User Controls
Infecting Game Consoles via Redbox
-
2017-05-19 at 8:17 PM UTCHow possible is it to infect a gaming console via a disk that one rents from Reddit?
I'm referring to renting a game, copying it to another disk with a little something extra, transferring the sticker onto the copied disk, then taking the copied disk back to the Redbox machine.
Could also be done with PC games/software via buy>return. -
2017-05-22 at 1:27 AM UTCIn case of PC games you just extract the data from the DVD. It usually comes in containers like .bin files. You open one of these with an archive manager and add your payload. Repack it and burn to a DVD. You probably need to figure out what the game installer does precisely, an installer is a pretty straightforward program though and you could run it through a debugger without issue. Then you just replicate what it does and add functionality to deliver your payload and perform the necessary operations that it requires for persistence or what have you.
After a quick google i found this installer builder http://jrsoftware.org/isinfo.php it's as easy as configuring an .ini file or writing a batch file. If all of that seems like a lot of work you could just make an installer for your malware specifically, pack it up as exe and bind the exe to the original installer. Have it say some bullshit about DirectX for believability when it asks for admin privileges.
When it comes to consoles, i wouldn't have a clue. I'd need to know how consoles handle the data they get from the discs. -
2017-05-22 at 1:35 AM UTCwould depend entirely on whether you can find an exploit in the console that will allow you to run code when the game starts/is installed
what would be the point of infecting consoles anyway though? I guess DDoS clients would make sense because finding one exploit would get you access to most consoles, but outside of that there's not generally much value in attacking them. -
2017-05-22 at 2:30 AM UTCIf you can break a game console's security and manage to run arbitrary code on an otherwise unaltered unit through the disc drive, you have a lot more lucrative things to be doing than infecting discs at Redbox, lol.