Talk:Seeds

From PS3 Developer wiki
Revision as of 03:48, 21 November 2013 by Anonymous (Privacy policy)
Jump to navigation Jump to search

Further Help on finding the crypto ocurrences in N's twitter (and other ones aswell)

It is necessary to do some investigation, and these things might help:

  • unselfing every self possible and seek for hardcoded data inside the elf
  • read the metadata of the self using readself(2) and encoded print_hash function
    • print_hash accepts two parameters (offset,length) where offset is where you want to localize the position and length is the lenght printed in bytes
  • reverse engineering (whoever is capable of this and wants to give it a try is welcome to do so)

If i wasn't dumb to look for this, then certainly you, whomever you are, are not, and you're welcome to give it a shot at this :)

Good Luck

Theory about EID1 and EID4

  • EID4 shows the omac of the decrypted values in plain form when in encrypted state

example:

ENCRYPTED

AA F3 F9 3F CB 2C 10 97 C1 24 6A C7 1B 72 79 0B 
88 B1 00 0E 9B 0D 95 A3 D7 3E 3E 9C 6F 40 32 D0 
04 33 3E 57 7E 1C ED 87 FA 92 56 09 28 48 34 31

DECRYPTED

02 0F 2A 40 2F 6B 0F 38 47 CB AC 2A B2 E1 5B D9 
C1 BC 45 64 6D C5 E7 DB 51 3A 4C B7 FF 7B 4E F3

the 3rd 16 byte value in the encrypted section is the hash in cmac-mode of the decrypted 32 bytes

  • the same happens in EID1

assuming this, are we safe to say eid1 is ALREADY decrypted OR does it contain aditional crypto layers? if it IS decrypted, what is inside it? they're exactly 640 bytes. that'd give room to 40 16 byte keys or 10 64 byte seeds.