Notes about gsplat / 3DGS: 3D Gaussian Splatting (~WIP)
I'm planning to turn this into an "awesome-gsplat" repository (https://github.com/sindresorhus/awesome) or a wiki on some repository.
Feel free to add comments to this gist for now.
I'm contiuining to update this, and will hopefully get to reformatting it with thumbnails and further information (especially on performance and capabilities of implementations).
| #!/usr/bin/env python3 | |
| # | |
| # Decryptor for the Fortnite Chapter 4, Season 1 / 2 encrypted Cipher Quests. | |
| # | |
| # The scheme for the encryption has been described here: | |
| # https://twitter.com/realNumberSets/status/1630581327018831883 | |
| # | |
| # Example: | |
| # |
| void FUN_CODE_33cd_12__handle_INQUIRY(void) | |
| { | |
| // EVPD must be zero | |
| if (BYTE_INTMEM_9b & 1) { | |
| FUN_CODE_27e2_error_tracking_probably(SPC_SK_ILLEGAL_REQUEST,0x24,0); | |
| return; | |
| } | |
| // Page code must be zero |
(This information stems from a french forum post which I'll not link here to avoid legal issues)
I believe this information is about the 360 variant of the drive.
According to TheSpecialist the firmware has a checksum which is verified at the start of the firmware at offset 0x000099.
By patching the bytes C8 23 FC in CC 23 00 the checksum is bypassed and the console starts without problem!
Addresses in firmware (47DH):
| # Based on research using https://github.com/JayFoxRox/futurama-tools | |
| # LABEL: [{'name': '@@action@@aEgg', 'path': 'Level1\\Level1-1\\Level1-1A.fis', 'address': 28580, 'type': 40, 'unk4': 385, 'locals': [{'name': 'eggdoor', 'offset': 0, 'type': 27}, {'name': 't_next', 'offset': 216, 'type': 12}, {'name': 't_hit', 'offset': 220, 'type': 12}]}] | |
| function StageA:@@action@@aEgg { | |
| .stack_size 0 | |
| .extra_stack_size 224 | |
| .local Door eggdoor # Offset 0 | |
| .local Trigger t_next # Offset 216 | |
| .local Trigger t_hit # Offset 220 |
This protocol was designed to be simple to understand and implement.
However, nxdk-rdt only provides helper functions which are enough to inject your own code into an Xbox. nxdk-rdt itself does not provide a high-level set of functions to do anything useful on their own. To find out how to create these high-level functions using nxdk-rdt, see the examples section.
Reasons for this design are:
diff --git a/build.sh b/build.sh
index 86031fc8fe..5ab64ecaa2 100755
--- a/build.sh
+++ b/build.sh
@@ -50,7 +50,7 @@ set -x # Print commands from now on
--disable-curl \
--disable-vnc \
--disable-docs \
- --disable-tools \I wrote this as a small motivation for my RE efforts. It was rushed together, so please be careful when using it.
Needs a clone of the OpenSWE1R wiki in "openswe1r.wiki" folder. Also requires a decopilation of the game binary using "Retargetable Decompiler" (retdec) which must be passed as argument to completeness.py
I'm not sure when I wrote this script and wether it was for the patched version or the demo version. I seem to have ran it for one of the patched binaries though.
| #!/usr/bin/bash | |
| # Get entry point from N64 ROM | |
| dd if=test.z64 bs=1 skip=8 count=4 of=entrypoint >& /dev/null | |
| # Convert entrypoint to little endian | |
| #mips-elf-objcopy -I binary -O binary --reverse-bytes=4 entrypoint entrypoint | |
| # Construct an ELF | |
| mips-elf-objcopy -I binary test.z64 -O elf32-bigmips -B mips --adjust-section-vma .data+0x80000000 foo.elf | |
| # Patch to MIPS III | |
| printf '\x20\x00\x00\x00' | dd bs=1 seek=36 count=4 conv=notrunc of=foo.elf >& /dev/null |