Results 1 to 5 of 5

Thread: Custom Firmware 6.20MAD-003: attention, it is a fake could be dangerous.

  
  1. #1
    Ryu's Avatar
    Ryu
    Ryu is offline Super Mod of the Brood -Hacks Titan
    Join Date
    Mar 2006
    Location
    Dologany
    Posts
    19,190
    Rep Power
    42

    Default Custom Firmware 6.20MAD-003: attention, it is a fake could be dangerous.


    Published February 15, 2010 at 01:02 AM by MaGiXieN - 20,045 views
    No, this news is not here to scare you but to inform you that the release of 6.20MAD-003 is far less innocuous than it seems
    Summary:
    1. 1 - Custom Firmware 6.20MAD-003: Malicious PC
    2. 2 - Custom Firmware 6.20MAD-003: trap naive


    After already two releases much anticipated but unfortunately useless, it is the developer of this pseudo fake firmware does not work just change strategy.
    His first two versions do not start and were also harmless as useless. This new test, the 6.20MAD-003 comes in a new form with a Windows executable (start.exe) And a file for the PSP. The file readme.txt indicates that it must run this program.

    A fake that could be dangerous also for the PSP.
    The program start.exe
    As you probably know, run a program on your PC without the certainty of the moral quality of its creator is always an experience to avoid. Here we must recognize that this executable is far from clean and if you run your PC more shady things seem to happen. It seems that either a virus or something like that.
    With the launching of many windows pop up (over 20):
    Then the trick is trying to modify Windows dll (monitoring software reacted when launching it on our test PC): SXS.DLL, xpsp2res.dll clbcatq.dll and shell32.dll. A priori, this can only affect users of XP as above DLLs are normally protected by Windows.
    In case of doubt, open a DOS window (Start> All Programs> Accessories> Command Prompt right-click and start up in administrator mode). In this window type SFC / scannow. This checks the integrity of your dll.
    The source site given in the archive and content in the EBOOT is a vacuum cleaner to IP, browser version and OS. Going on its site, you will find a collection of all the info displayed like trophies. A doubt remains that start.exe also sends data to this site but we have not really pushed beyond our snooping in this program. Here is the proof in pictures (we leave the name in plain site but if you go, you are both logged and the information displayed in public):

    For what purpose all this? We have no idea but anyway really, it does no good smells and nice faker is gradually turning into naughty boy in dubious behavior.
    The next page deals with the file to put on his PSP.



    Next Page (2 / 2): Custom Firmware 6.20MAD-003: trap naive
    The PSP file:
    Regarding the PSP, it happens that in the executable, the site address in question is included. Be careful if you visit the site, you will also be logged with a public display of your IP and co.



    On this side there seems nothing malicious, but you can imagine, nothing works at the facility. Initially, the program runs into space in search of a 630.PBP. Naturally, we then renamed 620.pbp in 630.pbp and that's when the deception reached its climax with the appearance of a message "Delete all files ..." (Delete all files ...).
    Fortunately, this is a bad joke and even if the light flashes of MS as a madman, no files are deleted. Note that nothing would have prevented this kind of put a brickeur instead of this silliness.
    We can only tell you that this is a sad illustration of what happens when illustrious unknown promise the moon to those who dream. The site of this unsavory now full IP addresses of all internet naive who launched the program start.exe and have been to see the source of all this. The list is growing every minute and it gives a beautiful picture of hunting for the man who created the buzz. Perhaps it was that his goal ...
    In conclusion, all this was a schoolboy joke, but still with a malicious intent. Normally all this should be done and this guy should join the graveyard of those who, like the Mack brothers, have raised false hopes to the PSP community in the broadest sense.
    Finally, note that it seems that what seems impossible becomes one days may be possible tomorrow. Wait and see ...
    as we all should know
    NEVER run an unknown EXE file or bad stuff may happen


    PSP 1.5 got on USA first day is was 1.5 NOW 4.01 M33-2 -> 5.00 M33-6(1.50 addon),
    Old PS3s: PS3 60GB FW:3.41(2nd ps3 YLoD, 1st, YLoD)
    New PS3:
    Slim 160gb 01-21-2011 Working
    was 3.40 OFW->3.60 OFW

    2nd PSP : PHAT 5.50 GEN-D2
    3rd PSP : Sliver 3000 Starting OFW:4.20 (NEW bought NEW on 11/28/2010)
    It a good idea to have "Hide extensions for known file types" in Folder Options(under Tool) unchecked (turn on extensions)

    3DS FC:0301-9790-8019

  2. #2
    Skorpian's Avatar
    Skorpian is offline -Hacks Guru
    Join Date
    Aug 2009
    Location
    The dark side.
    Posts
    2,436
    Rep Power
    284

    Default

    Thank God, I didn't run that damn .exe file. Thanks for the info Ryu +rep
    Note : All my guides are outdated.

  3. #3
    Organized_Chaos's Avatar
    Organized_Chaos is offline Senior Member -Hacks Titan
    Join Date
    May 2008
    Posts
    4,768
    Rep Power
    53963

    Default

    Thank you for posting this Ryu. And thanks to bestyugiman for showing me this thread.

    I hope this get's put on the front page of PSP-Hacks.com.

  4. #4
    BeAkErOo's Avatar
    BeAkErOo is offline Senior Member -Hacks Titan
    Join Date
    Dec 2005
    Location
    Yellow Submarine
    Posts
    6,224
    Rep Power
    44

    Default

    looks like a 8 year old wrote the warning though
    3DS: 4167-4567-3684

  5. #5
    Organized_Chaos's Avatar
    Organized_Chaos is offline Senior Member -Hacks Titan
    Join Date
    May 2008
    Posts
    4,768
    Rep Power
    53963

    Default

    I think the author is foreign and doesn't know English very well. It certainly looks better than it does when people use google translate to speak in English.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •