Post by dlevere on Nov 3, 2012 6:05:42 GMT -4
Following up on all the recent PlayStation 3 Keys leaked, today French developers Kill3r and Winch03200 have made available a POC tool they call Kill3r's PS3 Key Finder with details outlined below.
Download: Kill3r's PS3 Key Finder POC / PS3 Keys Finder BAT Update (0x13-0x1c) / Kill3r's PS3 Key Finder POC (Mirror) / PS3 Keys Finder BAT Update (0x13-0x1c) (Mirror)
Many of you have questioned the ability of the tools to detect the correct pairs key / iv is why, following the leak of key appldr of these days, I release today bat files related keyset 0x13, 0x16, 0x19 and 0x1c for the 182 people who downloaded my PoC before the leak can realize this by themselves the proper functioning of this tool!
Finally, I would like to thank the two unique donors who have supported me in my project PS3 KEYS FINDER and show them all my gratitude: Thank you all 2!
Kill3r: Mini-tutorial:
This is a small PoC (Proof of Concept – proof that it is possible) that allows, among other things find the pair key / iv for EBOOTs games sold commercially (and thus the output patch 3.55). I release this PoC end of July and a few days later the keyset 3.60 was leaked showing that my PoC was indeed functional! After 3 months of silence, I take the release of key appldr to unite many people as possible about this project to no longer depend on a leak!
Below is an interview from PS-Addict.fr:
Kill3r administrator of PS-Addict, a french PS3 Hack Site, is developing PS3 Keys Finder, a project to find 3.60 + Keys, it is like Seti or Folding@Home, it uses computing power in NetWork, therefore, all people can help to find these Holy Keys, even if you know nothing about PS3 Hack...
Currently, the project is only a PoC. He only developed the first part of his project (Client Side).
Here is an interview in order to understand this PoC :
Winch03200 : Can you tell me more about this PoC, what is its function ?
Kill3r : This PoC serves to demonstrate that my PS3 Keys Finder project is viable. Indeed, it determines whether the couples of and passed as parameters, will be allowed or not to decrypt a given EBOOT.BIN. This is the first part - the client side - of my PS3 Keys Finder project. This PoC allows a brute force attack on the last 5 characters of the key so it will test exactly 1048576 key in a few seconds.
Winch03200 : You said that this PoC is only the first part (the client part), what is the second part and can you tell me more ?
Kill3r : The second part - the server side - will host the intelligence of my program. Rather than resorting to a brute force attack that will testing stupidly all possible keys, I prefer generate certain probable keys that will answer more than two dozen different criteria ! Currently I work in parallel on a standalone version - and that will include client & server - and that will be more intended for very large configurations and other super-calculator !
I do not rule out the likely use of cloud computing even though financially I could not take this expense at my charge (I already paid about 300 € to make sure that i can access a supercomputer for the month of August). If patrons or donors wish to me (although it is only 2 € thank you to contact me by MP - again I do not force anyone !
Winch03200 : We know that in the past you have been criticized a lot... So why you release your POC now ? Any particular reason ?
Kill3r : For more than a year, my idea for that project was a lot present in my mind without doing nothing. By this time, I never had the support expected ! I keep it for me and then what? But I prefer to show the direction and try to breathe new life to the scene... (PS3). Some people criticized me for my project even before I've had time to explain how it works, others have told me that I was not a true dev: this PoC is also a response to their criticism.
Winch03200 : Can you find all the 3.60 + keys with the second part ? If so can we expect a release of a cfw 3.60 + (maybe 4.11 CFW or 4.2X for being up to date) or a possible release of the keys ?
Kill3r : I think with the method I want to use, it will be possible to find all the keys in a SELF (key, iv, priv, pub ...) but not only this, it is also possible to obtain those of the LV1 / LV2 / SELF NPDRM ... You just have to be patient and hope that I will have enough time - and motivation - to continue to evolve this project and it will depend exclusively on the support that the readers bring !
Winch03200 : When does that last part of this project will be available and functional ?
Kill3r : To quote George Broussard: "when it's done". For the Standalone version (only for a handful of privileged): early August.
Using the PoC
".bat" Correspondences :
Download: Kill3r's PS3 Key Finder POC / PS3 Keys Finder BAT Update (0x13-0x1c) / Kill3r's PS3 Key Finder POC (Mirror) / PS3 Keys Finder BAT Update (0x13-0x1c) (Mirror)
Many of you have questioned the ability of the tools to detect the correct pairs key / iv is why, following the leak of key appldr of these days, I release today bat files related keyset 0x13, 0x16, 0x19 and 0x1c for the 182 people who downloaded my PoC before the leak can realize this by themselves the proper functioning of this tool!
Finally, I would like to thank the two unique donors who have supported me in my project PS3 KEYS FINDER and show them all my gratitude: Thank you all 2!
Kill3r: Mini-tutorial:
- launch the application to know the keyset (unless a big stroke of luck, you'll get a FAIL);
- run the script equivalent to keyset;
- ENJOY: SUCCESS
This is a small PoC (Proof of Concept – proof that it is possible) that allows, among other things find the pair key / iv for EBOOTs games sold commercially (and thus the output patch 3.55). I release this PoC end of July and a few days later the keyset 3.60 was leaked showing that my PoC was indeed functional! After 3 months of silence, I take the release of key appldr to unite many people as possible about this project to no longer depend on a leak!
Below is an interview from PS-Addict.fr:
Kill3r administrator of PS-Addict, a french PS3 Hack Site, is developing PS3 Keys Finder, a project to find 3.60 + Keys, it is like Seti or Folding@Home, it uses computing power in NetWork, therefore, all people can help to find these Holy Keys, even if you know nothing about PS3 Hack...
Currently, the project is only a PoC. He only developed the first part of his project (Client Side).
Here is an interview in order to understand this PoC :
Winch03200 : Can you tell me more about this PoC, what is its function ?
Kill3r : This PoC serves to demonstrate that my PS3 Keys Finder project is viable. Indeed, it determines whether the couples of and passed as parameters, will be allowed or not to decrypt a given EBOOT.BIN. This is the first part - the client side - of my PS3 Keys Finder project. This PoC allows a brute force attack on the last 5 characters of the key so it will test exactly 1048576 key in a few seconds.
Winch03200 : You said that this PoC is only the first part (the client part), what is the second part and can you tell me more ?
Kill3r : The second part - the server side - will host the intelligence of my program. Rather than resorting to a brute force attack that will testing stupidly all possible keys, I prefer generate certain probable keys that will answer more than two dozen different criteria ! Currently I work in parallel on a standalone version - and that will include client & server - and that will be more intended for very large configurations and other super-calculator !
I do not rule out the likely use of cloud computing even though financially I could not take this expense at my charge (I already paid about 300 € to make sure that i can access a supercomputer for the month of August). If patrons or donors wish to me (although it is only 2 € thank you to contact me by MP - again I do not force anyone !
Winch03200 : We know that in the past you have been criticized a lot... So why you release your POC now ? Any particular reason ?
Kill3r : For more than a year, my idea for that project was a lot present in my mind without doing nothing. By this time, I never had the support expected ! I keep it for me and then what? But I prefer to show the direction and try to breathe new life to the scene... (PS3). Some people criticized me for my project even before I've had time to explain how it works, others have told me that I was not a true dev: this PoC is also a response to their criticism.
Winch03200 : Can you find all the 3.60 + keys with the second part ? If so can we expect a release of a cfw 3.60 + (maybe 4.11 CFW or 4.2X for being up to date) or a possible release of the keys ?
Kill3r : I think with the method I want to use, it will be possible to find all the keys in a SELF (key, iv, priv, pub ...) but not only this, it is also possible to obtain those of the LV1 / LV2 / SELF NPDRM ... You just have to be patient and hope that I will have enough time - and motivation - to continue to evolve this project and it will depend exclusively on the support that the readers bring !
Winch03200 : When does that last part of this project will be available and functional ?
Kill3r : To quote George Broussard: "when it's done". For the Standalone version (only for a handful of privileged): early August.
Using the PoC
- Place the EBOOT.BIN of your Original Game next to PS3 Keys Finder.exe.
- Click on Orginal FirmWare corresponding .bat of your EBOOT.BIN.
".bat" Correspondences :
- 0x01 : FirmWare 0.92-3.30
- 0x04 : FirmWare 3.40-3.42
- 0x07 : FirmWare 3.50
- 0x0a : FirmWare 3.55
- 0x0d : FirmWare 3.56