Tuesday, April 13, 2010

Bypass PlayStation 3 update for linux users


Sony release PS3 frimware update 3.21 which remove OtherOS feature, may PS3 users install linux on their PS3, if they install this FW update they will not be able to use their linux, but if they didn't install the update they will not be able to login to PSN (PlayStation Network) and play online games.

so we are going to bypass this update and login to PSN with the old FW 3.15

first we need to get some information's about PS3 update servers and base on what
it say you are out of date any need to update.

install apache with mod_proxy on your linux machine:
$ sudo yum install apache2 mod_proxy

then open apache config file "/etc/httpd/conf/httpd.conf" and add those mod_proxy configuration lines
(some times you may find them there by default, you just need to unhash them)

ProxyRequests On
ProxyVia On
Order deny,allow
Deny from all
Allow from 192.168.1

run the apache on usr box, and configure you PS3 to use your box as proxy server.

try to login to PSN and read your apache log file and see what is going on:
$ sudo tail -f /var/log/httpd/access_log

I found that my PS3 is trying to get a file "ps3-updatelist.txt" from PS3 Asian update server "http://fjp01.ps3.update.playstation.net"


192.168.1.16 - - [06/Apr/2010:10:05:21 +0400] "GET http://fjp01.ps3.update.playstation.net/update/ps3/list/jp/ps3-updatelist.txt HTTP/1.1" 200 252 "-" "PS3Update-agent/1.0.0 libhttp/1.0.0"

lets open "ps3-updatelist.txt" file and see its content:


# JP 
Dest=83;CompatibleSystemSoftwareVersion=3.2100-;

Dest=83;ImageVersion=0000a20e;SystemSoftwareVersion=3.2100;
CDN=http://djp01.ps3.update.playstation.net/update/ps3/image/jp/2010_0401_3a08ef6164a7770ae3e7d5b9f366437a/PS3UPDAT.PUP;CDN_Timeout=30;
it's have the latest FW version 3.2100 and a URL for it.

now lets trick our PS3 and hijack the traffic.
lets download this file on our apache server and change the FW version to 3.1500,
create the same original path on you apache server "/update/ps3/list/jp/"

$ cat /var/www/html/update/ps3/list/jp/ps3-updatelist.txt

# JP 
Dest=83;CompatibleSystemSoftwareVersion=3.1500-;

Dest=83;ImageVersion=0000a20e;SystemSoftwareVersion=3.1500;
CDN=http://djp01.ps3.update.playstation.net/update/ps3/image/jp/2010_0401_3a08ef6164a7770ae3e7d5b9f366437a/PS3UPDAT.PUP;CDN_Timeout=30;


then lets download any DNS server (dnsmasq, bind9,...etc), i will use dnsmasq.

$ sudo yum install dnsmasq

edit dnsmasq config file "/etc/dnsmasq.conf"
and add this line to it:
address=/fjp01.ps3.update.playstation.net/192.168.1.6


what we did here we tell the DNS server to forward any connection
from the PS3 update server to our apache IP address.

also add those line to the config file to enable the logs:
log-queries log-dhcp log-facility=/var/log/dnsmasq

also add this line to "/etc/resolv.conf":
nameserver 127.0.0.1

run dnsmasq:
$ sudo /etc/init.d/dnsmasq start

on your PS3 remove the proxy setting and make it auto detect,
and set the primary DNS to you IP address

then try to login to PSN, and you should be able to login to
PSN with your old FW 3.15

if you read dnsmasq logs you will see something like this:

$ tail -f /var/log/dnsmasq
Apr 6 14:50:20 dnsmasq[3795]: query[A] fjp01.ps3.update.playstation.net from 192.168.1.16
Apr 6 14:50:20 dnsmasq[3795]: config fjp01.ps3.update.playstation.net is 192.168.1.6
Apr 6 14:50:22 dnsmasq[3795]: query[A] getprof.ae.np.community.playstation.net from 192.168.1.16
Apr 6 14:50:22 dnsmasq[3795]: forwarded getprof.ae.np.community.playstation.net to 192.168.1.1
Apr 6 14:50:22 dnsmasq[3795]: reply getprof.ae.np.community.playstation.net is 198.107.129.125
Apr 6 14:50:25 dnsmasq[3795]: query[A] a4.ae.np.communication.playstation.net from 192.168.1.16
Apr 6 14:50:25 dnsmasq[3795]: forwarded a4.ae.np.communication.playstation.net to 192.168.1.1
Apr 6 14:50:26 dnsmasq[3795]: reply a4.ae.np.communication.playstation.net is 198.107.131.128
Apr 6 14:50:35 dnsmasq[3795]: query[A] static-resource.np.community.playstation.net from 192.168.1.16
Apr 6 14:50:35 dnsmasq[3795]: forwarded static-resource.np.community.playstation.net to 192.168.1.1
Apr 6 14:50:35 dnsmasq[3795]: reply static-resource.np.community.playstation.net is
Apr 6 14:50:35 dnsmasq[3795]: reply a02.cdn.update.playstation.org.edgesuite.net is
Apr 6 14:50:35 dnsmasq[3795]: reply playstation2.sony.akadns.net is
Apr 6 14:50:35 dnsmasq[3795]: reply a192.d.akamai.net is 88.221.217.66
Apr 6 14:50:35 dnsmasq[3795]: reply a192.d.akamai.net is 88.221.217.65
Apr 6 14:50:36 dnsmasq[3795]: query[A] getprof.ae.np.community.playstation.net from 192.168.1.16
Apr 6 14:50:36 dnsmasq[3795]: forwarded getprof.ae.np.community.playstation.net to 192.168.1.1
Apr 6 14:50:37 dnsmasq[3795]: reply getprof.ae.np.community.playstation.net is 198.107.131.117
Apr 6 14:50:40 dnsmasq[3795]: query[A] getprof.de.np.community.playstation.net from 192.168.1.16
Apr 6 14:50:40 dnsmasq[3795]: forwarded getprof.de.np.community.playstation.net to 192.168.1.1
Apr 6 14:50:40 dnsmasq[3795]: reply getprof.de.np.community.playstation.net is 198.107.130.125
Apr 6 14:50:48 dnsmasq[3795]: query[A] getprof.gb.np.community.playstation.net from 192.168.1.16
Apr 6 14:50:48 dnsmasq[3795]: forwarded getprof.gb.np.community.playstation.net to 192.168.1.1
Apr 6 14:50:49 dnsmasq[3795]: reply getprof.gb.np.community.playstation.net is 198.107.131.117
Apr 6 14:50:51 dnsmasq[3795]: query[A] getprof.us.np.community.playstation.net from 192.168.1.16
Apr 6 14:50:51 dnsmasq[3795]: forwarded getprof.us.np.community.playstation.net to 192.168.1.1
Apr 6 14:50:52 dnsmasq[3795]: reply getprof.us.np.community.playstation.net is 198.107.129.124
Apr 6 14:51:13 dnsmasq[3795]: query[A] getprof.hk.np.community.playstation.net from 192.168.1.16
Apr 6 14:51:13 dnsmasq[3795]: forwarded getprof.hk.np.community.playstation.net to 192.168.1.1
Apr 6 14:51:13 dnsmasq[3795]: reply getprof.hk.np.community.playstation.net is 198.107.129.123
Apr 6 14:51:15 dnsmasq[3795]: query[A] static-resource.np.community.playstation.net from 192.168.1.16
Apr 6 14:51:15 dnsmasq[3795]: forwarded static-resource.np.community.playstation.net to 192.168.1.1
Apr 6 14:51:15 dnsmasq[3795]: reply static-resource.np.community.playstation.net is
Apr 6 14:51:15 dnsmasq[3795]: reply a02.cdn.update.playstation.org.edgesuite.net is
Apr 6 14:51:15 dnsmasq[3795]: reply playstation2.sony.akadns.net is
Apr 6 14:51:15 dnsmasq[3795]: reply a192.d.akamai.net is 88.221.217.66
Apr 6 14:51:15 dnsmasq[3795]: reply a192.d.akamai.net is 88.221.217.65
Apr 6 14:51:18 dnsmasq[3795]: query[A] static-resource.np.community.playstation.net from 192.168.1.16
Apr 6 14:51:18 dnsmasq[3795]: cached static-resource.np.community.playstation.net is
Apr 6 14:51:18 dnsmasq[3795]: cached a02.cdn.update.playstation.org.edgesuite.net is
Apr 6 14:51:18 dnsmasq[3795]: cached playstation2.sony.akadns.net is
Apr 6 14:51:18 dnsmasq[3795]: cached a192.d.akamai.net is 88.221.217.65
Apr 6 14:51:18 dnsmasq[3795]: cached a192.d.akamai.net is 88.221.217.66
Apr 6 14:51:20 dnsmasq[3795]: query[A] static-resource.np.community.playstation.net from 192.168.1.16
Apr 6 14:51:20 dnsmasq[3795]: forwarded static-resource.np.community.playstation.net to 192.168.1.1
Apr 6 14:51:21 dnsmasq[3795]: reply static-resource.np.community.playstation.net is
Apr 6 14:51:21 dnsmasq[3795]: reply a02.cdn.update.playstation.org.edgesuite.net is
Apr 6 14:51:21 dnsmasq[3795]: reply playstation2.sony.akadns.net is
Apr 6 14:51:21 dnsmasq[3795]: reply a192.d.akamai.net is 88.221.217.65
Apr 6 14:51:21 dnsmasq[3795]: reply a192.d.akamai.net is 88.221.217.66
and in apache log you should see:

192.168.1.16 - - [06/Apr/2010:14:00:17 +0400] "GET /update/ps3/list/jp/ps3-updatelist.txt HTTP/1.1" 200 250 "-" "PS3Update-agent/1.0.0 libhttp/1.0.0"



enjoy login to PNS with your OtherOS ;)

7 comments:

  1. Does it work with the new restrictions of today ?

    ReplyDelete
  2. I tried it yesterday (April 13, 2010) it work fine with me.
    I will give it a test today.

    ReplyDelete
  3. Can it block a https request from sony server (about the update version)

    ReplyDelete
  4. sony block this PS3 proxies and DNS method, we will try to bypass their restrictions, and we hope geohotz make his move and release his CFW

    ReplyDelete
  5. We haven't to stay after his release.
    All we need now it's a bypass .
    S0ny will force all ps3's user to update ,to stand after a cfw ,we need to connect to psn .
    how can ghotz test a cfw without a bypass ?

    ReplyDelete
  6. geohotz CFW have the same version of PS3 latest FW "3.21" we will be able to login directly to PSN. lets just wait for few days and see what will happen.

    ReplyDelete
  7. He never said he's able to connect to psn .
    He has just said he can run a other os .
    Who have see him connect to psn ?
    With the new check ,it 'll be impossible to bypass a update .

    ReplyDelete