Your browser does not seem to support CSS. If images appear below, please disregard them.
It appears that you're running an Ad-Blocker. This site is monetized by Advertising and by ">User Donations; we ask that if you find this site helpful that you whitelist us in your Ad-Blocker, or make a ">Donation to help aid in operating costs.
Previous Thread
Next Thread
Print Thread
Rate This Thread
#41252 - 12/18/06 07:01 AM Hack a PS3, win it  
Joined: Jun 2003
Posts: 807
Ghost Offline
UGN Super Poster
Ghost  Offline
UGN Super Poster

Joined: Jun 2003
Posts: 807
Likes: 2

This guy has a PS3 setup running FC5. If anyone can hack it under his terms and conditions, they get to keep it.

I've been trying my hand at it for shits and giggles.

The funny thing about this is that just about every TCP port from 0 to 65535 (if not all of them) respond as open, and yet very few actually run any sort of daemon. I haven't found any, other than SSH and HTTP (obviously) that do actually function.

Another funny thing that I found was that the robots.txt file in the root directory of the site lists admin/, but after noticing a few anomalies, I found that admin/ is symbolically linked to the directory directly above it.

I'm planning on doing a Nessus probe when I finally download all the plugin updates.

Thought I'd let you guys know, in case you wanted to try your hand at it.

Sponsored Links
#41257 - 12/18/06 07:32 AM Re: Hack a PS3, win it [Re: Ghost]  
Joined: Feb 2002
Posts: 7,198
Gremelin Offline
Community Owner
Gremelin  Offline

Community Owner

Joined: Feb 2002
Posts: 7,198
Likes: 11
Portland, OR; USA
lol sounds awesome. He likely has a honeypot setup to see everyone who's attmepting anything; sounds kinda fun hehe

Donate to UGN Security here.
UGN Security, Back of the Web, and VNC Web Services Owner
#41268 - 12/19/06 12:26 AM Re: Hack a PS3, win it [Re: Gremelin]  
Joined: Jun 2003
Posts: 807
Ghost Offline
UGN Super Poster
Ghost  Offline
UGN Super Poster

Joined: Jun 2003
Posts: 807
Likes: 2
So yeah; there don't seem to be any services running, other than SSH and HTTP. The HTTP server that it runs is publicfile, which seems to be optimized for security (I wasn't able to find any vulnerability reports on the web).

One thing though. There seems to be some sort of cryptogram in the source of the page, enclosed in HTML comments. My guess is that this contains the root login credentials. It has an interesting structure. The first and last lines are purely letters, and only the last long line contains letters in it. Curious.

Member Spotlight
SC, usa
Posts: 506
Joined: March 2002
Show All Member Profiles 
Forum Statistics
Average Daily Posts3
Most Online1,567
Apr 25th, 2010
Latest Postings
shopping for jewelry with something above
by mikejoey on 04/12/17 08:01 AM
PANDORA North The usa
by mikejoey on 04/12/17 07:38 AM
Pandora’s birthstone products will always
by mikejoey on 04/12/17 07:14 AM
the newest Pandora necklaces crafting facility
by mikejoey on 04/12/17 06:53 AM
an Air Jordan 4 by Off White is in
by mikejoey on 04/12/17 06:35 AM
belonging to the adidas NMD XR1
by mikejoey on 04/12/17 05:50 AM
Other detailsThe adidas Originals Celebrity
by mikejoey on 04/12/17 05:35 AM
The DNA on the NMD model is actually
by mikejoey on 04/12/17 05:18 AM
in which adidas NMD XR1 “Zebra” supplying
by mikejoey on 04/12/17 04:05 AM
by Gremelin on 01/14/17 07:03 PM
Top Posters(All Time)
UGN Security 41,138
Gremelin 7,198
§intå× 3,255
SilentRage 1,273
Ice 1,146
pergesu 1,136
Infinite 1,041
jonconley 955
Girlie 908
unreal 860
Top Liked Users (All Time)
§intå× Likes: 3
Black Beard Likes: 1
Cold Sunn Likes: 1
Crime Likes: 1
Cyrez Likes: 1
fleshwound Likes: 1
Ghost Likes: 2
Gremelin Likes: 12
Ice Likes: 1
ninjaneo Likes: 1
Top Liked Users (30 Days)
No Data Found
Powered by UBB.threads™ PHP Forum Software 7.6.0
(Snapshot build 20170206)