#1 Spot for PS3 Hacks
Folding@home | PS3-Hacks Live Chat | PS3 Reviews | Contact Us
You are not logged in.
#1 2009-04-27 22:20:37
- dashhacker
- D-Force
- Registered: 2009-04-27
- Posts: 79
Remote Play API Progress
Greetings...
Created a new topic regarding Remote Play Reverse Engineering. Progress is moving faster than I originally estimated. This is where I'm at:
COMPLETE:
- PSP homebrew application written to extract Remote Play keys.
- Authentication reverse-engineered and implemented in API.
- Audio and video stream decryption implemented in API.
TODO:
- Audio decoding (AAC using libfaad2) tested and working, to be implemented in API.
- Video decoding (AVC using libavcodec, or ???) to be looked at after audio decoder implementation.
- Event system to be implemented to send keyboard/mouse/joypad events to PS3.
- Release binary builds for Linux, Mac OSX, and Windows.
- Clean-up and document API.
- Release source code.
...and just a little teaser for those who know what they're looking at:
Code:
glitch ~/source/rp/orp $ make Compiler: g++ -g -pipe -I. -I/usr/include/SDL -D_GNU_SOURCE=1 -D_REENTRANT -I./config Linker: ld Defines: Libraries: -lSDL -lpthread -lcurl -l SDL_net -l crypto ./config/SDL_Config.a make -C config make[1]: Entering directory `/home/XXX/source/rp/orp/config' make[1]: Nothing to be done for `all'. make[1]: Leaving directory `/home/XXX/source/rp/orp/config' make MAKEFLAGS= deps make[1]: Entering directory `/home/XXX/source/rp/orp' [D] base64.cpp main.cpp orp.cpp make[1]: Leaving directory `/home/XXX/source/rp/orp' make orp make[1]: Entering directory `/home/XXX/source/rp/orp' [C] orp.o [L] orp make[1]: Leaving directory `/home/XXX/source/rp/orp' glitch ~/source/rp/orp $ ./orp * About to connect() to 192.168.XXX.XXX port 9293 (#0) * Trying 192.168.XXX.XXX... * connected * Connected to 192.168.XXX.XXX (192.168.XXX.XXX) port 9293 (#0) > GET /sce/premo/session HTTP/1.1 User-Agent: premo/1.0.0 libhttp/1.0.0 Host: 192.168.XXX.XXX:9293 Accept: */* PREMO-PSPID: XXX PREMO-Version: 0.3 PREMO-Mode: PREMO PREMO-Platform-Info: PSP PREMO-Pad-Info: PSP-Pad PREMO-UserName: XXX PREMO-Trans: capable Connection: Keep-Alive < HTTP/1.1 200 OK < SessionID: 0000001710794765 < Connection: close < Pragma: no-cache < Content-Length: 0 < PREMO-Version: 0.3 < PREMO-Video-Codec: AVC < PREMO-Video-Resolution: 480x272 < PREMO-Video-Bitrate: 384000-1024000 < PREMO-Video-ClockFrequency: 90000 < PREMO-Video-Framerate: 30 < PREMO-PS3-Nickname: XXX < PREMO-Power-Control: on < PREMO-Exec-Mode: VSH < PREMO-Audio-Codec: M4A < PREMO-Audio-SamplingRate: 48000 < PREMO-Audio-Channels: 2 < PREMO-Audio-Bitrate: 128000 < PREMO-Audio-ClockFrequency: 90000 < PREMO-Pad-Complete: on < PREMO-Pad-Assign: CROSS < PREMO-Trans-Mode: peer < PREMO-Nonce: OOL0Q0G7tznoYKvtghWvCQ== < * Closing connection #0 * About to connect() to 192.168.XXX.XXX port 9293 (#0) * Trying 192.168.XXX.XXX... * About to connect() to 192.168.XXX.XXX port 9293 (#0) * Trying 192.168.XXX.XXX... * connected * Connected to 192.168.XXX.XXX (192.168.XXX.XXX) port 9293 (#0) > GET /sce/premo/session/audio HTTP/1.1 User-Agent: premo/1.0.0 libhttp/1.0.0 Host: 192.168.XXX.XXX:9293 Accept: */* PREMO-Audio-Codec: M4A PREMO-Audio-Bitrate: 128000 PREMO-Auth: HTsNS7W/5ho+1LB2xOWNaw== SessionID: 0000001710794765 Connection: Keep-Alive * connected * Connected to 192.168.XXX.XXX (192.168.XXX.XXX) port 9293 (#0) > GET /sce/premo/session/video HTTP/1.1 User-Agent: premo/1.0.0 libhttp/1.0.0 Host: 192.168.XXX.XXX:9293 Accept: */* PREMO-Video-Codec: AVC PREMO-Video-Resolution: 480x272 PREMO-Auth: HTsNS7W/5ho+1LB2xOWNaw== SessionID: 0000001710794765 Connection: Keep-Alive < HTTP/1.1 200 OK < Pragma: no-cache < Transfer-Encoding: chunked < < HTTP/1.1 200 OK < Pragma: no-cache < Transfer-Encoding: chunked < ff 2e6b 01b1 5480 0012 0000 0105 000f a000 0001 1e11 001e 0000 49d1 80 2bba 01b1 4d00 0012 0000 0155 0001 f400 0000 0203 0000 0000 0000 80 2bbb 01b1 5480 0012 0000 0155 0001 f400 0000 0203 0000 0000 0000 ff 2e6c 01b1 5c00 0012 0000 0c30 000f a000 0001 1e11 001e 0000 49d2 80 2bbc 01b1 5c00 0012 0000 0156 0001 f400 0000 0203 0100 0000 0000 ff 2e6d 01b1 6380 0012 0000 03cf 000f a000 0001 1e11 001e 0000 49d4 80 2bbd 01b1 6380 0012 0000 0155 0001 f400 0000 0203 0000 0000 0000 80 2bbe 01b1 6b00 0012 0000 0155 0001 f400 0000 0203 0000 0000 0000 ff 2e6e 01b1 7280 0012 0000 0374 000f a000 0001 1e11 001e 0000 49d6 80 2bbf 01b1 7280 0012 0000 0156 0001 f400 0000 0203 0000 0000 0000 ff 2e6f 01b1 7a00 0012 0000 03d1 000f a000 0001 1e11 001e 0000 49d8 80 2bc0 01b1 7a00 0012 0000 0155 0001 f400 0000 0203 0100 0000 0000 80 2bc1 01b1 8180 0012 0000 0155 0001 f400 0000 0203 0000 0000 0000 ff 2e70 01b1 8900 0012 0000 03a2 000f a000 0001 1e11 001e 0000 49da 80 2bc2 01b1 8900 0012 0000 0156 0001 f400 0000 0203 0000 0000 0000 ff 2e71 01b1 9800 0012 0000 0401 000f a000 0001 1e11 001e 0000 49dc 80 2bc3 01b1 9080 0012 0000 0155 0001 f400 0000 0203 0000 0000 0000 80 2bc4 01b1 9800 0012 0000 0155 0001 f400 0000 0203 0100 0000 0000 ff 2e72 01b1 9f80 0012 0000 03e6 000f a000 0001 1e11 001e 0000 49de 80 2bc5 01b1 9f80 0012 0000 0156 0001 f400 0000 0203 0000 0000 0000 80 2bc6 01b1 a700 0012 0000 0155 0001 f400 0000 0203 0000 0000 0000 ff 2e73 01b1 ae80 0012 0000 2722 000f a000 0104 1e11 001e 0000 49e0 80 2bc7 01b1 ae80 0012 0000 0155 0001 f400 0000 0203 0000 0000 0000 ff 2e74 01b1 b600 0012 0000 02d7 000f a000 0001 1e11 001e 0000 49e2 80 2bc8 01b1 b600 0012 0000 0156 0001 f400 0000 0203 0100 0000 0000 80 2bc9 01b1 bd80 0012 0000 0155 0001 f400 0000 0203 0000 0000 0000 ff 2e75 01b1 c500 0012 0000 0362 000f a000 0001 1e11 001e 0000 49e4 80 2bca 01b1 c500 0012 0000 0155 0001 f400 0000 0203 0000 0000 0000 ff 2e76 01b1 cc80 0012 0000 037a 000f a000 0001 1e11 001e 0000 49e6 12 video packets captured. * Closing connection #0 80 2bcb 01b1 cc80 0012 0000 0156 0001 f400 0000 0203 0000 0000 0000 80 2bcc 01b1 d400 0012 0000 0155 0001 f400 0000 0203 0100 0000 0000 80 2bcd 01b1 db80 0012 0000 0155 0001 f400 0000 0203 0000 0000 0000 * Closing connection #0 * Transferred a partial file
Offline
#2 2009-04-27 22:57:55
Re: Remote Play API Progress
Great work!
dashhacker wrote:
- Event system to be implemented to send keyboard/mouse/joypad events to PS3.
when you say this does it mean that i would be able to use the keyboard and mouse on my laptop on the ps3 instead of wasting batteries in my BT ones? also would it mean that we can use a xbox controller hooked upto a laptop through USB as a gamepad for games in the ps3?
Offline
#3 2009-04-28 06:21:19
- dashhacker
- D-Force
- Registered: 2009-04-27
- Posts: 79
Re: Remote Play API Progress
when you say this does it mean that i would be able to use the keyboard and mouse on my laptop on the ps3 instead of wasting batteries in my BT ones?
I'm not sure that you're familiar with how Remote Play works. You will be able to control your PS3 from your laptop using any input device your laptop recognizes, including a Sony SIXAXIS/DS3 or an Xbox 360 controller. These are just USB (or bluetooth) controllers that appear to libSDL as joystick devices. I will create a proper "map" file for the SIXAXIS however, so the right button press results in the correct translation on the PS3.
Another update, as of 6:30AM EST:
- Video decoding (AVC using libavcodec, or ???) to be looked at after audio decoder implementation.
Changed to:
- Video decoding (H.264 ES libavcodec) tested and working, to be implemented in API.
Offline
#4 2009-04-28 10:25:49
- BCapper92
- Ascended Being
- From: Earth
- Registered: 2008-06-28
- Posts: 712
Re: Remote Play API Progress
Yeah, i read about this on the home page. It will be kool to spam psn on the go 
. Nice job.
Offline
#5 2009-04-29 15:16:15
- dashhacker
- D-Force
- Registered: 2009-04-27
- Posts: 79
Re: Remote Play API Progress
Another day, another update.
Completed audio and video decoding. Audio can/will run a little ahead of the video... this is a fairly complicated topic from what I read, though easy enough to correct. I've added a quick hack where audio frames are held back if the video stream lags behind. This keeps the audio in sync but of course causes slight audio skips every now and then. I'm not going to spend too much time working on synchronization as it's a lower priority compared to completing the rest of the API for release.
Working on the input event thread now. Once this is done, we'll have a feature-complete implementation!
COMPLETE:
- PSP homebrew application written to extract Remote Play keys.
- Authentication reverse-engineered and implemented in API.
- Audio and video stream decryption implemented in API.
- Audio decoding (AAC using libfaad2) implemented in API.
- Video decoding (H.264 ES libavcodec) implemented in API.
TODO:
- Event system to be implemented to send keyboard/mouse/joypad events to PS3.
- BETA release binary builds for Linux, Mac OSX, and Windows.
- Add proper audio+video synchronization (added a quick hack for now).
- Clean-up and document API.
- Release source code.
Offline
#6 2009-04-29 23:31:16
- Mr.Alaska
- PS3 Hacks Bruce Lee
- Registered: 2007-04-10
- Posts: 291
Re: Remote Play API Progress
I'm glad to see your making a Mac BETA. It's seems like no one making small programs for the PS3 or PSP. Keep up the good progress! 
Offline
#7 2009-04-30 22:12:09
- dashhacker
- D-Force
- Registered: 2009-04-27
- Posts: 79
Re: Remote Play API Progress
w00t!
Significantly improved audio+video synchronization today! It's still not "pro", but I'm much happier with it. Implemented an event system with bindings similar to what you're familiar with when using a USB keyboard connected to a PS3. Joystick support will follow after the initial BETA release.
Tomorrow I'll start a simple GUI to manage remote play profiles. This front-end will also launch sessions... a little more user-friendly than doing this stuff on the command-line. If all goes well, I'm hoping to have binaries for release by next week, depending on how multi-platform compilation goes.
COMPLETE:
- PSP homebrew application written to extract Remote Play keys.
- Authentication reverse-engineered and implemented in API.
- Audio and video stream decryption implemented in API.
- Audio decoding (AAC using libfaad2) implemented in API.
- Video decoding (H.264 ES libavcodec) implemented in API.
- Event system implemented, keyboard support working.
TODO:
- Design simple GUI to manage and launch configuration profiles.
- BETA release binary builds for Linux, Mac OSX, and Windows.
- Add proper audio+video synchronization (added a quick hack for now).
- Clean-up and document API.
- Release source code.
Offline
#8 2009-05-01 18:49:16
- Ryu
- Unas
- Registered: 2007-12-19
- Posts: 400
Re: Remote Play API Progress
it this true
Kid101skater statement - Dashhacker's "Reverse" is a fake!
News via streetskaterFU
Hello everyone!
Well some truth is to be known about the current statements about the Rumors that dashhacker has reversed the PSP remote play functions. Well all good and dandy but there is some news to be said about it.
Back when I was working on E-Premo I did alot of research in the dumps of the ram. And there are a few things that the PSP and the ps3 needed to get to connect.
ps3_name
ps3_mac
ps3_keytype
Anyways. They got this with 2 little pluggins from the PSP itself.
flash0:/vsh/resource/npsignin_plugin.rco
flash0:/vsh/module/npsignin_plugin.prx
Reversing those can also get you some basic information, and thats most likely what he did and tried to make a big hype about it.
Being the fact they have now upgraded the remote play a bit it may be a bit more advanced. They use 3 different keys based off the base64 algorythm *spelling*. Anyways it has to do with alot of signin and auth over an http network as the PS3 acts like a server on port 9293. And it runs off multiple information off the flash and relates it as Native: . It also works with certs, and UID (uniqueId).
There were also some sha keys as well and I never got to the point of figuring out where they came to use, but I'm sure they pull a point in authorizing everything.
Anyways, to basicly emulate the remote play you would have to fully emulate the PSP and use the stock remote play function as creating your own remote play will not correctly or even allow you to connect with the PS3.
Thanks. Kid101skater
__________________
Refurbished PS3 60GB Fw2.42 got on 01/20/2008
GAMES: Oblivion(NON-GOTY), GTAIV,Bionic Commando Rearmed, Disgaea 3. Mega Man 9, LBP
Offline
#11 2009-05-01 21:36:30
- The_Wii_Nes_Boy
- Stargate Found
- From: Scotland
- Registered: 2008-07-02
- Posts: 338
Re: Remote Play API Progress
Sound like a jealous little prat to me! 
Games I'm definitely gonna buy this month -
GOT: Uncharted 2: Among Thieves
STILL TO GET: Ratchet & Clank: A Crack In Time and Tekken 6
Offline
#12 2009-05-02 08:08:35
- jenkosz
- PS3 Hacks Member
- Registered: 2008-01-21
- Posts: 28
Re: Remote Play API Progress
keep up the good work dashhacker, im interested in your release.
Offline
#13 2009-05-02 21:07:39
- pachufir
- PS3 Hacks Kung Fu Is On
- Registered: 2008-01-19
- Posts: 257
Re: Remote Play API Progress
sick stuff, keep up the good work
PSN: Pachufir add me
Offline
#14 2009-05-04 13:35:59
- dashhacker
- D-Force
- Registered: 2009-04-27
- Posts: 79
Re: Remote Play API Progress
Monday Sucks!
The weekend wasn't as productive as I had hoped. With the awesome weather, I spent more time drinking beer in the sun than hacking on ORP. However, I was able to knock off one more thing from the TODO list. I just finished a very simple GUI front-end for the player. You can see two screen-shots below.
There is only one more thing left to do before I can release a BETA, and that's build ORP for Mac OSX and Windows. There will not be a static Linux binary, simply because it's a pain in the ass. However, Linux users can always compile their own binary from source when released.
As far as an ETA goes... I'm aiming for the end of the week. Fingers crossed, you may have something to play with by Friday. Depending on how the builds go!
COMPLETE:
- PSP homebrew application written to extract Remote Play keys.
- Authentication reverse-engineered and implemented in API.
- Audio and video stream decryption implemented in API.
- Audio decoding (AAC using libfaad2) implemented in API.
- Video decoding (H.264 ES libavcodec) implemented in API.
- Event system implemented, keyboard support working.
- Design simple GUI to manage and launch configuration profiles.
TODO:
- BETA release binary builds for Mac OSX, and Windows.
- Add proper audio+video synchronization (added a quick hack for now).
- Clean-up and document API.
- Release source code.
Offline
#16 2009-05-04 16:05:29
- wadderz
- PS3 Newbie
- Registered: 2009-05-04
- Posts: 2
Re: Remote Play API Progress
great work m8 cant w8 to try this out what decrytion did you use for video and audio
If you need any help i would be glad to i have an advanced degree in computer programming
Offline
#17 2009-05-04 16:45:44
- dashhacker
- D-Force
- Registered: 2009-04-27
- Posts: 79
Re: Remote Play API Progress
wadderz wrote:
great work m8 cant w8 to try this out what decrytion did you use for video and audio
Remote Play uses AES CBC with 128-bit keys.
Offline
#18 2009-05-04 18:25:29
- Ryu
- Unas
- Registered: 2007-12-19
- Posts: 400
Re: Remote Play API Progress
on the PSP you can do
Connect via Internet
Connect via Private Network
so
will it work over the internet (Connect via Internet)
or
will it work over a Private Network (Connect via Private Network)
and will Remote start work
Last edited by Ryu (2009-05-04 18:26:18)
Refurbished PS3 60GB Fw2.42 got on 01/20/2008
GAMES: Oblivion(NON-GOTY), GTAIV,Bionic Commando Rearmed, Disgaea 3. Mega Man 9, LBP
Offline
#20 2009-05-05 10:43:39
- wadderz
- PS3 Newbie
- Registered: 2009-05-04
- Posts: 2
Re: Remote Play API Progress
Thanks for helping me out there dashhacker i was just a bit confused with what you were doing but its now clear
Offline
#21 2009-05-05 14:33:49
- Powerslave
- Ruler of All
- From: Alpha Quadrant
- Registered: 2007-01-15
- Posts: 12390
- Website
Re: Remote Play API Progress
Too bad there was not a way to get the PS3's screen output to the PSP as well, so you can completely control the PS3 from a remote location, and SEE what you're doing; like from the front porch to play music... I use the controller from there, but I have to go by memory to select, as I can't see the TV from the porch. Ic an always mount one of my 7" LCDs outside, and use a video transceiver system, but, the PSP would be neat.
Offline
#22 2009-05-05 15:29:38
- FamilyGuy1
- Replicator - Human Form
- From: : : : PSN: FamilyGai
- Registered: 2005-09-28
- Posts: 849
Re: Remote Play API Progress
That would be cool, a remote with a screen.
I do something similar from my backyard when people are over but I choose an already created playlist, have it on shuffle and just press R1 whenever i want to skip a song.
I have music videos too for when we're inside though.
Notable Exclusives
Naruto NS,
inFAMOUS, My Gigawatt blades are beastly o.0
Offline
#23 2009-05-05 15:44:50
- dashhacker
- D-Force
- Registered: 2009-04-27
- Posts: 79
Re: Remote Play API Progress
FamilyGuy1 wrote:
I do something similar from my backyard when people are over but I choose an already created playlist, have it on shuffle and just press R1 whenever i want to skip a song.
If you had a PSP you could do this but be able to *see* your track list and skip to songs you want. All you have to do is set the audio output to PS3 under the Remote Play settings. Works awesome.
Offline
#24 2009-05-05 16:03:09
- krzyrice
- PS3 Newbie
- Registered: 2009-05-05
- Posts: 1
Re: Remote Play API Progress
Hey, not to be rude or anything, but how is the remote play cracked when the PS3 has not been cracked to play any homebrew yet? Obviously Sony would be stupid to use the same encryption all on their systems, but my theory is that the protection couldn't be any more different than say between the friend's list encryption and the hard drive encryption.
Offline
#25 2009-05-05 17:27:41
- Ryu
- Unas
- Registered: 2007-12-19
- Posts: 400
Re: Remote Play API Progress
i think you just TRICKING RP, on the ps3, that your using your linked to the ps3, PSP, to make the connection
form a different type of device, right
Refurbished PS3 60GB Fw2.42 got on 01/20/2008
GAMES: Oblivion(NON-GOTY), GTAIV,Bionic Commando Rearmed, Disgaea 3. Mega Man 9, LBP
Offline
Folding@home | PS3-Hacks Live Chat | PS3 Reviews | Contact Us