THREAD: fail0verflow! - Sony's ECDSA code
  1. 12-29-2010, 04:08 PM
    manster's Avatar
    manster
    League Champion
    manster's Avatar
    manster
    League Champion
    1,713
    Posts
    5,779
    Reputation
    Apr 2010
    NextGenUpdate
    Hi!
    Featured News from You must login or register to view this content.
    You must login or register to view this content.

    You must login or register to view this content.

    JAILBREAK -> DOWNGRADE -> fail0verflow


    You must login or register to view this content.

    You must login or register to view this content.

    You must login or register to view this content.

    Well the big PS3 Exploit talk is now officially over at the annual 27C3 conference. All the big names in the developer scene world was there giving a one hour talk regarding Sony's EPIC FAIL


    You must login or register to view this content.

    But basically they talked about how the PS3 totally failed in security, by botching the pki implementation it became possible to calculate the keys needed to sign everything. PUBLIC PRIVATE KEYS, and replacing the "revoke-list" with super-large one (overflow) during the bootup NOR flash at startup, giving them full control of the PS3 system.


    The 360 console is now more of secure system then the PS3 after all these years!




    This site was announcend at the conference
    You must login or register to view this content. - Coming Soon
    You must login or register to view this content.
    check this site too
    You must login or register to view this content.


    "The recent advent of these new exploits means current firmware is vulnerable, v3.55 and possibly beyond. It will be very difficult for Sony to fix the described exploits."

    "we can now run unsigned code on an non-exploited PS3."

    @KushanTheCat our goal is to have linux running on all existing PS3 consoles, whatever their firmware versions.

    Our current PS3 goal: AsbestOS.pup

    Myth #1: It took us 3-4 years to do this. Negative, this exploit only took a few months after we started working. We weren't trying before.

    Myth #2: Sony can change keys. No, they can't. These aren't encryption keys, they're signing keys. If they change them GAMES STOP WORKING.

    Clarification #3: The private keys refer to keys that Sony HQ uses. PS3s don't have these keys (but we calculated them due to the fail).

    Clarification #4: the random number isn't 4, it's more like 007eabbb79360e14df1457a4194b82f71a0dc39280 (example). But it's still constant.

    Note: we won't be working long-term on CFW or similar. We'll release tools and a PoC, someone else can take over. The fun part is done Winky Winky

    Myth: Geohot -> Sony pulls OtherOS -> JB -> Fail. Fact: Slim had no OtherOS -> Geohot -> ... . Geohot started his work due to the Slim.

    @You must login or register to view this content. yes, we'll release all our tools as soon as we cleaned them up in january or so.
    Great news for all PS3 User's Smile




    Console Hacking 2010 - Chaos Communication Congress
    Screenshots:
    Spoiler:

    You must login or register to view this content.
    You must login or register to view this content.
    You must login or register to view this content.
    You must login or register to view this content.

    short videos from the conference:
    Spoiler:

    [ame]https://www.youtube.com/watch?v=YbUVgxw1yWc&feature=player_embedded[/ame]
    [ame]https://www.youtube.com/watch?v=GPjd6gHY6A4[/ame]
    [ame]https://www.youtube.com/watch?v=ClnvJe4_u0Q&feature=player_embedded[/ame]

    Full Video
    [ame]https://www.youtube.com/watch?v=hcbaeKA2moE[/ame]
    Splitted in 3 parts:
    Spoiler:

    [ame]https://www.youtube.com/watch?v=X6CA4fqAdsc&feature=player_embedded[/ame]
    [ame]https://www.youtube.com/watch?v=X8ohOy8_XO4&feature=player_embedded[/ame]
    [ame]https://www.youtube.com/watch?v=Eag0VyRTld8&feature=player_embedded[/ame]
    Download full video here (right click -> save as):
    You must login or register to view this content.


    Marcan @ 27C3 Lightning Talk
    [ame]https://www.youtube.com/watch?v=lGI0EnNQ5GE&feature=player_embedded[/ame]


    Have fun watching


    Sources:
    You must login or register to view this content.
    You must login or register to view this content.
    You must login or register to view this content.
    Last edited by manster ; 12-31-2010 at 11:43 PM.

  2. The Following 29 Users Say Thank You to manster For This Useful Post:

    , , , , , , , , , , , , , , , , , , , , , , , , , , , ,

  3. 12-29-2010, 04:15 PM
    Scouse_Dom's Avatar
    Scouse_Dom
    League Champion
    Scouse_Dom's Avatar
    Scouse_Dom
    League Champion
    1,668
    Posts
    635
    Reputation
    Mar 2009
    NextGenUpdate
    Im no pro hacker so this is probably a noob question, but how do we benefit from this??
  4. 12-29-2010, 04:19 PM
    Cyborg Ninja's Avatar
    Cyborg Ninja
    PS3 Security FtW !
    Cyborg Ninja's Avatar
    Cyborg Ninja
    PS3 Security FtW !
    875
    Posts
    1,322
    Reputation
    Aug 2010
    NextGenUpdate
    Originally Posted by Dom View Post
    Im no pro hacker so this is probably a noob question, but how do we benefit from this??


    It seems they have found a way to replicate sony's signature.

    Which correct me if I'm wrong.


    Means stuff like backup manager can be signed and run in non jailbreak mode.

    It could also lead to a number of different other things.
  5. The Following User Thanked Cyborg Ninja For This Useful Post:


  6. 12-29-2010, 04:20 PM
    manster's Avatar
    manster
    League Champion
    manster's Avatar
    manster
    League Champion
    1,713
    Posts
    5,779
    Reputation
    Apr 2010
    NextGenUpdate
    Originally Posted by Dom View Post
    Im no pro hacker so this is probably a noob question, but how do we benefit from this??

    run unsigned code

    we have to wait till the You must login or register to view this content. goes online
    just wait Smile

    graf_chokolo or someone will release this for us in the near future (How To, Tutorial, files we need)


    just news from an EPIC FAIL of Sony :y:
    Last edited by manster ; 12-29-2010 at 04:31 PM.

  7. 12-29-2010, 05:07 PM
    jose2502's Avatar
    jose2502
    Pokemon Trainer
    jose2502's Avatar
    jose2502
    Pokemon Trainer
    84
    Posts
    24
    Reputation
    Feb 2010
    NextGenUpdate
    They said that they will be releasing all this stuff within a month or so
  8. 12-29-2010, 05:18 PM
    spee's Avatar
    spee
    Bounty hunter
    spee's Avatar
    spee
    Bounty hunter
    154
    Posts
    -53
    Reputation
    Jun 2010
    NextGenUpdate
    Originally Posted by Dom View Post
    Im no pro hacker so this is probably a noob question, but how do we benefit from this??


    LinuxOS on any OS Smile
  9. 12-29-2010, 05:26 PM
    jose2502's Avatar
    jose2502
    Pokemon Trainer
    jose2502's Avatar
    jose2502
    Pokemon Trainer
    84
    Posts
    24
    Reputation
    Feb 2010
    NextGenUpdate
    You will be able to run homebrew without a dongle too.
  10. 12-29-2010, 05:28 PM
    Superahm's Avatar
    Superahm
    < ^ > < ^ >
    Superahm's Avatar
    Superahm
    < ^ > < ^ >
    1,109
    Posts
    2,582
    Reputation
    Apr 2010
    NextGenUpdate
    EPIC FAIL! WE WIN! HaX0rZ FTW
  11. The Following 2 Users Say Thank You to Superahm For This Useful Post:

    ,

  12. 12-29-2010, 05:33 PM
    3,630
    Posts
    12,420
    Reputation
    Dec 2009
    NextGenUpdate
    Maybe this is how TheUnkown and hunter did it.
  13. The Following User Thanked FourzerotwoFAILS For This Useful Post:


  14. 12-29-2010, 05:42 PM
    manster's Avatar
    manster
    League Champion
    manster's Avatar
    manster
    League Champion
    1,713
    Posts
    5,779
    Reputation
    Apr 2010
    NextGenUpdate
    new youtube video added Cool Man (aka Tustin)