(adsbygoogle = window.adsbygoogle || []).push({}); I'm looking for someone with some knowledge of the p2p packet data format for PS4, specifically in party chats.

I would like to know where in the packet hex sequence for the PSN name is stored. I haven't been able to find any pattern in my packet body dumps that would indicate a username. I understand these names are likely hashed, I just need a place to start.

I made my own sniffer for Linux/Mac and username functionality is the last feature I really want to add. There doesn't seem to be any public information on this subject so I was hoping someone here could help.


Here is an example of 3 packets I picked up from a friend:

    

FF 84 FF 1F FF 1F 96 E9 AC F5 6F E6 2B A1 D7 63 43 EB C5 AF 92 3B 5B 39 61 74 7A 31 7A C2 45 15 60 F9 55 A9 1E 48 87 5F DB 3E A7 82 AF 9E 36 3C 1B 50 AC 24 EE 1F 54 E7 06 9E F5 8C 2F 6C F4 42 29 0C 44 E0 B3 1C 1C 66 80 8B 4C B6 C1 15 3F 77 2A 43 54 AD DD 8E 92 12 25 CB D3 74 5A A1 E0 9E B1 B4 92 D7 2E 8F 83 BA 5D 90 76 F2 5C A5 E6 51 14 6D CA 28 3A 90 3D 5C 3C A8 49 72 BC C2 D7 6D B2 40 4D 3E 64 70 BD 5C 83 BC B0 8B EF 76 77 1A B8 32 CA DA 22 6B A1 22 D8 C3 AB 1C 29 00 4C AA C0 45 97 F0 42 E3 BA 19 11 D0 80 C3 83 E0 0B B0 D6 57 EA C4 F0 C5 C3 27 F4 B3 2E A8 6F 2C F8 5A F2 93 DD FE D3 B5 D4 BC 4D 8E 16 F8 A1 D2 CD 3F B2 F3 F3 4F 53 AE 1C 95 50 63 D3 9A 01 D7 FE 74 7F 3B 7D F1 CA E4



FF 84 FF 1F FF 1F 5B 5C 1D D3 02 DE 18 18 8B C5 B4 07 07 FF B0 66 B7 BA 1D 2F BA 6A 32 25 C1 9E 7A BA F3 9E F6 19 82 2D EC 76 31 34 7A 99 05 46 72 C0 42 08 D9 55 75 B6 53 1F 28 CE 1C 14 C0 5A 5F C3 89 62 7D E6 9A CF B6 14 6A 01 77 91 66 97 D4 1F 89 96 C3 9D 51 5C 29 BE 48 C4 92 4B 02 DC A2 39 EF 29 31 B4 28 E1 A6 D0 A5 71 0F 92 6F CA EA 1A 10 B7 77 9B D5 1E 89 C6 0B CD 58 A0 2F 34 41 14 25 CE B0 A5 2A 21 D1 EA 1D C9 16 E8 28 71 E2 90 6E 5C ED 12 A4 7D A6 85 41 42 FB 94 A8 06 19 20 53 44 13 BA AD 17 93 B1 E4 D0 73 34 4A 7A 60 B5 1D DD 06 0D 74 B1 1A 69 50 38 AE 4A 2B 33 34 FE 78 FB 30 9C 87 BB 43 52 C9 75 A7 32 48 07 05 A0 7F D6 78 A7 11 9F B4 18 E5 30 EB 96 A8 D0 F3 E2 8D 76 45 1B



FF 84 FF 1F FF 1F 40 A7 B0 34 B2 27 D3 47 26 72 40 25 CE CE 34 82 E7 20 E4 B8 C3 FB 12 BA 43 9D 2C 34 EB 2D 83 87 3E 3F F9 5C 2A 25 4C 16 0E 1A 83 F3 B6 70 B7 7C EE 8C FF FE 34 42 7C FB F2 54 18 04 02 D5 09 37 8F 5F 56 F7 31 F6 7E D2 D7 53 25 2A 69 99 12 E3 A4 9E 23 3E 50 22 01 62 ED 77 1A DF C8 ED 83 6F F0 E1 3F E8 63 B4 1F 9D A1 E5 F6 BF 3C EA 0B 26 27 6F 37 0A 0C 8A E1 0C EB 94 56 7A DC 6A F0 73 55 6B 17 01 0F 0D 28 C2 62 93 54 0C F0 C5 F1 0F A2 5D 85 D8 E6 9B D5 F3 75 9A 00 96 40 8E DC A9 DD E3 90 7F 5F 71 B8 6E DE 95 84 A1 BD 94 16 AF 40 08 9B 0B 1B 51 FA FA D1 46 52 B9 CA 75 FE DB 80 F3 26 E2 4F 63 65 81 DB 1D F1 DF 90 AC 87 66 8B 07 20 58 1C A6 A7 B8 7A 70 60 7F EF 05 B6 0A

for Console Sniffer
I got a problem called
C:\cslog\rik
anyway to fix this plz thx

Only reason someone would want i.p. and username is to boot people offline, which means that you are shit. If that is the reason, throw your ps4 in the trash because someone who boots people offline dont deserve to play the game.

It's not always about booting when pulling someone's IP maybe he just wants there GEO location for a specific person. Also who are you to say he doesn't deserve to play?

I guess reading and spelling isnt a strong point for you. I said , if you boot people offline, you dont deserve to play. Please read alittle better. Common sense would tell you that the only reason for someone to want an i.p. and geo location is to boot. What other reason would someone want this information? Common sense ... smh....

You finally work it?

Nice work finding patterns in the hex. There are similarities between each packet which shows a formula to it which could be tracked. Unfortunately they are hashed(doubt Sony would go to the work of making it encrypted, and it looks salted. How these programs do their thing today is by breaking the protected connection from the target to the PSN server. Arp poisoning is used to change the targets mac address and to redirect them to a server that reveals their ip, something else must be done to associate the username. I believe they have bots that crawl PSN servers cache and gets it from there and links it with the ip using arp and packet sniffing. You can compare two capture files in linux, using Tcpdump, and it'll give you a count of how many times an IP reached you use -vvv to put the entire packet contents in the file allowing you to match hashs too. I believe usernames rest on cache and databases now. Once the connection is made though through a fake query possibly the username is revealed, that is if the PSN server is handling all the hashing/checking of incoming connections and is no longer in the equation.

If their hash is unique then you could use a program like they have on linux to compare the two files for similarities and to drop those into a file for you. That why it won't matter if they change their ip if you have a unique hash. Cap the person in 2 lobbies and if you get big hits than that person you thought it was, was. You can get the username using social engineering and by process of elimination and finding matches in multiple lobbies with the same person.