Dillon Harris

In the summer of 2015, I was chosen to take part in a project about the security of a Sony PlayStation 4. Together, with 3 members of the projects and 2 faculty advisors, were to research and possibly exploit security vulnerabilities related to the PlayStation. There were 3 parts split between us 3 undergraduate researchers: File System Forensics, Storage Forensics, and Network Forensics.

Lucky as I was, Network Forensics was my part in the project. During my research through the network side of the PlayStation, there were a few things that I did find a bit interesting. As I researched, the Operating System for the PlayStation was based off of FreeBSD, knowing some prior knowledge of FreeBSD, I knew that it was possible to DoS attack it. After some work with the O.S. Kali and the application Cain & Abel on Windows, I was able to quickly DoS the PlayStation and, if the attack did not cease, actually “brick” the PlayStation itself.

My experience working with the other members of the team, getting in contact with both Kimberly and Jude were outstanding. They were both cooperative when I had questions and sharing their findings within their own section of the project. Both their findings and my findings helped in establishing the conclusion that the PlayStation 4 was heavily secure and hard to hack. If I were to pick another project with the same team, I would have no problem working with both of them again in achieving another prospective goal.

After some network forensics, I decided to dabble into the other sections for the fun of it. I discovered, along with the others findings, that the hard drive and file system were completely unknown and encrypted heavily. I tried researching ways to crack some encryption of the hard drive, but none were successful such as using a USB analyzer to gather operating system install information. There were many claims from others that the PlayStation 4 had been cracked and/or rooted, but looking further into their findings were a dead end.

Including with the research, and after emailing the sponsoring faculty, I was able to acquire a Playstation Plus card to gain entry to Sony’s online gaming community. I tested the popular game “Grand Theft Auto V” through various achievements while monitoring the network access using Wireshark. My findings were few but still interesting nonetheless.

In conclusion, working with my teammates and learning some new vulnerabilities, also play some video games while monitoring the activity on the network, was an overall great experience. I have learned quite a bit during this project and would do another in a heartbeat. I hope that my team members had just as much of an experience as I did and look forward to other opportunities that present themselves in front of me.