Page 1 of 2 12 LastLast
Results 1 to 10 of 13

Thread: PS3 scanners

  1. #1
    Just burned his ISO akenateb's Avatar
    Join Date
    Mar 2010
    Posts
    19

    Post PS3 scanners

    I was bored a few days ago and i did some scanners against my PS3 and it reported some interesting things.

    IP Protocol Scan

    Starting Nmap 4.50 () at 2008-03-22 13:43 GMT
    --------------- Timing report ---------------
    hostgroups: min 1, max 100000
    rtt-timeouts: init 1000, min 100, max 10000
    max-scan-delay: TCP 1000, UDP 1000
    parallelism: min 0, max 0
    max-retries: 10, host-timeout: 0
    ---------------------------------------------
    Initiating ARP Ping Scan at 13:43
    Scanning 192.168.1.30 [1 port]
    Packet capture filter (device eth1): arp and ether dst host 00:90:4B:EC:A3:69
    Completed ARP Ping Scan at 13:43, 0.04s elapsed (1 total hosts)
    mass_rdns: Using DNS server 80.58.61.250
    mass_rdns: Using DNS server 80.58.61.254
    Initiating Parallel DNS resolution of 1 host. at 13:43
    mass_rdns: 0.10s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
    Completed Parallel DNS resolution of 1 host. at 13:43, 0.10s elapsed
    DNS resolution of 1 IPs took 0.10s. Mode: Async [#: 2, OK: 0, NX: 1, DR: 0, SF: 0, TR: 1, CN: 0]
    Initiating IPProto Scan at 13:43
    Scanning 192.168.1.30 [256 ports]
    Packet capture filter (device eth1): dst host 192.168.1.35 and (icmp or (src host 192.168.1.30))
    Discovered open port 1/ip on 192.168.1.30
    Discovered open port 6/ip on 192.168.1.30
    Discovered open port 17/ip on 192.168.1.30
    Completed IPProto Scan at 13:43, 1.31s elapsed (256 total ports)
    Host 192.168.1.30 appears to be up ... good.
    Interesting protocols on 192.168.1.30:
    Not shown: 252 closed protocols
    Reason: 252 proto-unreaches

    PROTOCOL STATE SERVICE REASON
    1 open icmp port-unreach
    2 open|filtered igmp no-response
    6 open tcp proto-response
    17 open udp port-unreach

    MAC Address: 00:19:C5:3B:**:53 (Sony Computer Entertainment,)
    Final times for host: srtt: 121064 rttvar: 1671 to: 127748

    Read from /usr/local/share/nmap: nmap-mac-prefixes nmap-os-db nmap-protocols.
    Nmap done: 1 IP address (1 host up) scanned in 1.711 seconds
    TCP Scan

    Starting Nmap 4.50 ( ) at 2008-03-22 20:55 GMT
    --------------- Timing report ---------------
    hostgroups: min 1, max 100000
    rtt-timeouts: init 1000, min 100, max 10000
    max-scan-delay: TCP 1000, UDP 1000
    parallelism: min 0, max 0
    max-retries: 10, host-timeout: 0
    ---------------------------------------------
    Initiating ARP Ping Scan at 20:55
    Scanning 192.168.1.30 [1 port]
    Packet capture filter (device eth1): arp and ether dst host 00:90:4B:EC:A3:69
    Completed ARP Ping Scan at 20:55, 0.02s elapsed (1 total hosts)
    mass_rdns: Using DNS server 80.58.61.250
    mass_rdns: Using DNS server 80.58.61.254
    Initiating Parallel DNS resolution of 1 host. at 20:55
    mass_rdns: 0.07s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
    Completed Parallel DNS resolution of 1 host. at 20:55, 0.07s elapsed
    DNS resolution of 1 IPs took 0.07s. Mode: Async [#: 2, OK: 0, NX: 1, DR: 0, SF: 0, TR: 1, CN: 0]
    Initiating Connect Scan at 20:55
    Scanning 192.168.1.30 [10001 ports]
    Increased max_successful_tryno for 192.168.1.30 to 1 (packet drop)
    Increased max_successful_tryno for 192.168.1.30 to 2 (packet drop)
    Discovered open port 9293/tcp on 192.168.1.30
    Completed Connect Scan at 20:56, 15.67s elapsed (10001 total ports)
    Initiating Service scan at 20:56
    Scanning 1 service on 192.168.1.30
    Completed Service scan at 20:57, 66.18s elapsed (1 service on 1 host)
    Packet capture filter (device eth1): dst host 192.168.1.35 and (icmp or (tcp and (src host 192.168.1.30)))
    Initiating OS detection (try #1) against 192.168.1.30
    OS detection timingRatio() == (1206219440.490 - 1206219439.970) * 1000 / 500 == 1.042
    Retrying OS detection (try #2) against 192.168.1.30
    OS detection timingRatio() == (1206219442.411 - 1206219441.891) * 1000 / 500 == 1.042
    Retrying OS detection (try #3) against 192.168.1.30
    OS detection timingRatio() == (1206219444.331 - 1206219443.811) * 1000 / 500 == 1.042
    Retrying OS detection (try #4) against 192.168.1.30
    OS detection timingRatio() == (1206219447.756 - 1206219447.236) * 1000 / 500 == 1.040
    Retrying OS detection (try #5) against 192.168.1.30
    OS detection timingRatio() == (1206219449.725 - 1206219449.205) * 1000 / 500 == 1.040

    SCRIPT ENGINE: Initialized 4 rules
    SCRIPT ENGINE: Matching rules.
    SCRIPT ENGINE: Will run /usr/local/share/nmap/scripts/skype_v2-version.nse against 192.168.1.30:9293
    SCRIPT ENGINE: Running scripts.
    SCRIPT ENGINE: Runlevel: 1.000000
    Initiating SCRIPT ENGINE at 20:57
    Completed SCRIPT ENGINE at 20:57, 0.01s elapsed
    SCRIPT ENGINE: Script scanning completed.
    Host 192.168.1.30 appears to be up ... good.
    Interesting ports on 192.168.1.30:
    Not shown: 10000 closed ports
    Reason: 10000 conn-refused

    PORT STATE SERVICE REASON VERSION
    9293/tcp open unknown syn-ack

    1 service unrecognized despite returning data. If you know the service/version, please submit the following fingerprint at:


    MAC Address: 00:19:C5:3B:**:53 (Sony Computer Entertainment,)
    No exact OS matches for host (If you know what OS is running on it, see ).

    TCP/IP fingerprint:
    OS:SCAN(V=4.50%D=3/22%OT=9293%CT=1%CU=30166%PV=Y%DS=1%G=Y%M=0019C5%TM =47E57
    OS:2BA%P=i686-pc-linux-gnu)SEQ(SP=DB%GCD=1%ISR=DD%II=I%TS=0)SEQ(SP=DE%GCD =1
    OS:%ISR=DF%II=I%TS=0)SEQ(SP=DE%GCD=1%ISR=DD%II=I%T S=0)SEQ(SP=D9%GCD=1%ISR=D
    OS:E%II=I%TS=0)SEQ(SP=D7%GCD=1%ISR=E1%II=I%TS=0)OP S(O1=M5B4NW0NNT01%O2=M5B4
    OS:NW0NNT01%O3=M5B4NW0NNT01%O4=M5B4NW0NNT01%O5=M5B 4NW0NNT01%O6=M5B4NNT01)WI
    OS:N(W1=FFFF%W2=FFFF%W3=FFFF%W4=FFFF%W5=FFFF%W6=FF FF)ECN(R=Y%DF=Y%T=40%W=FF
    OS:FF%O=M5B4NW0%CC=N%Q=)T1(R=Y%DF=Y%T=40%S=O%A=S+% F=AS%RD=0%Q=)T2(R=Y%DF=N%
    OS:T=40%W=0%S=Z%A=S%F=AR%O=%RD=0%Q=)T3(R=Y%DF=Y%T= 40%W=FFFF%S=O%A=S+%F=AS%O
    OS:=M5B4NW0NNT01%RD=0%Q=)T4(R=Y%DF=N%T=40%W=0%S=A% A=Z%F=R%O=%RD=0%Q=)T5(R=Y
    OS:%DF=N%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=)T6(R=Y% DF=N%T=40%W=0%S=A%A=Z%F=R
    OS:%O=%RD=0%Q=)T7(R=Y%DF=N%T=40%W=0%S=Z%A=S%F=AR%O =%RD=0%Q=)U1(R=Y%DF=N%T=F
    OS:F%TOS=0%IPL=38%UN=0%RIPL=G%RID=G%RIPCK=G%RUCK=G %RUL=G%RUD=G)IE(R=Y%DFI=N
    OS:%T=FF%TOSI=S%CD=S%SI=S%DLI=S)


    Network Distance: 1 hop
    TCP Sequence Prediction: Difficulty=215 (Good luck!)
    IP ID Sequence Generation: Busy server or unknown class
    Final times for host: srtt: 2255 rttvar: 1152 to: 100000

    Read from /usr/local/share/nmap: nmap-mac-prefixes nmap-os-db nmap-rpc nmap-service-probes nmap-services.
    OS and Service detection performed. Please report any incorrect results at .
    Nmap done: 1 IP address (1 host up) scanned in 92.706 seconds
    UDP Scan

    Starting Nmap 4.50 ( ) at 2008-03-22 20:49 GMT

    --------------- Timing report ---------------
    hostgroups: min 1, max 100000
    rtt-timeouts: init 1000, min 100, max 10000
    max-scan-delay: TCP 1000, UDP 1000
    parallelism: min 0, max 0
    max-retries: 10, host-timeout: 0
    ---------------------------------------------
    Initiating ARP Ping Scan at 20:49
    Scanning 192.168.1.30 [1 port]
    Packet capture filter (device eth1): arp and ether dst host 00:90:4B:EC:A3:69
    Completed ARP Ping Scan at 20:49, 0.02s elapsed (1 total hosts)
    mass_rdns: Using DNS server 80.58.61.250
    mass_rdns: Using DNS server 80.58.61.254
    Initiating Parallel DNS resolution of 1 host. at 20:49
    mass_rdns: 0.07s 0/1 [#: 2, OK: 0, NX: 0, DR: 0, SF: 0, TR: 1]
    Completed Parallel DNS resolution of 1 host. at 20:49, 0.07s elapsed
    DNS resolution of 1 IPs took 0.07s. Mode: Async [#: 2, OK: 0, NX: 1, DR: 0, SF: 0, TR: 1, CN: 0]
    Initiating UDP Scan at 20:49
    Scanning 192.168.1.30 [10001 ports]
    Packet capture filter (device eth1): dst host 192.168.1.35 and (icmp or (udp and (src host 192.168.1.30)))
    Increased max_successful_tryno for 192.168.1.30 to 1 (packet drop)
    Completed UDP Scan at 20:49, 17.39s elapsed (10001 total ports)
    Initiating Service scan at 20:49
    Scanning 4 services on 192.168.1.30
    Service scan Timing: About 25.00% done; ETC: 20:53 (0:02:30 remaining)
    Completed Service scan at 20:50, 50.02s elapsed (4 services on 1 host)
    Packet capture filter (device eth1): dst host 192.168.1.35 and (icmp or (tcp and (src host 192.168.1.30)))

    Initiating OS detection (try #1) against 192.168.1.30
    SCRIPT ENGINE: Initiating script scanning.
    SCRIPT ENGINE: Script scanning .
    SCRIPT ENGINE: Using /usr/local/libexec/nmap/nselib-bin/?.so;./?.so;/usr/local/lib/lua/5.1/?.so;/usr/local/lib/lua/5.1/loadall.so to search for C-modules and /usr/local/share/nmap/nselib/?.lua;./?.lua;/usr/local/share/lua/5.1/?.lua;/usr/local/share/lua/5.1/?/init.lua;/usr/local/lib/lua/5.1/?.lua;/usr/local/lib/lua/5.1/?/init.lua for Lua-modules

    PORT STATE SERVICE REASON VERSION
    0/udp open|filtered unknown no-response
    67/udp open|filtered dhcps no-response
    1024/udp open|filtered unknown no-response
    9293/udp open|filtered unknown no-response


    Device type: general purpose|game console
    Running: NetBSD 4.X, QNX 6.X, Sony embedded
    OS details: NetBSD 4.99.4 (x86), QNX 6.2.1 (x86), Sony PlayStation 3 game console

    OS Fingerprint:
    OS:SCAN(V=4.50%D=3/22%OT=%CT=%CU=1%PV=Y%DS=1%G=N%M=0019C5%TM=47E57120 %P=i68
    OS:6-pc-linux-gnu)T5(R=Y%DF=N%T=40%W=0%S=Z%A=S+%F=AR%O=%RD=0%Q=) T6(R=Y%DF=N
    OS:%T=40%W=0%S=A%A=Z%F=R%O=%RD=0%Q=)T7(R=Y%DF=N%T= 40%W=0%S=Z%A=S%F=AR%O=%RD
    OS:=0%Q=)U1(R=Y%DF=N%T=FF%TOS=0%IPL=38%UN=0%RIPL=G %RID=G%RIPCK=G%RUCK=G%RUL
    OS:=G%RUD=G)IE(R=Y%DFI=N%T=FF%TOSI=S%CD=S%SI=S%DLI =S)

    Network Distance: 1 hop
    Final times for host: srtt: 82815 rttvar: 98121 to: 475299

    Read from /usr/local/share/nmap: nmap-mac-prefixes nmap-os-db nmap-service-probes nmap-services.
    OS and Service detection performed. Please report any incorrect results at .
    Nmap done: 1 IP address (1 host up) scanned in 68.257 seconds
    Trying now with nessus scan.

  2. #2
    Just burned his ISO akenateb's Avatar
    Join Date
    Mar 2010
    Posts
    19

    Default

    Scan time :
    Start time : Tue Mar 25 16:12:28 2008
    End time : Tue Mar 25 16:13:15 2008
    Number of vulnerabilities :
    Open ports : 1
    Low : 7
    Medium : 2
    High : 0
    Information about the remote host :

    Operating system : NetBSD 1.6
    NetBIOS name : (unknown)
    DNS name : (unknown)

    Port unknown (9293/tcp)

    Port general/udp
    Traceroute
    For your information, here is the traceroute from 192.168.1.35 to 192.168.1.30 :
    192.168.1.35
    192.168.1.30

    Port general/tcp
    Dont print on AppSocket & socketAPI printers

    The host seems to be an AppSocket or socketAPI printer.
    Scanning it will waste paper. So port 9100 wont be scanned.

    Risk factor : None

    Remote host replies to SYN+FIN

    Synopsis :

    It may be possible to bypass firewall rules.

    Description :

    The remote host does not discard TCP SYN packets which have
    the FIN flag set.

    Depending on the kind of firewall you are using, an attacker
    may use this flaw to bypass its rules.

    Solution :

    Contact your vendor for a patch.

    Risk factor :

    Medium / CVSS Base Score : 5.0
    (CVSS2#AV:N/AC:L/Au:N/C:N/IRazz/A:N)
    BID : 7487
    Other references : OSVDB:2118

    TCP timestamps

    Synopsis :

    The remote service implements TCP timestamps.

    Description :

    The remote host implements TCP timestamps, as defined by RFC1323.
    A side effect of this feature is that the uptime of the remote
    host can sometimes be computed.

    Risk factor :

    None

    Source routed packets

    The remote host accepts loose source routed IP packets.
    The feature was designed for testing purpose.
    An attacker may use it to circumvent poorly designed IP filtering
    and exploit another flaw. However, it is not dangerous by itself.

    Solution : drop source routed packets on this host or on other ingress
    routers or firewalls.


    Risk factor : Low

    OS Identification

    Remote operating system : NetBSD 1.6
    Confidence Level : 65
    Method : SinFP


    The remote host is running NetBSD 1.6

    Port general/icmp
    icmp timestamp request

    Synopsis :

    It is possible to determine the exact time set on the remote host.

    Description :

    The remote host answers to an ICMP timestamp request. This allows an
    attacker to know the date which is set on your machine.

    This may help him to defeat all your time based authentication
    protocols.

    Solution :

    Filter out the ICMP timestamp requests (13), and the outgoing ICMP
    timestamp replies (14).

    Risk factor :

    None

    Plugin output :

    The difference between the local and remote clocks is 54103 seconds

    CVE : CVE-1999-0524

    Record route
    Here is the route recorded between 192.168.1.35 and 192.168.1.30 :
    192.168.1.30

    Now trying with nemesis. I will thank any idea.

    Regards.

  3. #3
    Just burned his ISO akenateb's Avatar
    Join Date
    Mar 2010
    Posts
    19

    Default

    bt ~ # telnet 192.168.1.30 9293
    Trying 192.168.1.30...
    Connected to 192.168.1.30.
    Escape character is '^]'.

    HTTP/1.1 403 Forbidden
    Connection: close
    Pragma: no-cache
    Content-Length: 0
    PREMO-Version: 0.1
    PREMO-Application-Reason: 00000000

    Connection closed by foreign host.
    bt ~ # telnet 192.168.1.30 9293
    Trying 192.168.1.30...
    Connected to 192.168.1.30.
    Escape character is '^]'.
    LIST
    HTTP/1.1 403 Forbidden
    Connection: close
    Pragma: no-cache
    Content-Length: 0
    PREMO-Version: 0.1
    PREMO-Application-Reason: 80029804

    Connection closed by foreign host.
    bt ~ # telnet 192.168.1.30 9293
    Trying 192.168.1.30...
    Connected to 192.168.1.30.
    Escape character is '^]'.
    STATUS
    HTTP/1.1 403 Forbidden
    Connection: close
    Pragma: no-cache
    Content-Length: 0
    PREMO-Version: 0.1
    PREMO-Application-Reason: 80029804

    Connection closed by foreign host.
    bt ~ # telnet 192.168.1.30 9293
    Trying 192.168.1.30...
    Connected to 192.168.1.30.
    Escape character is '^]'.
    USER
    HTTP/1.1 403 Forbidden
    Connection: close
    Pragma: no-cache
    Content-Length: 0
    PREMO-Version: 0.1
    PREMO-Application-Reason: 80029804

    Connection closed by foreign host.
    bt ~ # telnet 192.168.1.30 9293
    Trying 192.168.1.30...
    Connected to 192.168.1.30.
    Escape character is '^]'.
    GET

    HTTP/1.1 403 Forbidden
    Connection: close
    Pragma: no-cache
    Content-Length: 0
    PREMO-Application-Reason: 80029843

    Connection closed by foreign host.
    bt ~ # telnet 192.168.1.30 9293
    Trying 192.168.1.30...
    Connected to 192.168.1.30.
    Escape character is '^]'.
    GET
    LIST
    HTTP/1.1 403 Forbidden
    Connection: close
    Pragma: no-cache
    Content-Length: 0
    PREMO-Version: 0.1
    PREMO-Application-Reason: 80711006

    Connection closed by foreign host.
    bt ~ # telnet 192.168.1.30 9293
    Trying 192.168.1.30...
    Connected to 192.168.1.30.
    Escape character is '^]'.
    GET
    USER
    HTTP/1.1 403 Forbidden
    Connection: close
    Pragma: no-cache
    Content-Length: 0
    PREMO-Version: 0.1
    PREMO-Application-Reason: 80711006

    Connection closed by foreign host.
    bt ~ # telnet 192.168.1.30 9293
    Trying 192.168.1.30...
    Connected to 192.168.1.30.
    Escape character is '^]'.
    GET
    STATUS
    HTTP/1.1 403 Forbidden
    Connection: close
    Pragma: no-cache
    Content-Length: 0
    PREMO-Version: 0.1
    PREMO-Application-Reason: 80711006

    Connection closed by foreign host.

    No comments.

  4. #4
    Junior Member
    Join Date
    Nov 2007
    Posts
    79

    Default

    Hiya

    Just thought I would let you know that the port 9293 is used in comunications with the PSP.

    Have a look here.
    http://www.ps3hax.net/announcement/3...p-exploit.html

    Also those PREMO application reasons are PS3 error codes.
    For instance this is one of yours errors and the explaination 80029843

    The PS3 system that this system is registered with was not found. Check that you have selected [Network] >[Remote Play] on the PS3 system. (80029843)


    Might help you.
    ;-)

    Also I'm working on exactly the same kids of things,
    In older firmwares SMTP was open as was 110 POP but they closed this when I made a post about it being Vuln.

    My scans in the past have been the same as yours totally locked down.
    Here is some info from which i stored randomly as a brain dump for future use.
    the underlying library used to make http requests is "LIBHTTP"

    Also it seems that all secure online transactions use this cipher
    Cipher Suite: TLS_RSA_WITH_3DES_EDE_CBC_SHA (0x000a)

    Ofcourse it also uses DNAS when doing most of its stuff.
    Here is a link to how DNAS works . DNAS

    Most of the servers used for gaming use use Http Basic Digest Authentication. (username plaintext and MD5 hashed pass) The pass chages every 30 seconds or so. (MITM can get around the need to decode that Hash).

    ******************************************
    Host 192.168.1.5 appears to be up ... good.
    All 1711 scanned ports on 192.168.1.5 are closed
    MAC Address: 00:19:C5:70:**:B9 (Sony Computer Entertainment,)
    Warning: OSScan results may be unreliable because we could not find at least 1 open and 1 closed port
    Device type: general purpose|game console
    Running: NetBSD 4.X, QNX 6.X, Sony embedded
    OS details: NetBSD 4.99.4 (x86), QNX 6.2.1 (x86), Sony PlayStation 3 game console
    Network Distance: 1 hop

    ****************************
    FIN Scan on Nmap

    Interesting ports on 192.168.1.5:
    Not shown: 1708 closed ports
    PORT STATE SERVICE VERSION
    595/tcp filtered cab-protocol
    726/tcp filtered unknown
    4343/tcp filtered unicall
    MAC Address: 00:19:C5:70:**:B9 (Sony Computer Entertainment,)

    If you find anything interesting let me know ;-)

  5. #5
    Just burned his ISO akenateb's Avatar
    Join Date
    Mar 2010
    Posts
    19

    Default

    Let me thank you for your help first of all.
    And of course if i find something interesting i will post here.

    R3g@rd$.

  6. #6
    Junior Member
    Join Date
    Nov 2007
    Posts
    79

    Default

    PS3 Access Point,

    If you use a PSP for "Remote Play" you'll notice that the PS3 then becomes an access point.

    WPA - CCMP

    I'm guessing its WPA2 as Cowpatty won't accept the handshake file and I know that it has issues with WPA2.

    just getting my SQL DB sorted so I can get a decent wordist to try out.

    Not sure if anything will be gained by accessing the PS3's private network, hopefully it would open some ports.

  7. #7
    Just burned his ISO akenateb's Avatar
    Join Date
    Mar 2010
    Posts
    19

    Default

    Hello again:

    PS3 wireless uses WPA PSK AES-CCM

    h**p://img505.imageshack.us/my.php?image=ps3wirelessuw8.png.

    At this moment im using aircrack-ng with:

    A dictionary with 10000000 words, 32 digits
    A .cap file with 800000 packets captured

    More than 4000000 keys viewed till now.

    Its curious to see aircrack working... with backtrack we have got a processing around 135 k/s, with windoles and PS3 fedora we've got around 65 k/s (!)

    With ettercap we can sniff and inject data into communication between psp/ps3, payloads too, but surely we need to use specify encrypted data. Encrypted data as we find with .pkg files, its used for psp/ps3.

    We can also mount hard disk w/r with busybox, we call busybox at the kboot prompt, but how can we access to encrypted device (hard disk) ?

    Here is where i am.

    There's some other ways to study like pkg's decrypt, or directly hardware.

    Well that is, i hope sharing information helps somenthing.

    R3g@rd$

  8. #8
    Junior Member
    Join Date
    Nov 2007
    Posts
    79

    Default

    Have you tried changing the WPA key used in Remote Play.

    I have done this and I can connect to the Playstation3's private network (access point) that it creates. However only in Windows as I can't get Backtrack to connect on WPA even after following the guide done by Xploitz ;-(

  9. #9
    Just burned his ISO akenateb's Avatar
    Join Date
    Mar 2010
    Posts
    19

    Default

    Good Morning, im just waking up now.

    Nop, i've not tried to change WPA Key, and it sounds very interesting, could you give me some instruction about it? or where can i read how to change it?.

    BTW I will try to find some information, looking for Xploitz documents.
    we continue step by step.

    R3g@rd$.

  10. #10
    Junior Member
    Join Date
    Nov 2007
    Posts
    79

    Default

    You will need a Ps3 and PSP to be able to change the key

    http://manuals.playstation.net/docum...ectremote.html
    http://manuals.playstation.net/docum...lay/ready.html

    Don't choose the easy option instead choose custom and then you have the option to change the WPA Key.

    I then turn the PS3 off and comence Remote Play via a PSP

    And as we know the Key we can connect to the Ps3 with any device. (PC)

    I have an Alfa USB adapter so I'm suffering like many others from this
    http://forums.remote-exploit.org/sho...ght=supplicant

    I have not yet worked out how to use NdisWrapper which I'm guessing means loading a windows driver?.

Page 1 of 2 12 LastLast

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •