Editing Talk:Consoleban

Jump to navigation Jump to search
Warning: You are not logged in. Your IP address will be publicly visible if you make any edits. If you log in or create an account, your edits will be attributed to your username, along with other benefits.

The edit can be undone. Please check the comparison below to verify that this is what you want to do, and then publish the changes below to finish undoing the edit.

Latest revision Your text
Line 1: Line 1:
discussion regarding console ban / cfw signature  
discussion regarding console ban / cfw signature http://www.ps3hax.net/showthread.php?t=64709


copied verbatim [http://www.ps3hax.net/member.php?u=209887&s=6794429936d81ad37541c09aeddeeac4|Flatz] [http://www.ps3hax.net/showthread.php?t=64709|PS3Hax.net Discussion]
copied verbatim [http://www.ps3hax.net/member.php?u=209887&s=6794429936d81ad37541c09aeddeeac4|Flatz]
Information regarding bans
Information regarding bans


     Hi, guys. Several days ago I've worked on the SSL traffic decryption used in communication with PSN
     Hi, guys. Several days ago I've worked on the SSL traffic decryption used in communication with PSN and have got some interesting information regarding the way how can Sony determine consoles with non original console ID. Well, it is just a theory but the principle laid in it can be used to ban your spoofed console with 100% probability. So my words can be read as "If I worked at Sony, I would use this information for banning people". A new algorithm will show you that buying another console ID to use with your console is not safe anymore and I think that all purchased console IDs will be useless soon. Okay, let's start.
    and have got some interesting information regarding the way how can Sony determine consoles with non original console ID.
    Well, it is just a theory but the principle laid in it can be used to ban your spoofed console with 100% probability.
    So my words can be read as "If I worked at Sony, I would use this information for banning people".
    A new algorithm will show you that buying another console ID to use with your console is not safe anymore
    and I think that all purchased console IDs will be useless soon. Okay, let's start.


     At October 23rd, 2012, Sony releases a new firmware for Playstation 3 (version 4.30) which includes only few changes if you've read its changelog.
     At October 23rd, 2012, Sony releases a new firmware for Playstation 3 (version 4.30) which includes only few changes if you've read its changelog. But now I know that they have introduced a new hidden feature which allows them to determine if you are legal user or not. It is compared with the code which some games like "Call of Duty" use to tell Sony that you are using a custom firmware. Sony did some changes at the algorithm for PSN authorization. You can remember that they use PSN passphrase to log into their network and you also should know that they are sending your console ID in a HTTP query. And now they use two passphrases; a new passphrase is encoded with base64 and is sent via custom HTTP header ("X-I-5-Passphrase"). If you'll try to decode it then you'll see that it have a size of 512 bytes which are looks as random data. It is encrypted per console data and it is different each time you log into a network. It includes a random header, your user ID, console ID, two ECDSA signatures from the first section of EID0 (I remind you that the first ECDSA signature used at lv1ldr to check if your console is converted from CEX to DEX manually which causes a brick) and account ID. Besides that, data is hashed with SHA-256 algorithm and encrypted with AES-128-CBC. Using random header and CBC mode of operation gives them an unique passphrase each time.
    But now I know that they have introduced a new hidden feature which allows them to determine if you are legal user or not.
    It is compared with the code which some games like "Call of Duty" use to tell Sony that you are using a custom firmware.
    Sony did some changes at the algorithm for PSN authorization.
    You can remember that they use PSN passphrase to log into their network and you also should know that they are sending your console ID in a HTTP query.
    And now they use two passphrases; a new passphrase is encoded with base64 and is sent via custom HTTP header ("X-I-5-Passphrase").
    If you'll try to decode it then you'll see that it have a size of 512 bytes which are looks as random data.
    It is encrypted per console data and it is different each time you log into a network.
    It includes a random header, your user ID, console ID, two ECDSA signatures from the first section of EID0
    (I remind you that the first ECDSA signature used at lv1ldr to check if your console is converted from CEX to DEX manually which causes a brick) and account ID.
    Besides that, data is hashed with SHA-256 algorithm and encrypted with AES-128-CBC.
    Using random header and CBC mode of operation gives them an unique passphrase each time.


     Now Sony can use the following simple algorithm on their server to check your console's legality:
     Now Sony can use the following simple algorithm on their server to check your console's legality:
Line 29: Line 13:
     3. If steps above are okay then your console ID is legal.
     3. If steps above are okay then your console ID is legal.


     They didn't made a mistake in ECDSA signature computation for EID0 so we are unable to get a private key to generate custom signatures.
     They didn't made a mistake in ECDSA signature computation for EID0 so we are unable to get a private key to generate custom signatures. But if you have an access to EID root key and EID0 section of another console then you can decrypt its EID0 and grab all neccessary data from it. In such case you can generate a spoofed passphrase but you need some sort of runtime memory patching to replace original passphrase with the new one. Or you can try to replace signatures and console ID inside decrypted EID0 section of your console and then encrypt it back. But I doubt that any purchased console IDs came with EID root key.
    But if you have an access to EID root key and EID0 section of another console then you can decrypt its EID0 and grab all neccessary data from it.
    In such case you can generate a spoofed passphrase but you need some sort of runtime memory patching to replace original passphrase with the new one.
    Or you can try to replace signatures and console ID inside decrypted EID0 section of your console and then encrypt it back.
    But I doubt that any purchased console IDs came with EID root key.


     The last thing I want to talk about is does Sony actually use this method at the moment or they are waiting for something?
     The last thing I want to talk about is does Sony actually use this method at the moment or they are waiting for something? Maybe they collect all information and will start to ban people in the future? I don't know and I doubt that someone else knows about it. For example, they can use this method and start to ban people when they are playing some games after several days/weeks/months, etc.
    Maybe they collect all information and will start to ban people in the future? I don't know and I doubt that someone else knows about it.
    For example, they can use this method and start to ban people when they are playing some games after several days/weeks/months, etc.
Please note that all contributions to PS3 Developer wiki are considered to be released under the GNU Free Documentation License 1.2 (see PS3 Developer wiki:Copyrights for details). If you do not want your writing to be edited mercilessly and redistributed at will, then do not submit it here.
You are also promising us that you wrote this yourself, or copied it from a public domain or similar free resource. Do not submit copyrighted work without permission!

To protect the wiki against automated edit spam, we kindly ask you to solve the following hCaptcha:

Cancel Editing help (opens in new window)
Retrieved from "http://www.psdevwiki.com/ps3/Talk:Consoleban"