Changes

350 bytes added ,  07:36, 27 June 2013
question+
Line 70: Line 70:  
::"some keyslots are with the same data" I encrypted an all-zero block with each AES engine keyslot with CTR=0, and encrypted that data again with each keyslot with keyY=0. When the output block for the former is the same for multiple keyslots, those keyslots use the same keyX/keyY. When the latter output block is the same for multiple keyslots, those keyslots use the same keyX. "decrypt the CDN TMD key strings" TMDs have nothing to do with decrypting the ticket titlekey. [[RomFS]] does not contain code(besides [[CRO0]] for web browser), that's stored in [[ExeFS]]:/.code. There's no need to dump code from memory when one can just use the [[AES]] engine. --[[User:Yellows8|Yellows8]] 17:40, 26 June 2013 (CEST)
 
::"some keyslots are with the same data" I encrypted an all-zero block with each AES engine keyslot with CTR=0, and encrypted that data again with each keyslot with keyY=0. When the output block for the former is the same for multiple keyslots, those keyslots use the same keyX/keyY. When the latter output block is the same for multiple keyslots, those keyslots use the same keyX. "decrypt the CDN TMD key strings" TMDs have nothing to do with decrypting the ticket titlekey. [[RomFS]] does not contain code(besides [[CRO0]] for web browser), that's stored in [[ExeFS]]:/.code. There's no need to dump code from memory when one can just use the [[AES]] engine. --[[User:Yellows8|Yellows8]] 17:40, 26 June 2013 (CEST)
 
:::oh well. sorry for been n00b again. then have you ever found something that you can execute to decrypt those CDN data? i badly wanna try it.. ExeFS.. okey.. hope good work--[[User:Syphurith|Syphurith]] 08:04, 27 June 2013 (CEST)
 
:::oh well. sorry for been n00b again. then have you ever found something that you can execute to decrypt those CDN data? i badly wanna try it.. ExeFS.. okey.. hope good work--[[User:Syphurith|Syphurith]] 08:04, 27 June 2013 (CEST)
 +
:::oh wait i nearly forgot one thing. where do you think those keys are been when you manually called those encrypt/decrypt functions? if that is purely hardware implemented decapping may help; if that is in memory you may eventually get it; if that is stored in somewhere inside SoC.. yeah? --[[User:Syphurith|Syphurith]] 08:36, 27 June 2013 (CEST)
    
===Spam attack===
 
===Spam attack===
174

edits