I'm new to PS4 homebrew stuff, but I have a network security/pen testing background.
There is an old, dead game on PS4, and I was curious with how it was updating it's leaderboards. This has been the subject of speculation in the community (I don't want to name the game/community specifically).
Upon examining a network capture, it seems like servers are provided by Sony, and the game sends updates every 5 minutes or so via SSL. An XML file is retrieved to display the current details in the game.
I am wondering if it is theoretically possible to MITM these SSL connections and see the data being passed? I'm not interested in doing anything illegal, but it is of interest to me as a pen tester an to several others in the community as we have ha debates on aspects of this point.
I have a PS4 in storage that has not been updated since early 2018, which I figure means it should be fairly easy to crack/jailbreak and install homebrew on.
I am wondering if it is possible to grab the SSL cert from the game (or is it a system wide cert?) and install it into burp or something to be able to observe unencrypted traffic?
I couldn't find much on this when searching and would be interested in any pointers or a discussion of what is and isn't possible.
There is an old, dead game on PS4, and I was curious with how it was updating it's leaderboards. This has been the subject of speculation in the community (I don't want to name the game/community specifically).
Upon examining a network capture, it seems like servers are provided by Sony, and the game sends updates every 5 minutes or so via SSL. An XML file is retrieved to display the current details in the game.
I am wondering if it is theoretically possible to MITM these SSL connections and see the data being passed? I'm not interested in doing anything illegal, but it is of interest to me as a pen tester an to several others in the community as we have ha debates on aspects of this point.
I have a PS4 in storage that has not been updated since early 2018, which I figure means it should be fairly easy to crack/jailbreak and install homebrew on.
I am wondering if it is possible to grab the SSL cert from the game (or is it a system wide cert?) and install it into burp or something to be able to observe unencrypted traffic?
I couldn't find much on this when searching and would be interested in any pointers or a discussion of what is and isn't possible.