forums.ps2dev.org

I know this forum tries to be very careful about legal issues, and I respect that. So I wonder where the forums stand on this. I have seen the example code from the Metrowerks leak (only seen the code, I do not have the studio) and it made it very clear how to write code to use the gpu. I saw some f...

This is very much on topic. I am not offering to make a new emulator from scratch, since I do not have enough experience in that area, but I can help in others.

****Flame retardant suit on**** OK, this is a serious offer. I am a very experienced coder. I have a lot of experience in optimizing code and would like to help make some of these emulators run faster. I have a v1.00 PSP, and am in the process of learning to use the PSP tool chain. I have some sourc...

Mr Sonikku_a

Did Skranker send you his file?

Somehow I doubt it :-(

Another problem you might all be encountering is the fingerprint hash! A known example of this is in DATA2.BIN and is an SHA-1 digest (I think, need to go over java code again to make sure) of the data in the file. I personally believe some of the unknown data is sfo file is a hash of this sort and ...

First of all apologies if this is useless - still finding my feet. OK I initally thought a brute force dictionary attack on the BIN file in my save game directories for Hot Shots golf and wipeout would be fairly simple. The bin file for wipeout is even called PROFILE.BIN ( ;-) ). Both these games ha...

In the PARAM.SFO file

Does anybody know what the 16 bytes after the plain text file name are?

Does anybody know what the 32 bytes that start at 11C0 are?

These are in all the 5K PARAM.SFO files I have looked at.

It is not designed to run on a PSP, but inside a browser on your PC while the PSP is connected.

The only useful thing found out so far is the hashing/encryption technique used for storing DATA2.BIN

The java code in IdentityCollection converts these bytes to a nickname by a new String(bytes,0,length of 0 terminated byte string,"UTF8"). This specifies a UTF8 encoding. I am trying to work out how this is a UTF8 encoding, that is all. I am trying a few dictionary style attacks on save fi...

I have checked the decoding, am using the SHA1CypherStream class and the nickName 'Piercer' is definitely stored in the following set of bytes in the following order (at least I see this after the xor with the cypher stream buffer which does not change the data length, so I assume the EFBD's are not...

OK a question for UTF knowledgeable out there. My nickname is Piercer on my PSP looking at the way this is stored in DATA2.BIN decrrypted/dehashed of course it looks like 50EFBD P 89EFBD i 85EFBD e 92EFBD r 83EFBD c 85EFBD e 92E38080 r (but slightly different) ???? What for of UTF is this - even tho...

Ok - apologies in advance if this is illegal (and please remove it if it is). Here is a little java file that takes a data2.bin formatted file name as input and outputs a little information from it. It is unfortunately not self contained as it uses the SHA1CypherStream object from the jar and I have...

Actually data2.bin can contain multiple identities, each of length 276 bytes (or 256 without key, but see no reference to unkeyed identities in code).

Am now writing simple data2.bin unpacker for anybody interested.

The output of

parseBytes("D3C64E430B3F2C1152DBFEF1A5C71CA4")

produces the following 16 element array:

0: -45
1: -58
2: 78
3: 67
4: 11
5: 63
6: 44
7: 17
8: 82
9: -37
10: -2
11: -15
12: -91
13: -57
14: 28
15: -92

Any use?

Wow. It couldn't be could it?

Yep, just check - I already have a data2.bin - hmmm, now I can read it...

Wonde what the fingerprint is?

Sorry, key seems to be at the end of the file - after a 'fingerprint' ?? It seems that the file has format version 4 bytes hardwareId 20 bytes timeStamp 4 bytes nickName 208 bytes fingerprint 20 bytes if the passed in recordSize is greater than 256 then there is a 20 byte key. In IdentityCollection....

OMG identity.class would seem to have some very interesting information in it. I will not post source since I'm sure that would be illegal, but it seems to be able to read firmware version, nickname, hardwareid and timestamp. It does this via an SHA1 cypher which has a key as the first bit of the fi...

Amazing you beat me to it - that bit caught my interest too and I was just about to post about it - lol But surely the PSP ID would be in firmware and not on the memory stick - is it possible that this is simply the ID to use for DRM and not the PSP ID itself? I have a feeling that this applet will ...

At last something I can really help with. OK First impressions (this will not tell you too much, but is a start) - I will edit it later with further info as I find it. The jar is a signed, unobfuscated (wow) applet. 1) Signed applet - means it runs in a browser (applet container) but could be allowe...

Delurk... I apologize if I am teaching my grandmother to suck eggs, but I have been reading these forums for some time now and I was thinking it might be good to link together two areas of attack. People have been 1) analysing the traffick between two PSPs. Especially interesting is the discussion o...