Talk:Seeds

From PS3 Developer wiki
Revision as of 17:45, 14 February 2014 by Zecoxao (talk | contribs) (→‎sc_iso)
Jump to navigation Jump to search

Further Help on finding the crypto ocurrences in N's twitter (and other ones aswell)

It is necessary to do some investigation, and these things might help:

  • unselfing every self possible and seek for hardcoded data inside the elf
  • read the metadata of the self using readself(2) and encoded print_hash function
    • print_hash accepts two parameters (offset,length) where offset is where you want to localize the position and length is the lenght printed in bytes
  • reverse engineering (whoever is capable of this and wants to give it a try is welcome to do so)

If i wasn't dumb to look for this, then certainly you, whomever you are, are not, and you're welcome to give it a shot at this :)

Good Luck

Theory about EID1 and EID4

  • EID4 shows the omac of the decrypted values in plain form when in encrypted state

example:

ENCRYPTED

AA F3 F9 3F CB 2C 10 97 C1 24 6A C7 1B 72 79 0B 
88 B1 00 0E 9B 0D 95 A3 D7 3E 3E 9C 6F 40 32 D0 
04 33 3E 57 7E 1C ED 87 FA 92 56 09 28 48 34 31

DECRYPTED

02 0F 2A 40 2F 6B 0F 38 47 CB AC 2A B2 E1 5B D9 
C1 BC 45 64 6D C5 E7 DB 51 3A 4C B7 FF 7B 4E F3

the 3rd 16 byte value in the encrypted section is the hash in cmac-mode of the decrypted 32 bytes

  • the same happens in EID1

assuming this, are we safe to say eid1 is ALREADY decrypted OR does it contain aditional crypto layers? if it IS decrypted, what is inside it? they're exactly 640 bytes. that'd give room to 40 16 byte keys or 10 64 byte seeds.

Other undocumented crypto stuff

sc_iso

k1: 3B050A7CA2961582228EE8029E4159D5
k2: C367A9AA6A166128B794883E61588B48
pub: 97A66090C2B61AC166162FBD85652EF3D3C040A81A9F7BD51006DD1D3F3E2E2B726F985014577D4B

sb_iso

k1: 2B05F7C7AFD1B169D62586503AEA9798
k2: 74FF7E5D1D7B96943BEFDCFA81FC2007
k3: 30479D4B80E89E2B59E5C9145E1064A9
k4: 64E30D19A16941D677E32EEBE07F45D2