A Closer Look at PS3 Firmware 3.70

Submitted by greg; August 10, 2011

In not-so-surprising news, the crew over at the other DH -- DemonHades -- dropped insider knowledge on the latest 3.70 firmware. And of course there is more than meets the eye; 3.70 uses new encryption/decryption keys and also patches certain vulnerabilities that Cobra USB took advantage of, making 3.70 more secure than previous firmware versions. Back to square one? - source: demonhades

Tags: 3.70, Cobra USB, PS3 Firmware

like i said before cant we just embed the charles certificate into a official firmware then update a console, enable SSL Proxying in Charles find out the new PSN password post it online then we can all use charles or a new fuckPSN to sign in on jailbroken 3.55 and everyone is happy! until sony release 3.71 :-D

# John Doe 2011-08-10 18:28

No this won't work. Repackaging the update will change the hash check. So the PS3 would check the update and say "My ass this is official firmware"

Your PS3 would still have to be OFW 3.60+ which would disable all jailbroken features in order for it to output the new Passphrase.

Now doing it with a legit PS3 and the latest update. There is the same hash problem. To grab the passphrase is actually pretty easy. All that needs to be done is as follows and hopefully someone out there can build off the work I have already done so here goes.

Performing a MIM on a PS3 from a computer connected to the same network. This will grab the header that is needed and output in plain text the new passphrase. This can be done on a jailbroken PS3 simply because we can change the file. Now doing this method on a legit PS3 will NOT work. What needs to be done is to create a new CA with openssl to get the ps3 to trust the connection to your computer. Now we cannot simply upload the new certificate we generate to the legit ps3. Now this is where I didn't have time to actually perform the whole setup, but I was thinking what had to be done is pass the new cert in between the connection from PS3. So to get it working it should look like this PS3 (legit), Second computer, 3rd computer.

Have the PS3 send out the request to sign in it then sends header information to your second computer that holds the fake cert and finally your third computer which is setup to arp spoof which will then be a trusted connection from the second computer and unencrypt the headers. The PS3 WILL fail the login this is normal but we are just trying to grab the new passphrase to inject it into charles or whatever tool.

Now this was where I last left off when I was playing around with it so I never got a chance to try it out. And when I get a break from working 6 days a week I will probably try this out but I am hoping someone understands what I am talking about and tries it out.

# Cheesetheif 2011-08-10 18:49

With every update, the PS3 gets closer to it's previous status of unhackable. Hopefully someone breaks it open again.

# Irulz 2011-08-10 20:12

I's av waited nough time 4 CF so I's can play da latest gamez an it aint gona hapen BRAH. da devs at sony are 2 good at lockin da ps3! I's is gona get a new ps3 from ebay coz da looters will sell dem cheap init.
Time 4 all dem looters 2 chill an ave a smoke an let da comunati heal. peace
respec

# xPreatorianx 2011-08-10 20:14

Not really. The PS3 is still an unsecured mess. Well at least all current PS3's. The new one that just came out is a different story. When gitbrew finds, dumps, and releases the method for the per console root key, none of the added crap in any security update will matter.

# David 2011-08-10 21:36

look i have the friggin firmware cracked 3.70. I am no sure of releasing just yet. Maybe next Jan or feb if i share it, i atleast want some nice games to come out with out sony throwing a quick update. The progam i created works as a virus /spyware then reports out any altered files sony did so you don't have to recreate everything-just a hint!!! I do have a second way "the apple of my eye"

# Chris Holmes 2011-08-10 22:01

In my opinion, with the way things are going between the hacking community and Sony, it looks like the only way forward right now is for developers to work on the current CFW users are on now (3.55 isn't it?) and make the same trip as the PSP. Hang back and hack away, and then in later stages start hacking the more current firmware.

I know hacking 3.55 has been going on for a while, but it still looks like the only reasonable way to make small progress unless developers decide to take a risk and end up like GeoHot (not working for Facebook, we know what I'm referring to).

# Cheesetheif 2011-08-10 23:23

I wouldn't hold my breath. Sony has always found way of putting up road blocks where they shouldn't be possible.

I remember people saying how sony could not do anything about the situation when failoverflow did their thing, yet now we are stuck on 3.55 and getting more and more behind sony.

# wohdin 2011-08-11 00:15

lolno.

# Justin Michael Nesbit 2011-08-11 00:18

i smell bullshit david. gtfo

# Garean Smith 2011-08-11 01:02

One step forward, and two steps back. This kind of dance game never lasts.

# Garean Smith 2011-08-11 01:03

GTFO

# Garean Smith 2011-08-11 01:05

Wha?

# Dragonvoice 2011-08-11 02:56

this will keep up until hackers or sony give up

# Jay Ro 2011-08-11 03:00

it's only back to square-one because ps3 hackers saw graf chokolo and geohot get hung to dry, and now the other hackers are too pussy to release anything. -_- What good is a console without a hacking scene? it's the fucking N64 all over again... a machine with HUGE potential, and nobody with balls to take it there. :/

# Jay Ro 2011-08-11 03:03

Hackers NEVER give up. Just look at the Wii scene. Not one update since System Menu 4.3 came out in 2010, and Nintendo's machine is still at hackers' mercy. Every good Wii hacker is using PimpMyWii to automate the best IOSes, and running games from CFG and a USB harddrive on System Menu 4.1...

# Jay Ro 2011-08-11 03:06

Learn to talk right, or get the fuck out of here, you faggot.

# Jay Ro 2011-08-11 03:12

Wrong... Hackers just won't release the exploits until a few firmwares from now, when Sony's not so lawsuit-happy. "Errybody's super-scurred and quakin' in their pussy-boots."

# Justin Michael Nesbit 2011-08-11 03:18

Im actually holding out for some CFW in the future. Guess Ill be stuck at 3.66

# Justin Michael Nesbit 2011-08-11 05:17

at least i am able to get onto PSN using some dns trick, while still on 3.66

# Leo 2011-08-11 06:21

Because the Wii's chain of trust is a complete mess to begin with... yes, the PS3 still has enormous holes, but then again no one is going to risk jail time so a couple of dumb kids can play pirated games. That's the true downside.

# gazaq95 2011-08-11 10:14

Hopefully You Do So Then Instead of being on 3.55 Custom Firmware :)

# Bob Obb 2011-08-11 10:30

Eh. Nothing worth playing anyway. I'll start worrying when FF13-2 drops

# Bammmmm 2011-08-11 12:11

i hacked 3.70.. now i call it 3.70 TrollFirmWare..

oolololollloloo olololololololo ll

# Bammmmm 2011-08-11 12:16

lol u're back

respec

# David 2011-08-11 12:33

The only concern i have is the misuse of my created programs,becaus e these apps can be misused, its very tempting to use them the wrong way--

# MousaSaeed 2011-08-11 13:49

i dont think so !!! u didnt even provide in prof to backup ur talk !! not even a video !

# Justin Michael Nesbit 2011-08-11 14:29

i think u mean Versus XIII... XIII-2 Is ughh

# bertr2013 2011-08-11 14:58

Seems like 'David' is either trying to make a name for himself...or he's just playing on everyone's frustration over waiting for a new CFW that allows PSN access.Don't let him play you.

F**k Sony...they can take their PSN and shove it right up their asshole.

# Kevin Bacon Pierre 2011-08-11 15:06

Prepare to get banned by Sony lulz

# Kevin Bacon Pierre 2011-08-11 15:08

THAT's a shocker
http://creativesignmaking.co.u...

# Justin Michael Nesbit 2011-08-11 16:33

Nah I stopped doing that lulz

# David 2011-08-11 22:29

I followed the Geohotz case,even youtube was screwed, along with tweeter and paypal.

# Kraetos John 2011-08-12 06:26

New Terms of Service and User Agreement?
http://playstation-email.com/r...

http://playstation-email.com/r...

# mightyhat 2011-08-12 09:12

N64 was hacked with the Doctor V64 i still have mine in the cupboard

# Irulz 2011-08-12 10:11

I's is still on da look out 4 a 2nd PS3, Da sellers on ebay are askin 2 much 4 dem so woo is gon'a sell me 1 on da cheep. I's can go meat u if u r from london, but not totenham coz dat is 2 ghetto 4 me.
Respec

# TVippy 2011-08-12 14:25

Very true.

# Deepu Thomas 2011-08-12 17:03

Ok...I read somewhere that new encryption/decryption keys would mean older games encrypted with older keys would no longer work. Then how is it that they are using new keys ? And if this is what makes their console more secure why didnt they think of new keys earlier ?

# a.j_spider 2011-08-12 18:35

you are talking like it takes seconds to hack a ps3
why dont you hack it yourself instead of talking shit about hackers?
anyways why should they do a hack for you
and if you were in their place you would be afraid to be in the court right now just for releasing some good stuff for the people
and what he gets from the people after he gets fu**ed up in the court ... nothing ?!!!!
for god sake just think before posting a comment
i wish i can hack my ps3 too but only to play old ps2 ps1 and n64 games
i dont care about downloading back-ups that i dont own
i dont like pirating
i just want to have a good time just like old days and sony should allow us to do that ( they should allow us to play ps2 ps1 and n64 games for free not remake them and make us pay for them again )

# makky91 2011-08-12 18:49

can you please explain how you do that?

# joey 2011-08-12 22:56

this obviously isn't the place to post this question, but i'm running out of options and have searched my ass off all day to try and find a solution. if anyone at all could shed some light i'd be more than appreciative. i'm running a slim on kmeaw 355. all was well, took it to a friends house and the first issue i had was lack of sound. now i'm getting the black screen upon boot. the only video i can get is when i boot to recovery mode. any ideas, suggestions? thanks.

# themanwivaplan 2011-08-13 06:38

and how are you going to get your ps1 /ps2 /n64/roms.

umm come in hear bad mouthing when you going to download roms that you dont own go fu*k yourself.

# Antonio duncan 2011-08-13 15:03

its kind of true buddy it do take alot of shit now to get around he got some new keys he have to find he got to find a way how to change the way the keys working why you just don't buy the chip and install it on your ps3 and downgrade i haven't did it but it sounds like a good idea right now and we got to remember on thing they keys going to shift around every sec so he got to find away to find all the keys and change them all it take him a min to hack it

# Justin Michael Nesbit 2011-08-13 16:20

google 'DNS bypass 3.70' and you should find the keys that will allow you to access PSN without going to 3.70. NO it will not ban you. And sony will likely remove the bypass in a week or 2

# gundomgear1 2011-08-13 17:55

i'm still at update 3.60 so can I change hard disk and install program ps3 again and use 3.55 version again and than you i'm waiting any answer ?

# Shawn Rangel 2011-08-13 21:06

try to hold down the power button when you turn it on..listen for the first beep..should be able to reset video that way..if thats the case anyways

# Seinan Khan 2011-08-15 15:04

would plz share the hacked version or tell me how is it done???

# a.j_spider 2011-08-16 16:15

i supposed to say it is legal these days to download them... since there are no games released again for these consoles and i barely find games for the ps1
and n64 i cant find any games in the stores
and for the ps2 i can buy games whenever i want and i want to play them on the ps3 so i can play them in HD
by the way some people have ps3 but their ps2 are broken but they have ps2 games and they want to play them

and who said that i dont own the games i want to play ??
how do you know if i own them or not ???
most or all the games i want to play i own them

search for the net about that thing and you will see it is legal
so stop talking about a thing u dont have enough information about

# Sherjeel Shehzad 2011-08-19 10:36

1. Be trolled.
2. Troll in revenge.
3. ???
4. Profit.

# Dickie Darockman 2011-08-23 14:17

do you really can do it? can you tell me? coz i accidently updated 3.55 to 3.56 n i guess no turning back huh? damn ! sony good ! the hackers knocked down completely. there no links for jail breaking this 3.56 !!

# Dickie Darockman 2011-08-23 14:24

stop telling lies. we are all stucked in 3.55 while sony 15 steps a head

# Bammmmm 2011-08-24 19:48

Y S SRS??

# Marvin Hernandez 2011-08-25 11:17

hopefulley they hack dis joint i mean i dont mind buying games but damn there like 50 bucks each if i buy 2 games i b spending 100 bucks when i can use dat on a half and get fucked up lmao............

# polvertum 2011-08-29 20:30

Brate, ako si hakova ovo cudo onda si veliko mudo. A ako nisi, ne seri. Odje kod nas je plata 200e soni kosta 400e i jos treba da kupujem igre na kredit. Po ovome ispada da kad otplatim ps3 trebam podic ponovo kredit da bih kupio jednu igru. Kad budem bio u mogucnosti da kupim i drugu igru izaci ce ps4 ili nesto slicno tako da cu opet kasnit jedno 10 godina. Odje se radi vise nego tamo kod vas a plate manje. Niko odavde ne kuka nego cuti i trpi, zato cutite i vi. Zivio sony ali zivio mi i geohot.

# Flavio Amaral E Silva 2011-08-30 09:01

Sony should burn in hell

Refresh comments list

Add comment

JComments


	CREATE ACCOUNT NOW TO POST COMMENTS! Why create an account on the Dashhacks network? Because being logged in has its privileges! • COMMENTS! Only logged in users comments go live without waiting for moderator approval! • No video! The video ad in the upper right doesn't interrupt you on all pages! • Customize your profile! Flaunt your xBox Live & PSN gamertags! • It's FREE and it's EASY! And one login works for all of the Dashhacks review sites! So what are you waiting for? Go to the TOP RIGHT of the page and LOGIN or click REGISTER!

A Closer Look at PS3 Firmware 3.70

Related Stories:

Comments

Add comment