD

Edit: to be specific "SCE-PS3 NewRodin JPNBold"

Demonhades also says...

Bueno para dar mas detalles:

La key es de 512bytes

es una sha1-4096(512bytes por sector)

La propia clave esta xoreada....

Para que quede claro que no a sido un simple xor como se especula.....

Okay to give more details:

The key is a 512bytes key

its a sha1-4096(512 per sector)

The key is xored

To make it clear it hasnt been a simple xor like its believed

Edit: Sorry but the automerge post is making the post difficult to read...

Ifcaro is posting pictures apparently extracted from the hard drive of what he is finding. like the resistance picture.

#8 - zaror1992 - February 25, 2009 // 11:29 pm
zaror1992's Avatar
Hi im a native spanish speaker so you can send me the text to be translated.

#7 - CJPC - February 25, 2009 // 11:21 pm
CJPC's Avatar
To channel a favourite TV detective...

Here's the thing.. SHA1 is a one way cryptographic function, once its hashed, it can not be "decrypted" by any known key, short of either having the original, unencrypted data to then re-encrypt and compare, or essentially brute-forcing it, its only going in one direction.

In which case, the PS3 would not use SHA1 "Encryption" to encrypt the files on the hard disk, as there would be no plausible way of decrypting them. Not to mention the fact that, yet again, its creates a hash, it doesn't do any "encryption" per-se.

Yes, the PS3 does use the SHA1 hash function in other areas, but more as a "checksum", to ensure data has not been tampered with, not as an encryption.

Take AES for example, a "two way" system, data can be both encrypted, and decrypted "at will", but straight SHA1 is just a hash, nothing more!

#6 - DigiMax - February 25, 2009 // 10:47 pm
DigiMax's Avatar
SHA1 can be used to break an encryption ONLY if you are debugging the code and capture enough packets to generate the hash table. this takes ALOT of time and alot of data movement. once you have the hash table its easy to get the hash routine.

SHA1 = 160bit/512bit blocks
SHA512 = 512bit/1024bit blocks... if he PS3 HDD was SHA-512, it won't be getting decrypted anytime in your lifetime, perhaps not even in your childs lifetime. even SHA-256 most likely won't get broken AND you can't tell the difference between SHA-1 AND SHA-256 algos, especially if the data is padded.

#5 - PS4 News - February 25, 2009 // 9:54 pm
PS4 News's Avatar
Thanks and +Rep nelak! Glad to see I'm not alone, although I don't speak any Spanish so it's nice to have someone 'here' who can help if any of the Google-fied translations posted are inaccurate.

#4 - nelak - February 25, 2009 // 9:49 pm
nelak's Avatar
I speak spanish, so if you want I can translate, it's really hard to follow the thread in demonhades, and it would really help the translation if he wrote better, hehe. Feel free to send me the text and I'll translate

#3 - PS4 News - February 25, 2009 // 9:30 pm
PS4 News's Avatar
Here are a few more pics.. with some more Google-translated Spanish
As you can see, the route not only of redirection (like i said many times) but also the certificates of authentication and validation along with the PS3 Game Key.

In reply to NDT's question there: i'm writing in english because i can't understand spanish at all. can someone explain me if the HDD has been decripted using a method that can be repeated in other consoles or just for 1 console only? (maybe is was just brute-forced or something like that).
The method has to be valid for all, because all do the same function, apart from that.. I understood that certificates were kept in the flash, sony detect that flash were decoded and moved them to hdd, sony ... and now where going to put them?

If anyone can do better translations feel free.