This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
typedef struct { | |
char name[0x100]; | |
void* data; | |
u32 size; | |
u32 unk; | |
u8 hash[0x14]; | |
u8 padding[0x0C]; | |
} prsh_section; | |
typedef struct { |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
ROM:005161C0 ANDEQ R0, R0, R0 | |
ROM:005161C4 ANDEQ R0, R0, R0 | |
ROM:005161C8 CLREX | |
ROM:005161CC STR LR, [SP,#-8] | |
ROM:005161D0 MRS LR, SPSR | |
ROM:005161D4 STR LR, [SP,#-4] | |
ROM:005161D8 SUB SP, SP, #8 | |
ROM:005161DC CMP R12, #0x500 -> Max R12 value is 0x500 :( | |
ROM:005161E0 BCS loc_516208 | |
ROM:005161E4 CMP R12, #0x100 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
sceSblSmSchedProxyGetStatus(u32 sm_handle, u32 *out_buf) | |
{ | |
// Check global status var | |
u32 state = SMSCHED_STATUS; | |
// SmSched is not initialized | |
if (state != 0x01) | |
return 0x800F0426; | |
// NULL pointer |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0x00000000: 00 02 20 9F 80 05 08 00 E0 59 00 00 97 11 49 00 | |
0x00000010: A8 05 30 00 80 05 08 00 00 00 00 00 09 50 49 00 | |
0x00000020: 00 C9 21 00 00 C9 21 00 C0 8B 21 00 80 A5 21 00 | |
0x00000030: C0 8B 21 00 80 A5 21 00 00 B2 20 00 C0 65 20 00 | |
0x00000040: 00 B2 20 00 C0 65 20 00 C0 65 20 00 C0 65 20 00 | |
0x00000050: C0 65 20 00 C0 65 20 00 C0 21 20 00 C0 65 20 00 | |
0x00000060: C0 21 20 00 C0 65 20 00 00 47 20 00 00 47 20 00 | |
0x00000070: 00 47 20 00 00 47 20 00 C0 95 20 00 00 47 20 00 | |
0x00000080: C0 95 20 00 00 47 20 00 40 0B 20 00 40 0B 20 00 | |
0x00000090: 40 0B 20 00 40 0B 20 00 40 31 20 00 40 0B 20 00 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
0x00(x_stack + 0x00008A8C) = scesysmem_base + 0x00000031 | |
0x00(x_stack + 0x00008A90) = 0x08106803 | |
0x00(x_stack + 0x00008A94) = scesysmem_base + 0x0001EFF1 | |
0x00(x_stack + 0x00008A98) = 0x00000038 | |
0x00(x_stack + 0x00008A9C) = scesysmem_base + 0x0001EFE1 | |
0x00(x_stack + 0x00008AA0) = scesysmem_base + 0x00000347 | |
0x00(x_stack + 0x00008AA4) = scesysmem_base + 0x000039EB | |
0x00(x_stack + 0x00008AA8) = scesysmem_base + 0x0001B571 | |
0x00(x_stack + 0x00008AAC) = 0x00000000 | |
0x00(x_stack + 0x00008AB0) = scesysmem_base + 0x00001E43 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Entry point | |
sub_00000010(scesysmem_base, payload_addr) | |
{ | |
r4 = scesysmem_base | |
sub_00000356(); | |
r5 = scesysmem_base >> 0x20 | |
sub_0000035A(); | |
// Decrypt and launch HENkaku's payload |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Allocate a new memory block | |
char* memblock_name = "Magic"; | |
uint32_t memblock_type = 0x1020D006; | |
uint32_t memblock_size = 0xA0000; | |
void* memblock_opts = 0x00000000; | |
uint32_t memblock_id = kern_memblock_alloc(memblock_name, memblock_type, memblock_size, memblock_opts, 0); | |
// Retrieve the memory block's address into a buffer | |
uint32_t *out_buf; | |
kern_memblock_getaddr(memblock_id, out_buf); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
// Do stuff | |
... | |
// Create a new thread for the second payload | |
int thread_id = sceKernelCreateThread("st2", SceWebkit_base + 0x000054C8, 0x10000100, 0x00600000, 0x00000000, 0x00000000, 0x00000000); | |
// Do stuff | |
... | |
// Construct the arguments for fetching the second payload |