UGN Security Forums
My ProfileMember DirectoryLogin
Search our ForumsView our FAQView our Site Rules
View our CalendarView our Active TopicsGo to our Main Page

UGN Security Store
 

Network Sites UGN Security, The GoNix Initiative, Elite Web Gamers, Back of the Web, EveryDay Helper, VNC Web Design & Development
December
Su M Tu W Th F Sa
1 2 3 4 5 6
7 8 9 10 11 12 13
14 15 16 17 18 19 20
21 22 23 24 25 26 27
28 29 30 31
Sponsored Links
Latest Postings
Latest Reviews
Topic Options
Rate This Topic
#41252 - 12/18/06 02:01 AM Hack a PS3, win it
Ghost Offline


Registered: 06/16/03
Posts: 807
Loc: Wisconsin
http://ps3.shimpinomori.net

This guy has a PS3 setup running FC5. If anyone can hack it under his terms and conditions, they get to keep it.

I've been trying my hand at it for shits and giggles.

The funny thing about this is that just about every TCP port from 0 to 65535 (if not all of them) respond as open, and yet very few actually run any sort of daemon. I haven't found any, other than SSH and HTTP (obviously) that do actually function.

Another funny thing that I found was that the robots.txt file in the root directory of the site lists admin/, but after noticing a few anomalies, I found that admin/ is symbolically linked to the directory directly above it.

http://ps3.shimpinomori.net/admin/admin/...in/admin/adminv

I'm planning on doing a Nessus probe when I finally download all the plugin updates.

Thought I'd let you guys know, in case you wanted to try your hand at it.
_________________________
[[ GamerSupport ] [ UGN Security ] [ Evil Hosting ] [ Comic Relief ]
~[Ghost]

Top
Sponsored Links
      
#41257 - 12/18/06 02:32 AM Re: Hack a PS3, win it [Re: Ghost]
Gremelin Offline

Community Owner
*****

Registered: 02/28/02
Posts: 7193
Loc: Portland, OR; USA
lol sounds awesome. He likely has a honeypot setup to see everyone who's attmepting anything; sounds kinda fun hehe
_________________________
Donate to UGN Security here.
UGN Security, Back of the Web, Elite Web Gamers & VNC Web Design Owner

Top
#41268 - 12/18/06 07:26 PM Re: Hack a PS3, win it [Re: Gremelin]
Ghost Offline


Registered: 06/16/03
Posts: 807
Loc: Wisconsin
So yeah; there don't seem to be any services running, other than SSH and HTTP. The HTTP server that it runs is publicfile, which seems to be optimized for security (I wasn't able to find any vulnerability reports on the web).

One thing though. There seems to be some sort of cryptogram in the source of the page, enclosed in HTML comments. My guess is that this contains the root login credentials. It has an interesting structure. The first and last lines are purely letters, and only the last long line contains letters in it. Curious.
_________________________
[[ GamerSupport ] [ UGN Security ] [ Evil Hosting ] [ Comic Relief ]
~[Ghost]

Top

Moderator:  Infinite 
Featured Member
Registered: 10/28/14
Posts: 1
Forum Stats
2152 Members
46 Forums
36163 Topics
71333 Posts

Max Online: 1567 @ 04/25/10 05:20 AM
Top Posters
UGN Security 29324
Gremelin 7193
§intå× 3255
SilentRage 1273
Ice 1146
pergesu 1136
Infinite 1041
jonconley 955
Girlie 908
unreal 860
Newest Members
cdefgh368568, HushHush, golqm, Tim050, Gecko666
2151 Registered Users
Who's Online
0 registered (), 313 Guests and 351 Spiders online.
Key: Admin, Global Mod, Mod
Latest News


Donate
  Get Firefox!
Get FireFox!