Dismiss Notice

BEWARE of IMPOSTERS, posing as the PS3Xploit Members/Team:


  -PS3Xploit does NOT have a discord channel, some imposter are using one
 

  -If the info can't be found on ps3xploit.com or psx-place.com its fake
 

  -ZuKuTo / OFWModz is one of the fake names of these imposter's are using to represent the PS3xploit team.

 

 

WebKit ROP Chain Tutorials [Creation/Editing/Debugging] - PS3 Development

Discussion in 'PS3Xploit DeV / PoC' started by esc0rtd3w, Dec 18, 2017.

  1. 29
    10
    32
    PS3 SUPERSLIM (OFW) -_-

    PS3 SUPERSLIM (OFW) -_- Member

    Joined:
    Dec 10, 2017
    Messages:
    29
    Likes Received:
    10
    Trophy Points:
    32
    Gender:
    Male
    Is It Possible!!!
     
  2. 1,186
    2,852
    397
    esc0rtd3w

    esc0rtd3w Developer

    Joined:
    Mar 10, 2017
    Messages:
    1,186
    Likes Received:
    2,852
    Trophy Points:
    397
    Gender:
    Male
    Occupation:
    Hacker
    Location:
    OHIO, USA
    Home Page:
    this would again require directory r/w working afaik...maybe one day :-p
     
    Apostol likes this.
  3. 1,581
    1,702
    297
    pink1

    pink1 Moderator Developer

    Joined:
    Feb 25, 2015
    Messages:
    1,581
    Likes Received:
    1,702
    Trophy Points:
    297
    Gender:
    Male
    You can make a pdb and a blank file the size a pkg on the ps3 to use the bdu to download pkgs from a server.
    I thought maybe that could be helpful for moving large pkgs from a computer using rop. I'm thinking if they wanted to someone could even make a tool to do this for all of the files in a folder.
     
    ErikPshat and esc0rtd3w like this.
  4. 1,186
    2,852
    397
    esc0rtd3w

    esc0rtd3w Developer

    Joined:
    Mar 10, 2017
    Messages:
    1,186
    Likes Received:
    2,852
    Trophy Points:
    397
    Gender:
    Male
    Occupation:
    Hacker
    Location:
    OHIO, USA
    Home Page:
    Last edited: Mar 9, 2018
    Yugonibblit and amaandeep.nz like this.
  5. 142
    58
    82
    PattrickH

    PattrickH Member

    Joined:
    Feb 22, 2018
    Messages:
    142
    Likes Received:
    58
    Trophy Points:
    82
    Gender:
    Male
    Location:
    Bullworth Academy
    FAIL
     
  6. 17
    2
    57
    Yasich217

    Yasich217 Member

    Joined:
    Mar 11, 2018
    Messages:
    17
    Likes Received:
    2
    Trophy Points:
    57
    Gender:
    Male
    Tell me Please, how to move file (do not copy) on OFW via pett
     
    Last edited: Mar 22, 2018
    esc0rtd3w likes this.
  7. 1,186
    2,852
    397
    esc0rtd3w

    esc0rtd3w Developer

    Joined:
    Mar 10, 2017
    Messages:
    1,186
    Likes Received:
    2,852
    Trophy Points:
    397
    Gender:
    Male
    Occupation:
    Hacker
    Location:
    OHIO, USA
    Home Page:
    well, a MOVE is just a COPY+DELETE_SOURCE_FILE

    there is no chain to do so yet, but could be easily added
     
  8. 17
    2
    57
    Yasich217

    Yasich217 Member

    Joined:
    Mar 11, 2018
    Messages:
    17
    Likes Received:
    2
    Trophy Points:
    57
    Gender:
    Male
    Thanks.

    And why I can not copy download_list.xml, which is located in /dev_flash/vsh/resource/explore/xmb/download_list.xml and files d0.pdb, d1.pdb by the path dev_hdd0 / vsh / task / 00000002 /. They are copied to dev_usb000, but the file size is 0 bytes. Mounting dev_flash as dev_blind I did.
     
  9. 435
    287
    97
    junaid

    junaid Member

    Joined:
    Dec 30, 2014
    Messages:
    435
    Likes Received:
    287
    Trophy Points:
    97
    Occupation:
    SHOWING DE WAY
    Location:
    Uganda
    you need to set the right size
     
    esc0rtd3w likes this.
  10. 17
    2
    57
    Yasich217

    Yasich217 Member

    Joined:
    Mar 11, 2018
    Messages:
    17
    Likes Received:
    2
    Trophy Points:
    57
    Gender:
    Male
    The size I learn through function in pett getFileSize and it I interpose at copying.
     
  11. 1,186
    2,852
    397
    esc0rtd3w

    esc0rtd3w Developer

    Joined:
    Mar 10, 2017
    Messages:
    1,186
    Likes Received:
    2,852
    Trophy Points:
    397
    Gender:
    Male
    Occupation:
    Hacker
    Location:
    OHIO, USA
    Home Page:
    yes the Get Filesize Chain will report correct size for source

    run new rw file chain and input that size and paths, should work
     
  12. 17
    2
    57
    Yasich217

    Yasich217 Member

    Joined:
    Mar 11, 2018
    Messages:
    17
    Likes Received:
    2
    Trophy Points:
    57
    Gender:
    Male
    Does not work.
    Does not work only with USB devices.
    When moving file to hdd0, everything is fine and the file size is correct.
    But when moving file to an external drive, the file size is 0 bytes and it has attributes - hidden, archive, read only.

    You can send me the files that are in the folder /dev_hdd0/vsh/task/00000002/ ?

    I need them to study the background download of packages on the official firmware version.

    I also learned that if you decrypt ssl, https traffic when connecting to psn, then you make not modify these files (d0.dbd). Because if on the Sony site in the account to put some kind of game to download, then the console will receive these data when it is connected and create the task for downloading. And if you replace the Sony response for the console, you can put any file on the download without modifying the firmware files. And only change the response of the server.
     
  13. 17
    2
    57
    Yasich217

    Yasich217 Member

    Joined:
    Mar 11, 2018
    Messages:
    17
    Likes Received:
    2
    Trophy Points:
    57
    Gender:
    Male
    And it seems to me that the latest version does not find offsets and does not allow executing the chain.
    I downloaded from your repository with the latest changes.
     
  14. 1,581
    1,702
    297
    pink1

    pink1 Moderator Developer

    Joined:
    Feb 25, 2015
    Messages:
    1,581
    Likes Received:
    1,702
    Trophy Points:
    297
    Gender:
    Male
    @Yasich217 To add something to the background downloads you only need 1 pdb file and a file the same size and name as the fie your downloading. I've not messed with trying to write any rop for it. If I ever get time I'd like to play around with it more.
     
    esc0rtd3w and DeViL303 like this.
  15. 17
    2
    57
    Yasich217

    Yasich217 Member

    Joined:
    Mar 11, 2018
    Messages:
    17
    Likes Received:
    2
    Trophy Points:
    57
    Gender:
    Male
    I will review the psn server responses to replace the response and specify my data to download the file.
     
  16. 6,923
    8,224
    797
    DeViL303

    DeViL303 Developer PSX-Place Supporter

    Joined:
    Jan 23, 2016
    Messages:
    6,923
    Likes Received:
    8,224
    Trophy Points:
    797
    Occupation:
    Part-Time XMB Modder
    Location:
    Ireland
    That might be interesting research, but I'm not sure if that method is much use for users on OFW, as we can redirect to our own pkgs now by using XML code like this:
    Code:
    <View id="download_package_main">
     <Attributes>
     <Table key="download_package">
     <Pair key="info"><String>net_package_install</String></Pair>
     <Pair key="pkg_src"><String>http://www.path_to_pkg_here.pkg</String></Pair>
     <Pair key="pkg_src_qa"><String>http://www.path_to_pkg_here.pkg</String></Pair>
     <Pair key="content_name"><String>pkg_install_pc</String></Pair>
     <Pair key="content_id"><String>UP0100-CONTENTID_00-0000000000000000</String></Pair>
     <Pair key="prod_pict_path"><String>/dev_flash/vsh/resource/explore/icon/fah-xmb.png</String></Pair>
     </Table>
     </Attributes>
     <Items>
     <Item class="type:x-xmb/xmlnpsignup" key="download_package" attr="download_package"/>
     </Items>
     </View> 
    The fact that the pdb method requires a blank file, the same size as the file you want to download, makes it a little bit hard to use in a practical way. The only advantage to exploiting the pdb method would be that it enables background download
     
    esc0rtd3w and Yasich217 like this.
  17. 17
    2
    57
    Yasich217

    Yasich217 Member

    Joined:
    Mar 11, 2018
    Messages:
    17
    Likes Received:
    2
    Trophy Points:
    57
    Gender:
    Male
    Thank you. I am already familiar with this method.
    This is the problem that there is no background downloads. I want to realize it.
     
    DeViL303 likes this.
  18. 6,923
    8,224
    797
    DeViL303

    DeViL303 Developer PSX-Place Supporter

    Joined:
    Jan 23, 2016
    Messages:
    6,923
    Likes Received:
    8,224
    Trophy Points:
    797
    Occupation:
    Part-Time XMB Modder
    Location:
    Ireland
    That would be great. Good luck with your research.
     
    esc0rtd3w likes this.
  19. 20
    4
    7
    V1CT0R PS3

    V1CT0R PS3 Forum Noob

    Joined:
    Mar 5, 2018
    Messages:
    20
    Likes Received:
    4
    Trophy Points:
    7
    Gender:
    Male
    Hi I would like to copy files from the pendrive and put them in: dev_hdd0 / game / BLUS31156 / USRDIR /
     
  20. 1,186
    2,852
    397
    esc0rtd3w

    esc0rtd3w Developer

    Joined:
    Mar 10, 2017
    Messages:
    1,186
    Likes Received:
    2,852
    Trophy Points:
    397
    Gender:
    Male
    Occupation:
    Hacker
    Location:
    OHIO, USA
    Home Page:
    So do it then!!
     
    amaandeep.nz likes this.

Share This Page