THREAD: [PS3] CFW Ban Counter Measures
  1. 02-11-2013, 04:47 AM
    BuC-ShoTz's Avatar
    BuC-ShoTz
    TeamMvKâ?¢
    BuC-ShoTz's Avatar
    BuC-ShoTz
    TeamMvKâ?¢
    807
    Posts
    17,372
    Reputation
    Jan 2009
    NextGenUpdate
    This does NOT stop you from being BANNED for MODDING!!!!
    Treyarch scans your PS3 Folders, Do not have these folders on your PS3 when you run Black Ops 2 from CFW.
    And for you DEX users look at the last one...

    /dev_hdd0/game/BLES80608
    /dev_hdd0/game/TOGGLEQAF
    /dev_hdd0/GAMES
    /dev_blind
    /dev_hdd0/game/SDISABLER
    /dev_hdd0/game/BLND00001
    /dev_hdd0/game/VEBUSPOOF
    /dev_hdd0/game/HTSS00003
    /app_home/PS3_GAME


    Offset(h) 00 01 02 03 04 05 06 07 08 09 0A 0B 0C 0D 0E 0F


    018BA300 2F 64 65 76 5F 68 64 64 30 2F 67 61 /dev_hdd0/ga
    018BA310 6D 65 2F 42 4C 45 53 38 30 36 30 38 00 00 00 00 me/BLES80608....
    018BA320 2F 64 65 76 5F 68 64 64 30 2F 67 61 6D 65 2F 54 /dev_hdd0/game/T
    018BA330 4F 47 47 4C 45 51 41 46 00 00 00 00 2F 64 65 76 OGGLEQAF..../dev
    018BA340 5F 68 64 64 30 2F 47 41 4D 45 53 00 2F 64 65 76 _hdd0/GAMES./dev
    018BA350 5F 62 6C 69 6E 64 00 00 2F 64 65 76 5F 68 64 64 _blind../dev_hdd
    018BA360 30 2F 67 61 6D 65 2F 53 44 49 53 41 42 4C 45 52 0/game/SDISABLER
    018BA370 00 00 00 00 2F 64 65 76 5F 68 64 64 30 2F 67 61 ..../dev_hdd0/ga
    018BA380 6D 65 2F 42 4C 4E 44 30 30 30 30 31 00 00 00 00 me/BLND00001....
    018BA390 2F 64 65 76 5F 68 64 64 30 2F 67 61 6D 65 2F 56 /dev_hdd0/game/V
    018BA3A0 45 42 55 53 50 4F 4F 46 00 00 00 00 2F 64 65 76 EBUSPOOF..../dev
    018BA3B0 5F 68 64 64 30 2F 67 61 6D 65 2F 48 54 53 53 30 _hdd0/game/HTSS0
    018BA3C0 30 30 30 33 00 00 00 00 2F 61 70 70 5F 68 6F 6D 0003..../app_hom
    018BA3D0 65 2F 50 53 33 5F 47 41 4D 45 e/PS3_GAME


    Last edited by BuC-ShoTz ; 02-11-2013 at 04:58 AM.

  2. The Following 32 Users Say Thank You to BuC-ShoTz For This Useful Post:

    , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

  3. 02-20-2013, 03:34 PM
    Legend_Armour_'s Avatar
    Legend_Armour_
    LEGENDARY ASSASSIN
    Legend_Armour_'s Avatar
    Legend_Armour_
    LEGENDARY ASSASSIN
    292
    Posts
    805
    Reputation
    Dec 2010
    NextGenUpdate
    so has anyone been banned with this yet, im on my last console id which has lasted about 2 weeks by staying completely off blops 2 and tbh blops 1 is horrible now
  4. 02-20-2013, 09:56 PM
    Agent_LSD's Avatar
    Agent_LSD
    Vault dweller
    Agent_LSD's Avatar
    Agent_LSD
    Vault dweller
    562
    Posts
    2,138
    Reputation
    Aug 2010
    NextGenUpdate
    Fantastic info! Props to Buc yet again!! Treyarch is scanning the most commonly used directories by CFW, so the trick is to customize yours to something that no one else would possibly use. Eventually though I'm sure they'll just scan the entire disk end to end. "Technically" what they are doing is illegal, however, being that we aren't supposed to see what they are doing if we filed a lawsuit they could then turn around and pull the DMCA violation, copyright, hacking, etc... plus those homo's have more money than most 3rd world countries backing them... Reminds me of the old Sony Malware that was dumped onto PC's back in the day to detect bootleg music cds.
  5. 02-21-2013, 09:45 AM
    Ghost Rolly's Avatar
    Ghost Rolly
    I am error
    Ghost Rolly's Avatar
    Ghost Rolly
    I am error
    83
    Posts
    4,561
    Reputation
    Dec 2010
    NextGenUpdate
    Originally Posted by patastinky View Post
    First....Isn't there an app that will delete your "boot" history or whatever the name of the "temp" file that stores all your information which SONY has access too. I remember early on in the CFW days there was a PKG you could run that would remove said history from your ps3.

    Secondly. Why not just copy all of those directories into (1) directory "> /dev_usb/New Folder/". Once your done doing whatever it is that you wanted to do online; simply copy it back to its original directory..? If they are scanning for those folders simply relocating them is better then deleting them, no? It would be very troublesome to have to re-install games/content once you've deleted.


    /dev_hdd0/game/BLES80608 > /dev_usb/New Folder/
    /dev_hdd0/game/TOGGLEQAF > /dev_usb/New Folder/
    /dev_hdd0/GAMES > /dev_usb/New Folder/
    /dev_blind > /dev_usb/New Folder/
    /dev_hdd0/game/SDISABLER > /dev_usb/New Folder/
    /dev_hdd0/game/BLND00001 > /dev_usb/New Folder/
    /dev_hdd0/game/VEBUSPOOF > /dev_usb/New Folder/
    /dev_hdd0/game/HTSS00003 > /dev_usb/New Folder/
    /app_home/PS3_GAME > /dev_usb/New Folder/


    You can backup them, but the thing is /app_home/PS3_GAME ...
    dev_hdd0/GAMES can be moved to dev_usb000/GAMES LoL
    And, we (DEX users) can't we boot things from PC ?
  6. 02-21-2013, 01:14 PM
    BuC-ShoTz's Avatar
    BuC-ShoTz
    TeamMvKâ?¢
    BuC-ShoTz's Avatar
    BuC-ShoTz
    TeamMvKâ?¢
    807
    Posts
    17,372
    Reputation
    Jan 2009
    NextGenUpdate
    Originally Posted by Rolly View Post
    we (DEX users) can't we boot things from PC ?


    yes thats what app_home is for
    try naming your folder /app_home/NOT_PS3_GAME.

    theres also other things you can do in the elf to prevent them from getting your info.
    they do collect mac address, psid, console id too

    also they may have added more checks in the 1.07 update, i havent checked yet
    Last edited by BuC-ShoTz ; 02-21-2013 at 01:18 PM.

  7. The Following User Thanked BuC-ShoTz For This Useful Post:


  8. 02-21-2013, 04:21 PM
    Tustin's Avatar
    Tustin
    Balls of Steel
    Tustin's Avatar
    Tustin
    Balls of Steel
    5,462
    Posts
    310,646
    Reputation
    May 2008
    NextGenUpdate
    Originally Posted by Rolly View Post
    You can backup them, but the thing is /app_home/PS3_GAME ...
    dev_hdd0/GAMES can be moved to dev_usb000/GAMES LoL
    And, we (DEX users) can't we boot things from PC ?

    Yeah, that's what i did with my games folder :p. Still don't know how to combat the app_home though.
  9. 02-21-2013, 05:18 PM
    iOdysseus's Avatar
    iOdysseus
    Bounty hunter
    iOdysseus's Avatar
    iOdysseus
    Bounty hunter
    160
    Posts
    1,583
    Reputation
    May 2012
    NextGenUpdate
    Y'all do know that TreyArch monitor forums like this right? Asking BuC-ShotZ for everything isn't a smart idea. Just fucking rename your folders. However what TreyArch could do IS:

    They could make a signature (maybe MD5 easier but signature more stronger) of CFW files. This way renaming it won't work. They'll just scan the signature across the PS3. Which instead is what Sony could do. Add a little more detection in there and a way to prevent client-side modification from changing the results if a bad signature was found.
  10. 03-10-2013, 01:14 AM
    n/a
    Posts
    n/a
    Reputation
    Once upon a time...
    NextGenUpdate
    Anyone know if app_home folder is on OFW hard drive?Ive custom stealthed everything else,thanks
  11. 03-20-2013, 06:04 PM
    592
    Posts
    1,881
    Reputation
    Dec 2010
    NextGenUpdate
    Originally Posted by xModderzxHD View Post
    thanks bug shotz


    dude thats spelled wrong but honestly it sounds badass "bug shotz" Im not trolling, its bad ass lol.
  12. 06-29-2013, 08:02 PM
    15
    Posts
    30
    Reputation
    Jan 2013
    NextGenUpdate
    Originally Posted by ShoTz View Post
    yes thats what app_home is for
    try naming your folder /app_home/NOT_PS3_GAME.

    theres also other things you can do in the elf to prevent them from getting your info.
    they do collect mac address, psid, console id too

    also they may have added more checks in the 1.07 update, i havent checked yet


    If I fully understand what you said there.... the simplest solution is edit the list of suspicious directories directly in the BO2's EBOOT.ELF file. Then Resign it with SCETOOL and run that (your own modded / safe'd EBOOT.BIN binary) instead of the official BO2 EBOOT.BIN.

    It makes a lot of sense, because you can't sensibly do away with the /app_home folder. Believe me, I went through all the SPRX and even the VSH & LV2 Kernel of my Rebug CFW. You can actually rename "/app_home" to any other string with the same number of characters. eg "/ps3_home" which was the name I plumped for in this little experiment... and many games will continue to work fine. I tested about 10 games or so but 2 of them didn't properly work anymore and came up with a bizarre trohpy error... Certain games internally expect the "/app_home" folder actually being called "/app_home"... including Mass Effect 1. I think the other game was Killzone 2. Obviously I have quite a limited collection of games so couldn't exhaustively test any further. It was enough to discover the general nature of the problem.

    Unless you want to cripple certain other games (or some of the future games you have not played yet) then renaming of "/app_home" in reality is off the table. And therefore eliminated.

    Leaving about 4 possible solutions:

    * Rename Bubba's list of suspicion folders in the BO2's ELF file. Presumably in the way mentioned above ^^.

    * Find the branch in the bytecode of ELF before that list is rung up... And stop the problem at the source. Eg skip over or modify the CFW checks. Might be rather difficult to find without some proper DEX runtime debugging and step-though (I certainly don't have set up).

    * Find the place where your IDPS and other info is being reported back to Treyach. Presumably in the ELF also... or where Peek/Poke is being detected... and replace that with fake console info / or disable entirely. So that way whatever checks the game uses to detect it's a CFW console, it doesn't matter. Since it tries but can't successfully phone home the necessary info back to TreyArch servers.

    * Run each time the BO2 PSN Tool that disables PEEK/POKE and other cool anti-BO2 measures.... Might forget.

    There are some interesting avenues to pursue. They assumed that everything is found there in the main BO2 ELF / runtime files. That may not be the reality however.

    Personally, I wasn't able to successfully decrypt the original (presumably v1.00) EBOOT.BIN off the Duplex BO2 torrent. Some scetool error. My scetool is working 100%. I'm sure of it. But maybe there is some layer of additional game-specific decryption for the BO2 binary program (runtime) files... Anyway it's not really expected for these people to leave it in plain sight directly in the main ELF file.

    Don't have the full BO2 to play with. But might download the latest game update and try to poke around in again in that one... Probably be unsuccessful (again).
    Last edited by afzoo3gen ; 06-29-2013 at 10:58 PM.