Difference between revisions of "IDPS"

From PS3 Developer wiki
Jump to: navigation, search
m
m (Undo revision 54766 by 186.224.88.195 (talk))
(Tag: Undo)
 
(6 intermediate revisions by 6 users not shown)
Line 1: Line 1:
The IDPS is a 16 byte value that contains console specific information. Exactly what information this stores is not completely known.
+
The IDPS is a 16 bytes value that contains console specific information. Exactly what information this stores is not completely known.
  
 
= Structure =
 
= Structure =
Line 11: Line 11:
 
    (Internal:Product Code)   (Internal: Product Sub Code)
 
    (Internal:Product Code)   (Internal: Product Sub Code)
 
</pre>
 
</pre>
6th byte represents your [[Target ID]]
+
6th byte represents [[Target ID]]
  
8th byte represents your [[SKU_Models|PS3 Model]] <!--//note CECHAxx is type 0x01 and CECHBxx is type 0x02 both uses a COK-001 motherboard... and... CECH-25xx models are type 0x0B with 2 possible motherboards: JSD-001 or JTP-001//-->
+
8th byte represents [[SKU_Models|SKU Model]] <!--// Note that CECHAxx is type 0x01 and CECHBxx is type 0x02 but they both have a COK-001 motherboard... (Changing 0x02 to 0x01 in CECH-B will enable wifi options in menu. But there is still missing hardware), and at the opposite... CECH-25xx models are type 0x0B but with 2 possible motherboards: JSD-001 or JTP-001//-->
  
9th and 10th byte : <abbr title="(0x1400 &gt;&gt; 0xA) = 5d or 0x1400h thus 1010000000000b then shift the pointer left by 0xDh resulting in 101b or 0x5h">chassis check</abbr>
+
9th byte : <abbr title="To convert it to Chassis revision, right shift it by 2 : (0x14 &gt;&gt; 0x2) = 0x5">chassis check</abbr>
  
The IDPS can be found in EID0 and EID5, see [[Flash:Encrypted_Individual_Data_-_eEID#EID0|Flash]] (NAND @ 0x80870 / NOR @ 0x2F070)
+
The IDPS can be found in EID0 and EID5, see [[Flash:Encrypted_Individual_Data_-_eEID#EID0|Flash]] (NAND @ 0x80870 / NOR @ 0x2F070).
  
 
Displayed under setting information on MultiMan or on registry/application_persistent file inside playstation Store folder (as DeviceID).
 
Displayed under setting information on MultiMan or on registry/application_persistent file inside playstation Store folder (as DeviceID).
  
== idpstealer ==
+
== idpstealer (patched since FW 4.70 and deprecated since ps3exploit)==
 
<div style="border-width: 1px; border-style:dashed; border-color:#000000; padding: 10px; background-color:#FFFFFF; color:#000000; ">
 
<div style="border-width: 1px; border-style:dashed; border-color:#000000; padding: 10px; background-color:#FFFFFF; color:#000000; ">
Privet, PS3 fans! Once KaKaRoTo published his backup tool I’ve decided to bring a way of getting a console ID (IDPS) to the community. It can be used on OFW/CFW firmware and you don’t need any additional software/hardware installed on your PS3.
+
From flatz: Privet, PS3 fans! Once KaKaRoTo published his backup tool I’ve decided to bring a way of getting a console ID (IDPS) to the community. It can be used on OFW/CFW firmware and you don’t need any additional software/hardware installed on your PS3.
  
 
However there are several cons about releasing:
 
However there are several cons about releasing:
 
# A big company will fix it in the next firmwares.
 
# A big company will fix it in the next firmwares.
# It can be used to steal other people’s IDs if you have an access to their consoles.
+
# It can be used to steal other people’s IDPS if you have an access to their consoles.
  
And it seems this is the only method of getting console ID without using hardware solutions on the moment. So please, if you want to get an IDPS from your console then do it as fast as possible because I think this method won’t work in the nearly future.
+
And it seems that this is the only method of getting ConsoleId without using hardware solutions on the moment. So please, if you want to get an IDPS from your console then do it as fast as possible because I think this method won’t work in the nearly future.
  
 
How it works:
 
How it works:
IDPstealer works as a proxy server and intercepts all network traffic (including SSL traffic via HTTPS over HTTP tunneling) and it tries to get IDPS from it. It doesn’t contains any malicious code and can be safely used like any other proxy server.
+
IDPStealer works as a proxy server and intercepts all network traffic (including SSL traffic via HTTPS over HTTP tunneling) and it tries to get IDPS from it. It doesn’t contains any malicious code and can be safely used like any other proxy server.
 
</div>
 
</div>
  
Line 48: Line 48:
 
https://dl.dropboxusercontent.com/u/35197530/zip/idpstealer.7z
 
https://dl.dropboxusercontent.com/u/35197530/zip/idpstealer.7z
  
http://pastie.org/private/wlakfucps3bc21dfuosdtg
+
https://web.archive.org/web/20160309135920/http://pastie.org/private/wlakfucps3bc21dfuosdtg
  
* This method no longer works because now Sony uses '''Open PSID''' instead of '''IDPS''' although the key/algorithm remains the same.
+
* This method no longer works because now Sony uses '''OpenPSID''' instead of '''IDPS''' although the key/algorithm remains the same.
* This should work also on PS4 and PSP2/PSVita, but with a different key (not known/public atm)
+
* This should work also on PS4 and PSVita, but with a different key (not known/public atm)
  
 
{{Flash}}
 
{{Flash}}
{{File Formats}}<noinclude>[[Category:Main]]</noinclude>
+
{{Development}}<noinclude>[[Category:Main]]</noinclude>

Latest revision as of 17:13, 1 November 2019

The IDPS is a 16 bytes value that contains console specific information. Exactly what information this stores is not completely known.

Structure[edit]

  
                              Chassis Check
                                  ⇓  ⇓                    
00000000  00 00 00 01 00 89 00 0B 14 00 EF DD CA 25 52 66  .....‰....ïÝÊ%Rf
                         ⇑     ⇑
                 Target ID     PS3 Model type
    (Internal:Product Code)   (Internal: Product Sub Code)

6th byte represents Target ID

8th byte represents SKU Model

9th byte : chassis check

The IDPS can be found in EID0 and EID5, see Flash (NAND @ 0x80870 / NOR @ 0x2F070).

Displayed under setting information on MultiMan or on registry/application_persistent file inside playstation Store folder (as DeviceID).

idpstealer (patched since FW 4.70 and deprecated since ps3exploit)[edit]

From flatz: Privet, PS3 fans! Once KaKaRoTo published his backup tool I’ve decided to bring a way of getting a console ID (IDPS) to the community. It can be used on OFW/CFW firmware and you don’t need any additional software/hardware installed on your PS3.

However there are several cons about releasing:

  1. A big company will fix it in the next firmwares.
  2. It can be used to steal other people’s IDPS if you have an access to their consoles.

And it seems that this is the only method of getting ConsoleId without using hardware solutions on the moment. So please, if you want to get an IDPS from your console then do it as fast as possible because I think this method won’t work in the nearly future.

How it works: IDPStealer works as a proxy server and intercepts all network traffic (including SSL traffic via HTTPS over HTTP tunneling) and it tries to get IDPS from it. It doesn’t contains any malicious code and can be safely used like any other proxy server.

Usage: idpstealer.exe [options] <idps file>
Options:
-p <port number> - Port to listen on (default: 1337
-h               - Show this help
Arguments:
<idps file>      - Output file for IDPS
C:\>idpstealer.exe idps.bin
Starting proxy server on 192.168.1.13:1337
IDPS have been successfully written to: idps.bin

https://dl.dropboxusercontent.com/u/35197530/zip/idpstealer.7z

https://web.archive.org/web/20160309135920/http://pastie.org/private/wlakfucps3bc21dfuosdtg

  • This method no longer works because now Sony uses OpenPSID instead of IDPS although the key/algorithm remains the same.
  • This should work also on PS4 and PSVita, but with a different key (not known/public atm)