Encrypt Xml files

Xploiting · Oct 2, 2020

Hey guys

Quick question.

If I have a Xml file that I'll be using in a pkg, is it possible to encrypt it so others cannot pull it from there system and see my code/copy my code?

Obviously just encryption of the xml using notepad ++ renders the xml unreadable by the ps3 so wondered if it was even possible.

Or is it possible to encrypt/protect a pkg file instead so it can't be extracted or readable?

Thanks as always

LuanTeles · Oct 2, 2020

Xploiting said:
Hey guys

Quick question.

If I have a Xml file that I'll be using in a pkg, is it possible to encrypt it so others cannot pull it from there system and see my code/copy my code?

Obviously just encryption of the xml using notepad ++ renders the xml unreadable by the ps3 so wondered if it was even possible.

Or is it possible to encrypt/protect a pkg file instead so it can't be extracted or readable?

Thanks as always

It is not possible.

Xploiting · Oct 2, 2020

LuanTeles said:
It is not possible.

Thank you for clearing that up. Least now I can stop looking for something that doesn't exist.

Another thought I had was about how mod menus work with the "key" file or if is possible make a pkg have a kind of built in password to access it on the PS3?

Louay · Oct 2, 2020

Xploiting said:
Thank you for clearing that up. Least now I can stop looking for something that doesn't exist.

Another thought I had was about how mod menus work with the "key" file or if is possible make a pkg pkg have a kind of built in password to access it on the PS3?

lol even if pkg have password the files will be installed to system storage so pkg will not make difference after installation

Xploiting · Oct 2, 2020

Louay said:
lol even if pkg have password the files will be installed to system storage so pkg will not make difference after installation

I get that, but I was thinking off if there was a way of adding some kind of sprx to the ps3 that would validate if the pkg (or code within the pkg xml files would run). Much like the "key" to a sprx mod menu like Extortion or Paradise.

Berion · Oct 2, 2020

You can write Your own installer which could decrypting encrypted XML files. But if You want use them i.e not as config for game or tool, but as resource system file, then at the end it must be plain text (do You think PS3 firmware will read Your mind to determine how to decrypt them? :P).

BTW: Any kind of scrambling homebrew is totally pointless... Every barrier can be break so if someone is determine to "steal" (really, this is a proper word?) will do this, no matter what. And in the name of what You want limiting Your own code/script? This really have no sense. Especially that after few years later, no one will remember You or the guy who i.e modify Your XML and claims it was his. Sorry, but this is very harsh true. Peoples in community rotating. I'm on scene since PSX, remember a lot of peoples but the users do not remembering me (they doesn't even care who wrote that or this, which I'm fine with it of course, I just trying to show You that is not the best place for looking fame, the science is

). Idea behind of homebrew stuff is just fun (from game modifying, system modifying, apps modifying, creating etc.) and satisfy that You doing what is forbidden zone for majority of population.

sandungas · Oct 3, 2020

The theory is... if you are going to use something encrypted you should relly in a key that is going to be located either in your software or in the PS3

Incase you add it in the software (obfuscated, or with some kind of protection you invented) then is going to become the target for hackers to get it... is like a game in itself, you just need to try to hide something to call the attention of the people that can crack your security, and they are going to achieve it soon or later

The other way is to use one of the keys from the PS3... most of them are common so you should use something that is unique... like the console ID (IDPS)
Lets say... you tell me your IDPS in private, and i encrypt the program with it... this way the program can work only in your PS3
Everybody can install it, but the program is not going to run in his PS3 because his IDPS doesnt matches

Xploiting · Oct 11, 2020

sandungas said:
The theory is... if you are going to use something encrypted you should relly in a key that is going to be located either in your software or in the PS3

Incase you add it in the software (obfuscated, or with some kind of protection you invented) then is going to become the target for hackers to get it... is like a game in itself, you just need to try to hide something to call the attention of the people that can crack your security, and they are going to achieve it soon or later

The other way is to use one of the keys from the PS3... most of them are common so you should use something that is unique... like the console ID (IDPS)
Lets say... you tell me your IDPS in private, and i encrypt the program with it... this way the program can work only in your PS3

So it is possible.

I get the it will become a target for hackers. What I am wanting to achieve is a way of stopping distribution of a collection of homebrews and modmenus that me and my friends have been working on and loaded that all into a server based download progame.

@sandungas because we are talking IDPS details, can we maybe take the conversation private?

sandungas · Oct 11, 2020

I was just theorizing, i cant help with that

The point is if you want to encrypt something and you want to allow the user to decrypt it there is going to be a point where the user is going to have the decryption key, so they can get it

Xploiting · Oct 11, 2020

Berion said:
You can write Your own installer which could decrypting encrypted XML files. But if You want use them i.e not as config for game or tool, but as resource system file, then at the end it must be plain text (do You think PS3 firmware will read Your mind to determine how to decrypt them? :P).

BTW: Any kind of scrambling homebrew is totally pointless... Every barrier can be break so if someone is determine to "steal" (really, this is a proper word?) will do this, no matter what. And in the name of what You want limiting Your own code/script? This really have no sense. Especially that after few years later, no one will remember You or the guy who i.e modify Your XML and claims it was his. Sorry, but this is very harsh true. Peoples in community rotating. I'm on scene since PSX, remember a lot of peoples but the users do not remembering me (they doesn't even care who wrote that or this, which I'm fine with it of course, I just trying to show You that is not the best place for looking fame, the science is ). Idea behind of homebrew stuff is just fun (from game modifying, system modifying, apps modifying, creating etc.) and satisfy that You doing what is forbidden zone for majority of population.

Fully understand, the point behind wanting to encrypt is so the things me and my friends are working on stay private (for now), again its more a case of learing if its possible, how and what its limits word be, like an educational piece.

sandungas · Oct 11, 2020

Xploiting said:
Fully understand, the point behind wanting to encrypt is so the things me and my friends are working on stay private (for now), again its more a case of learing if its possible, how and what its limits word be, like an educational piece.

The security in the PS3 works as a cascade, where all the lower levels of the cascade can be decrypted by higer levels
In plain words, everything running in a PS3 can be decrypted and dumped in decrypted format, except bootldr and metldr

metldr can be exploited and the key inside it extracted, but we cant make a dump of a decrypted metldr
So... we can say metldr is still secure

Xploiting · Oct 11, 2020

sandungas said:
I was just theorizing, i cant help with that

The point is if you want to encrypt something and you want to allow the user to decrypt it there is going to be a point where the user is going to have the decryption key, so they can get it

OK that cool. sorry, i miss understood.

So as i have just mentioned to @Berion this is more of a educational thing, yes ive edited some xml files and we have created a libary of the homebrews and some mod menus/ xmb loader that we have worked on as a team. We looked at things like the paid sprx menus that are available for games and wondered if we could add like a username/password or a "key system" to a pkg and its kinda spiraled from there.
Im guessing that for the above it needs the .sprx to be able to call data from a server or something along those lines, not something a xml file can do.

I appriciate you guys taking the time to reply and now feel that its something that is
a - kinda pointless and
b - not worth the hasse

Encrypt Xml files

Xploiting

Member

LuanTeles

Xploiting

Member

Louay

Senior Member

Xploiting

Member

Berion

sandungas

Xploiting

Member

sandungas

Xploiting

Member

sandungas

Xploiting

Member

Similar threads