Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Whether this is about ha.ckers.org, sla.ckers.org or some other project you are interested in or want to talk about, throw it in here to get feedback. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
Win a PS3, by hacking it?
Posted by: Kyran
Date: November 30, 2006 10:55AM

http://ps3.shimpinomori.net/index_en.html

I'm not really interested in the PS3 as much as I am the methodology. If any of you guys manage to pull it off, please post how you did it after you have sent your email and whatnot.


So far I can tell it's running telnet, ftp, http, pop3 and NetBIOS-ssn, which are all running on the standard ports for those services.

- Kyran

Options: ReplyQuote
Re: Win a PS3, by hacking it?
Posted by: rsnake
Date: November 30, 2006 11:25AM

Eesh... none of those are particularly secure. It's weird he said don't own other machines on the network. A lot of the attacks against telnet, and FTP are man in the middle/sniffing. Interesting.

Options: ReplyQuote
Re: Win a PS3, by hacking it?
Posted by: jungsonn
Date: November 30, 2006 01:48PM

Well a quick look he got more than 1600 ports open :)

i did notice this:

http://shimpinomori.net/cgi-bin/index.cgi

i noticed that the WWW-Authenticate header is "Basic" so that means a simple base64() encoding, it's a potential hole. Cuzz you could tamper the header, or overflow it's maxlength of 351 chars (if i remeber correctly). dunno if that is allowed?

ah it sucks!
i don't have the time now to take a good look.

Options: ReplyQuote
Re: Win a PS3, by hacking it?
Posted by: Kyran
Date: November 30, 2006 01:55PM

I doubt that's allowed as that site isn't on the PS3/ps3 subdomain?

- Kyran

Options: ReplyQuote
Re: Win a PS3, by hacking it?
Posted by: jungsonn
Date: November 30, 2006 08:29PM

It's a subdomain, so it must be running on the same box. check IP it renders the same. If i gain access to root i got the sub as well :)

But, i'm just back home and 2 tired, maybe i give it a shot tommorow when the dust settles. i ain't giving it a big chance though, cause they locked everything down on the http/d level, so a few possible methods remain.

Options: ReplyQuote
Re: Win a PS3, by hacking it?
Posted by: jungsonn
Date: December 01, 2006 11:24AM

This is weird, i think it's just a big scam. it must be a honeypot, there are too many ports listening on that box, and when you connect it kicks you out.

For example:

I tryed to telnet to the identd port (113)
I Got in, but when you run commands it kicks you right out.
Same with other ports.

I Ain't gonna waste my time anymore on this box.

Options: ReplyQuote
Re: Win a PS3, by hacking it?
Posted by: Tribute
Date: December 01, 2006 11:56AM

There are actually only 3 ports open on the box. The rest are spoofed to put you off.
The 3 ports open are 22 (SSH), 80 (http (some sort read only, edit via ssh thing)) and 113 (ident)

The PS3 is running the FC5. So you pretty much won't be able to get in without owning another machine on the network. So its good for the person with the idea as they gain revenue from ads (i guess they have them)

Options: ReplyQuote
Re: Win a PS3, by hacking it?
Posted by: jungsonn
Date: December 01, 2006 08:06PM

Yeah that's weird isn't it?

but 443 (ssl) is open to i saw?
FC5? damn fedora.

Ah, this is pretty lame contest if you ask me,
how on earth is anyone going to root that box?

Options: ReplyQuote
Re: Win a PS3, by hacking it?
Posted by: jungsonn
Date: February 03, 2007 11:51AM

The Playstation 3 hacking challenge is over! Sorry, nobody managed to hack into the PS3, despite tremendous efforts. Now, the good news is that Kaede gets to keep her Playstation 3.

Who would have guessed, cheater.

Options: ReplyQuote


Sorry, only registered users may post in this forum.