PSN: Difference between revisions
Jump to navigation
Jump to search
| Line 153: | Line 153: | ||
It is one patch for PSN 4.11 IN CFW 3.55 RETAIL Beta using PS3MFW 0.2.1. Use with your responsibility. | It is one patch for PSN 4.11 IN CFW 3.55 RETAIL Beta using PS3MFW 0.2.1. Use with your responsibility. | ||
<pre>} { | <pre>#!/usr/bin/tclsh | ||
# | |||
# ps3mfw -- PS3 MFW creator | |||
# | |||
# Copyright (C) Anonymous Developers (Code Monkeys) | |||
# | |||
# This software is distributed under the terms of the GNU General Public | |||
# License ("GPL") version 3, as published by the Free Software Foundation. | |||
# | |||
# Created By RazorX | |||
# Priority: 700 | |||
# Description: Patch PSN Activator | |||
# Option --allow-activating-psn: PSN Spoof 4.11 (requiere sproof 4.11) | |||
# Type --allow-activating-psn: boolean | |||
namespace eval ::patch_vsh_psn { | |||
array set ::patch_vsh_psn::options { | |||
--allow-activating-psn true | |||
} | |||
proc main { } { | |||
set self [file join dev_flash vsh module vsh.self] | set self [file join dev_flash vsh module vsh.self] | ||
Revision as of 04:48, 22 June 2012
this page needs cleanup and proper formatting
PSN Handshake Signup
Signup Response
Basic structure of the response
0x00: 4 Byte - main header -> 30 00 00 4f
0x04: 4 Byte - size -> 00 5e 00 47
0x08: 8 Byte - ? Identifier, often found before Name/Handle
0x10: 16 Byte - Name/Handle
0x20: 16 Byte - language
0x26: 6 Byte - np: 00 01 00 00 00 sp-int: 00 01 00 00 00 23
0x2a: 4 Byte - {10 5d 00 0b} 0x000b - size of email
0x2e: x Byte - email, here 0b in size
Legend
Main Header xx xx xx ss ss = size
Positive Auth
Auth Reply Structure
0x00: 4 Byte - main header -> 31 00 00 00
0x04: 4 Byte - size -> 00 00 00 d4
0x08: 4 Byte - frame head -> 30 00 00 ac
0x0c: 4 Byte - {00 08 00 14}
0x10: 20 Byte - SIGNATURE -> maybe HMAC/SHA1
0x24: 4 Byte - {00 01 00 04}
0x28: 4 Byte - ? 00 00 00 01 (cfr) or 00 00 01 00 (me & nks) (???)
0x2c: 4 Byte - {00 07 00 08}
0x30: 8 Byte - Timestamp (Login Time)
0x38: 4 Byte - {00 07 00 08}
0x3c: 8 Byte - Timestamp (Login Expiry)
0x44: 4 Byte - {00 02 00 08}
0x48: 8 Byte - Identifier *
0x50: 4 Byte - {00 04 00 20}
0x54: 32 Byte - Name/Handle
0x74: 4 Byte - {00 08 00 04}
0x78: 4 Byte - language
0x7c: 4 Byte - {00 04 00 04}
0x80: 4 Byte - ???
0x84: 4 Byte - {00 08 00 18}
0x88: 24 Byte - service ID
0xa0: 4 Byte - {30 11 00 04}
0xa4: 4 Byte - ??? 07 and 3 undef
0xa8: 4 Byte - {00 01 00 04}
0xac: 4 Byte - ??? 2 undef and 02 00
0xb0: 8 Byte - 30 10 00 00 00 00 00 00
0xb8: 4 Byte - frame head -> 30 02 00 20
0xbc: 4 Byte - {00 08 00 04}
0xc0: 4 Byte - Network: NP: 34 CD 3C A9 SP/QA: B8 2F CB 09
0xc4: 4 Byte - {00 08 00 14}
0xc8: 20 Byte - SIGNATURE -> maybe HMAC/SHA1
- Often found before Name/Handle, assigned at signup and store at first 8 byte of cache
- * Seems to be the same for the same for every console, differs for others
Size xx xx xx ss ss = message size
Frame Head [xx yy ss ss] xx = 30 yy = unknown. maybe frame number ss = framesize in hex
Limiter {xx xx ss ss} xx = unknown ss = data size in hex
Timestamps
These are Timestamp:
X = 00 00 01 2f 31 ff a0 58h -> 1302213927000d
The X / 1000 = seconds since 1970, so this date is 08.04.2011
PHP to easy recheck:
$timestamp = 1302010662000 / 1000;
date("d.m.Y",$timestamp);
It's just Miliseconds.
Profile Settings
Request
On finalize auth ps3 request profile settings is xml based process
request profile with auth encrypted to base64 and sends to a server with this :
Headers:
POST /basic_view/sec/get_self_profile HTTP/1.1 Connection Keep-Alive Content-Length 430 Accept-Encoding identity User-Agent PS3Community-agent/1.0.0 libhttp/1.0.0 Host Url:443
Contents:
<profile platform="ps3" sv="[VERSION"> <ticket>[encrypted with base64 auth handshake]</ticket> <env>[enviroment]</env> <avatar size="l" /> </profile>
nb: [environment] is one of the Environments lowercased
Response
and get profile responses here :
Headers:
HTTP/1.1 200 OK Date Wed, 18 May 2011 08:12:42 GMT Server Apache-Coyote/1.1 Content-Type text/xml;charset=UTF-8 Content-Length 364
Content:
<profile result="00"> <jid>[USERNAME]@[SERVER].[COUNTRY].[ENVIROMENT].URL</jid> <onlinename upd="0">[Nickname on psn]</onlinename> <country>[Country code]</country> <language1>3</language1> <language2 /> <language3 /> <aboutme /> <avatarurl id="1000">[png image url to set avatar display]</avatarurl> <ptlp>0</ptlp> </profile>
- Get profile need's other certicate to auth ssl connection in this case Dnas root 05
PSN Store
PSN INFINITY v2 - Open Beta
App made by SKFU + iQD, source: http://streetskaterfu.blogspot.de/2012/03/psn-infinity-v2-open-beta.html
Dependencies are OpenSSL + VC Redists: http://www.slproweb.com/products/Win32OpenSSL.html
http://www.ps3devwiki.com/files/NP/infinity.zip
PSN PS3MFW TCL 4.11 only PS3 CFW 3.55 - Open Beta
It is one patch for PSN 4.11 IN CFW 3.55 RETAIL Beta using PS3MFW 0.2.1. Use with your responsibility.
#!/usr/bin/tclsh
#
# ps3mfw -- PS3 MFW creator
#
# Copyright (C) Anonymous Developers (Code Monkeys)
#
# This software is distributed under the terms of the GNU General Public
# License ("GPL") version 3, as published by the Free Software Foundation.
#
# Created By RazorX
# Priority: 700
# Description: Patch PSN Activator
# Option --allow-activating-psn: PSN Spoof 4.11 (requiere sproof 4.11)
# Type --allow-activating-psn: boolean
namespace eval ::patch_vsh_psn {
array set ::patch_vsh_psn::options {
--allow-activating-psn true
}
proc main { } {
set self [file join dev_flash vsh module vsh.self]
::modify_devflash_file $self ::patch_vsh_psn::patch_self
}
proc patch_self {self} {
if {!$::patch_vsh_psn::options(--allow-activating-psn)} {
log "WARNING: Enabled task has no enabled option" 1
} else {
::modify_self_file $self ::patch_vsh_psn::patch_elf
}
}
proc patch_elf {elf} {
if {$::patch_vsh_psn::options(--allow-activating-psn)} {
log "Patching [file tail $elf] to allow activating psn content offline"
set offset "0x679E30"
set search "\x39\x39\x2e\x39\x39\x00\x00\x00\x25\x30\x32\x64\x2e\x25\x30\x32\x20"
set replace "\x39\x39\x2e\x39\x39\x00\x00\x00\x30\x34\x2e\x31\x31\x00\x00\x00"
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]"
set offset "0x679E40"
set search "\x64\x00\x00\x00\x00\x00\x00\x00\x73\x70\x2d\x69\x6e\x74\x00\x00"
set replace "\x00\x00\x00\x00\x00\x00\x00\x00\x73\x70\x2d\x69\x6e\x74\x00\x00"
catch_die {::patch_elf $elf $search 20 $replace} "Unable to patch self [file tail $elf]"
set offset "0X6F8400"
set search "\x42\x8A\x8A\x72\x09\x13\x8F\x12\x48\x4E\xA4\xF0\xD0\x4C\xED\xF4"
set replace "\x42\x8A\x8A\x72\x49\xE4\xB5\x6D\x14\xFE\x48\xB9\xD1\x87\x7F\xDF"
catch_die {::patch_elf $elf $search 20 $replace} "Unable to patch self [file tail $elf]"
set offset "0X6F8410"
set search "\xB8\x22\x80\xE4\x3C\xB5\x88\x76\x75\x03\xD5\xEF\xB1\x70\xAA\x19"
set replace "\x1C\xE0\xC6\x21\xA3\x74\x2C\x45\x67\x8B\x69\x4D\x32\xC0\xDC\xD9"
set offset "0X6F8420"
set search "\x4D\x42\x7D\x4F\xCA\xD8\x6C\x5A\x2B\xE0\xC3\x80\x74\x22\x86\x75"
set replace "\x40\x4F\xB8\xF6\x12\xE0\x60\x3C\x37\x20\x9D\x8B\x93\x71\x6C\xD7"
catch_die {::patch_elf $elf $search 0 $replace} "Unable to patch self [file tail $elf]"
set offset "0X6F8430"
set search "\x10\x5D\x40\x99\x63\x01\x38\x06\x79\x59\xB9\x62\x96\x53\xDD\x67"
set replace "\x09\xC8\x20\x21\xD7\xE5\x24\x6A\x36\xBE\xE0\x99\xA1\x0E\x8F\x40"
catch_die {::patch_elf $elf $search 20 $replace} "Unable to patch self [file tail $elf]"
set offset "0X6F8440"
set search "\x7D\x24\x4F\xA3"
set replace "\x0D\x8E\x0D\x95"
catch_die {::patch_elf $elf $search 20 $replace} "Unable to patch self [file tail $elf]"
log "WARNING: activating psn content offline requires reActPSN application" 1
}
}
}