If you're still on the hunt for a PS3 (and haven't fell for one of those
eBay scams just yet), here's an alternate (and relatively
safe) way to finally snag one of your own while earning some bragging rights to boot. If you're not the savviest
camper (or
thief), but you're packin' the heat when it comes to programming skills, listen up -- the "0wn a PS3 and own it" challenge is in full effect, and the one thing between you and a PS3 is a seemingly simple web hack. If you manage to replace the JPEG image (pictured above) on the linked website while abiding by the site rules (no DOS attacks, etc.), you become the proud owner of a modified
PS3 which sports a 160GB hard drive,
HDMI cable, Fedora
Linux pre-installed, and a free game for when you're not
tinkering around in the OS. The site is reportedly running on this very PlayStation 3, loaded up with Fedora Linux and a presumed heavy amount of security around the said picture. So, what are you waiting for? Hit the read link and get to work, because you've only got until "the beginning of January 2007" to pull it off.
[Via
Digg]
posted Nov 26th 2006 5:37PM
I'll have it done by tomorrow morning.
whats the first thing i need to do
h4x it to pr0n
I'll forward it to my site later. Can you get this PS3 to the UK?
it should just be a matter of figuring out a loophole in fedora..
That statement wins the "Easier said than done" award of the year.
"NO OTHER ALTERATION OF THIS PS3'S FILES IS PERMITTED."
Odd... is the index hosted from the PS3 itself? Suddenly the Always On design seems... undesirable
I'm connected to SSH as root. Who in gods name patched this server? o.o
How did you do that, Hexxeh? SSH, thats 'secure shell', right?
Did you do that through a web browser?
Someone put Goatse on it.
Great Challenge guys, thanks for the info... I'll try to inform some buddies in The Philippines if they know how to do this stuff... at least someone should have this in the Third world, not just build it..
(nicholas)
http://www.tingog.com
No I wrote a shell script that makes use of a recent pre-auth exploit. I don't really want a PS3 though. If I can hack it so easily, I don't want it to be a problem on my network.
What's that smell?
You're saying you don't want the PS3 because Fedora is a security hazard...?
Mmm...Digg Effect = no loady.
Not loading because I just closed Apache. He's got it set to autorespawn though, so he obviously doesn't want me to disable access.
Hmm, I noticed it's openssh 2.3 earlier today as well...
I probably should have look deeper for exploits for fixes mentioned in the 2.4 release notes :/
Anyways, congrats to you I guess.
I smell it too
Well, if you don't wnat it but can hack it... I want it but can't hack it sooo.. let me know haha.
yeah here too *sniff* *sniff*. I think it crashed. Probably got swamped with requests and either crashed it or timed out.
meh...
Ive got porn to look at and beer to drink
I meant the server is 4.3 ... now I feel stupid for getting the major version number wrong.
Aww someone's gonna take a PS3 of that poor innocent baby :( lol
I have no idea how to hack but i'll take it if someone gets it and doesnt want it....
If you claim to have hacked in, but didn't want to actually win for some reason, then no, you haven't hacked in. You've just posted some comments claiming to have done so.
So, you know, go be lame somewhere else.
ha ha ha, the PS3 is located in Japan, opensource OS = easy hacks... FYI: hes useing a port generator that creates fake ports... only one out of thousands is the only open port. good luck.
that kid is WAY to big for a pacifier .. maybe the parents need to stop fooling around online and do some good ole ween action.
cute kitten in the background!
it must be a clue!
Oh, and btw, it has been dugg.
So, there are already idiots hammering away at this.
Yeah, easier said than done. Notice that he runs a net hosting company and claims "Privacy Proection". He probably wants to test his new security system and I guarantee you no one is gonna crack it, I just gave it a whirl and it seems to have some pretty solid security. If anyone DOES land up cracking it then, we're in trouble because that means we have a pretty hard-core hacker thas pretty much capable of anything.
The remote X Font Service for TrueType (xfstt) might be vulnerable to a buffer
overflow which may lead to code execution or a denial of service.
An attacker may use this flaw to gain root on this host
remotely or prevent X11 from working properly.
*** Note that Nessus did not actually check for the flaw
*** so this might be a false positive
Solution : Upgrade to the latest version of xfstt
Risk factor : High
CVE : CVE-2003-0581
BID : 8182
http://marc.theaimsgroup.com/?l=bugtraq&m=105829691405446&w=2
@ jesse.bower
Um, that's over 3 years old. Plus he slapped a copy of Fedora Core 5 on the PS3. I don't think it's possible that's still an issue.
Come to think of it, nessus will be almost useless because all of the ports are open (PortSentry or something like that).
It's a clever (600$) attempt to find someone to break through a form of security the author (or company) is testing for vulnerabilities and/or believes cannot be compromised. By hacking the ps3 (really, the os/packages), it's merely providing a wealth of research information for the little 600 cost. The ps3 crowd seems like a likely group to find such talent, and the prize is attractive.
Just my theory anyway...
Dudes, the unit may have a 160GB HDD installed, but it's still a 20GB model (read box in photo); thus, no WiFi and no memory card reader. Super lame.
But come'on...it's FREE...
How is that lame?
"I hAxeD it! lol"
-....is what were gonna hear from twenty annoying posers with no life.
ha....not funny...
anyways this guy is in Japan!
Japaneese people are like super smart! The 'security tester' idea probably is it.
:(
this thing still alive? can i just have this thing please? =D wanna see my picture?
http://img.photobucket.com/albums/v492/phogood4u/12-01-06/12-13-06/faceps3.jpg
i know im a bit late for this but i have some usefull info if you want to hack this ps3
--------------------------------------------------------------------------------
IP : 61.202.238.51 Neighborhood
Host : ?
Country : Japan
64.246.26.64 SOA ns12.zoneedit.com
- SOA soacontact.zoneedit.com
PING 61.202.238.51 (61.202.238.51) 56(84) bytes of data.
64 bytes from 61.202.238.51: icmp_seq=1 ttl=41 time=273 ms
64 bytes from 61.202.238.51: icmp_seq=2 ttl=40 time=287 ms
64 bytes from 61.202.238.51: icmp_seq=3 ttl=41 time=272 ms
3 packets transmitted, 3 received, 0% packet loss, time 2006ms
rtt min/avg/max/mdev = 272.779/277.688/287.070/6.663 ms