├── PS3_Debug ├── data │ ├── keys │ ├── ldr_curves │ └── vsh_curves ├── hfw_settings.xml ├── hfw_settings.xml.NOPSN ├── scetool.exe ├── sign.bat ├── videorec.prx ├── videorec.sprx ├── xai_plugin.prx ├── xai_plugin.sprx ├── xai_plugin_template.sprx └── zlib1.dll ├── README.md ├── videorec ├── game_plugin.h ├── impose_plugin.h ├── prx.cpp ├── ps3_savedata_plugin.h ├── rec_plugin.h ├── recording_settings.h ├── stdafx.cpp ├── stdafx.h ├── videorec.vcxproj ├── videorec.vcxproj.filters ├── videorec.vcxproj.user └── x3.h ├── xai_plugin.sdf ├── xai_plugin.sln ├── xai_plugin.v11.suo ├── xai_plugin.v12.suo ├── xai_plugin ├── des.cpp ├── des.h ├── download_plugin.h ├── explore_plugin.h ├── game_ext_plugin.h ├── gccpch.h ├── hfw_settings.cpp ├── hfw_settings.h ├── log.cpp ├── log.h ├── prx.cpp ├── ps3_savedata_plugin.h ├── videorec.h ├── x3.h ├── xRegistry.h ├── xai_plugin.vcxproj ├── xai_plugin.vcxproj.filters ├── xai_plugin.vcxproj.user └── xmb_plugin.h └── xai_plugin_reboot_template_src.rar /PS3_Debug/data/ldr_curves: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/PS3_Debug/data/ldr_curves -------------------------------------------------------------------------------- /PS3_Debug/data/vsh_curves: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/PS3_Debug/data/vsh_curves -------------------------------------------------------------------------------- /PS3_Debug/hfw_settings.xml.NOPSN: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | 6 | 7 | 8 | /dev_flash/vsh/resource/explore/icon/folder_hft.png 9 | WNT_XmbItemAlbum 10 | ★ Hybrid Firmware Tools 11 | 12 | disable 13 |

14 | 15 | 16 | 17 | 18 | 19 | 20 | 21 | 22 | 23 | /dev_flash/vsh/resource/explore/icon/folder_reboot.png 24 | WNT_XmbItemAlbum 25 | ★ Restart PS3 26 |

61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | /dev_flash/vsh/resource/explore/icon/power_soft.png 77 | Quick Restart 78 | 79 | xai_plugin 80 | soft_reboot_action 81 | disable 82 | none 83 | 1 84 |

105 | 106 | 107 | 108 | 109 | 110 | 111 | 112 | 113 | 114 | 115 | 116 | 117 | 118 | 119 | 120 | 121 | 122 | /dev_flash/vsh/resource/explore/icon/ingame_enable_ss.png 123 | Enable In-Game Screenshot 124 | 125 | xai_plugin 126 | enable_screenshot 127 | none 128 | 1 129 |

130 | 131 | /dev_flash/vsh/resource/explore/icon/folder_list.png 132 | Enable Gameplay Recording 133 | 134 | xai_plugin 135 | enable_recording 136 | none 137 | 1 138 |

148 | 149 | 150 | 151 | 152 | 153 | 154 | 155 | 156 | 157 | 158 | 159 | /dev_flash/vsh/resource/explore/icon/dump_view_log.png 160 | View Log 161 | http://localhost/dev_hdd0/tmp/hfw_settings.log 162 | (webMAN MOD is required for this function) 163 | webrender_plugin 164 | http://localhost/dev_hdd0/tmp/hfw_settings.log 165 |

220 | 221 | /dev_flash/vsh/resource/explore/icon/dump_backup_xregistry.png 222 | Backup xRegistry.sys 223 | 224 | xai_plugin 225 | backup_registry 226 | none 227 | 1 228 |

229 | 230 | 231 | 232 | 233 | 234 | 235 | 236 | 237 | 238 | 239 | 240 | 241 | 242 | 243 | 244 | 245 | /dev_flash/vsh/resource/explore/icon/recovery_display_minver.png 246 | Display applicable version 247 | Displays Minimum Downgrade Version 248 | xai_plugin 249 | applicable_version 250 | disable 251 | none 252 | 1 253 |

284 | 285 | 286 | 287 | 288 | 289 | 290 | 291 | 292 | 293 | 294 | 295 | 296 | /dev_flash/vsh/resource/explore/icon/dump_idps.png 297 | WNT_XmbItemAlbum 298 | ★ NoPSN Patches 299 |

310 | 311 | 312 | 313 | 314 | 315 | 316 | 317 | 318 | 319 | 320 | 321 | /dev_flash/vsh/resource/explore/icon/recovery_toggle.png 322 | Reset All NoPSN Patches 323 | xai_plugin 324 | reset_psn_patches 325 | disable 326 | none 327 | 1 328 |

356 | 357 | 358 | 359 | 360 | 361 | 362 | 363 | 364 | 365 | 366 | 367 | 368 | /dev_flash/vsh/resource/explore/icon/recovery_toggle.png 369 | Set Kernel FW Version To 4.82 370 | Sets Build Date For HEN Detection 371 | xai_plugin 372 | kernel_setfw_version_482 373 | disable 374 | none 375 | 1 376 |

407 | 408 | 409 | 410 | 411 | 412 | 413 | 414 | 415 | 416 | 417 | 418 | 419 | /dev_flash/vsh/resource/explore/icon/recovery_toggle.png 420 | PLACEHOLDER ONLY 421 | null 422 | disable 423 | none 424 | 1 425 |

426 | 427 | 428 | 429 | 430 | 431 | 432 | -------------------------------------------------------------------------------- /PS3_Debug/scetool.exe: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/PS3_Debug/scetool.exe -------------------------------------------------------------------------------- /PS3_Debug/sign.bat: -------------------------------------------------------------------------------- 1 | @echo off 2 | del videorec.sprx 3 | del xai_plugin.sprx 4 | scetool --template=xai_plugin_template.sprx --verbose --sce-type=SELF --compress-data=TRUE --encrypt videorec.prx videorec.sprx 5 | scetool --template=xai_plugin_template.sprx --verbose --sce-type=SELF --compress-data=TRUE --encrypt xai_plugin.prx xai_plugin.sprx 6 | 7 | echo. 8 | echo Done! 9 | echo. 10 | pause 11 | 12 | 13 | -------------------------------------------------------------------------------- /PS3_Debug/videorec.prx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/PS3_Debug/videorec.prx -------------------------------------------------------------------------------- /PS3_Debug/videorec.sprx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/PS3_Debug/videorec.sprx -------------------------------------------------------------------------------- /PS3_Debug/xai_plugin.prx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/PS3_Debug/xai_plugin.prx -------------------------------------------------------------------------------- /PS3_Debug/xai_plugin.sprx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/PS3_Debug/xai_plugin.sprx -------------------------------------------------------------------------------- /PS3_Debug/xai_plugin_template.sprx: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/PS3_Debug/xai_plugin_template.sprx -------------------------------------------------------------------------------- /PS3_Debug/zlib1.dll: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/PS3_Debug/zlib1.dll -------------------------------------------------------------------------------- /README.md: -------------------------------------------------------------------------------- 1 | # xai_plugin_hen 2 | XAI Plugin For PS3HEN - Original Source by mysis [https://www.psx-place.com/threads/custom-xai_plugin-source.12455/] 3 | 4 | SPRX must be signed for 3.55 after compiled -------------------------------------------------------------------------------- /videorec/game_plugin.h: -------------------------------------------------------------------------------- 1 | // Mysis game_plugin.h v0.1 2 | class game_plugin_interface 3 | { 4 | public: 5 | int (*DoUnk0)(); // set Widget "page_game_main" and activate 6 | int (*DoUnk1)(void *); // uint8_t [0x5B8] 7 | int (*DoUnk2)(void *); // uint8_t [0x230] 8 | int (*DoUnk3)(int); // 3 = "CB" Category 9 | int (*DoUnk4)(int,void *); // uint8_t [0x1A0] 10 | int (*DoUnk5)(); 11 | int (*DoUnk6)(); 12 | int (*DoUnk7)(); 13 | int (*DoUnk8)(void *); // uint8_t [0x114] 14 | int (*DoUnk9)(void *); // uint8_t [0x80] 15 | int (*DoUnk10)(char *); // char [8] 16 | int (*DoUnk11)(unsigned long, int); 17 | int (*DoUnk12)(); 18 | int (*DoUnk13)(); 19 | int (*DoUnk14)(); 20 | int (*GetExecAppType)(int *,int *); // apptype, extended type? 21 | int (*DoUnk16)(int *); 22 | int (*DoUnk17)(); 23 | int (*DoUnk18)(int *,char *); // char [0x20] 24 | int (*DoUnk19)(int *,char *,char *); // char [0x20] 25 | int (*DoUnk20)(void *); // uint8_t [0x5B8] 26 | int (*DoUnk21)(); 27 | int (*commerce2ExecuteStoreBrowse)(int,char *,int,int); //targetType,targetId,flags,userdata 28 | int (*DoUnk23)(void *); // uint8_t [0xA4] 29 | int (*DoUnk24)(void *); // uint8_t [0xA4] 30 | int (*wakeupWithGameExit)(char *,int); // char [0x800], userdata 31 | int (*commerce2Reboot4PrgDl)(int); // taskId 32 | int (*DoUnk27)(char *); // [0x800] 33 | int (*DoUnk28)(); 34 | int (*DoUnk29)(void *); // [0xxA4] 35 | int (*commerce2GetOptions)(int *); // userdata 36 | int (*GetUsrdataOnGameExit)(int *); 37 | int (*GetManualPath)(char *); // [0x80] 38 | int (*DoUnk33)(); 39 | int (*DoUnk34)(char *); // [0x20] 40 | int (*DoUnk35)(char *); // [0x20] 41 | int (*DoUnk36)(int, char *); // no size check 42 | int (*DoUnk37)(); 43 | int (*DoUnk38)(unsigned long); 44 | int (*DoUnk39)(char *); // titleId[0x20] 45 | int (*DoUnk40)(char *,int *,int); // titleId[0x20] 46 | int (*DoUnk41)(char *,char *,int); // titleId[0x20], char [4] 47 | int (*DoUnk42)(char *,int, char *,int); //titleid, flags 48 | int (*DoUnk43)(); 49 | int (*DoUnk44)(); 50 | int (*initGameData)(int,int); // memContainer, NoCalcFlag 51 | int (*EndGameData)(); 52 | int (*getGameDataStat)(char *,char *,void *); // [0x1450] 53 | int (*updateGameData)(char *,char *, void *, void *);//callback, sysparam[0x1450] 54 | int (*DoUnk49)(int,int,int,void *,char *); 55 | int (*DoUnk50)(); 56 | int (*DoUnk51)(); 57 | int (*cacheInit)(void *,void *); // callback, SysCacheParam[0x444] 58 | int (*cacheClear)(); 59 | int (*GetBootInfo)(void *);// [0x20] 60 | int (*GetTitleId)(void *); 61 | int (*kbGetSize)(int *,int); 62 | int (*SetSysVersion)(char *); 63 | int (*GetDiscInfo)(void *); //[0x20] 64 | int (*DoUnk59)(int,int,void *,int); 65 | int (*SetEjectMode)(int); //int mode 66 | int (*gameExec)(char *,char *,int,int,int,int,int); 67 | int (*getList)(int *,int *,int *,int *,int); 68 | int (*DoUnk63_GetBootInfo)(int *,char *,int *); //[0x20] 69 | int (*SetExecDataParam)(int *); 70 | int (*GetExitInfo)(int *,int *, char *,int *,int *); 71 | int (*HomePath)(char *); 72 | int (*DeleteGame)(char *,int); 73 | int (*OptionPath)(char *,char *); 74 | int (*ExportPath)(char *); 75 | int (*ImportPath)(char *); 76 | int (*Open)(int,char *,int,int *); 77 | int (*BootCheck)(int *,int *,int,int *,char *); 78 | int (*PatchCheck)(int,int *); 79 | int (*Create)(void *,char *,char *,int); 80 | int (*getInt)(int,int*,int); 81 | int (*getStr)(int,char *,int,int); 82 | int (*setInt)(int,int,int); 83 | int (*setStr)(int,char *,int); 84 | int (*Close)(char *,char *); 85 | int (*DoUnk80)(int,int,char *); 86 | int (*getSizeKB)(int *); 87 | int (*tInstall)(char *,char *,int,int); 88 | int (*mtInstall)(int); 89 | int (*mtWrite)(int,void *); 90 | int (*mtClose)(int,int); 91 | int (*getUpPath)(char *); 92 | int (*getWConPath)(char *); 93 | int (*delGameData)(char *); 94 | int (*getDevIdList)(int *,void *); 95 | int (*getDevInfo)(unsigned long,void *); 96 | int (*getUsbDevInfo)(unsigned long,void *); 97 | int (*storageMode)(); 98 | int (*notifyCtrl)(int); 99 | int (*allreadyDisp)(); 100 | int (*pspLoad)(void *,int); 101 | int (*pspSave)(void *,int); 102 | int (*vmcAssign)(int,char *,void *,int); 103 | int (*ps1End)(int); 104 | int (*SetPadRumble)(int); 105 | int (*DoUnk100)(void *,int); 106 | int (*DoUnk101)(); 107 | int (*DoUnk102)(char *); 108 | int (*DoUnk103_DeleteGame)(char *); 109 | int (*DoUnk104)(); 110 | }; game_plugin_interface * game_interface; -------------------------------------------------------------------------------- /videorec/impose_plugin.h: -------------------------------------------------------------------------------- 1 | // Mysis impose_plugin.h v0.1 2 | class impose_plugin_interface 3 | { 4 | public: 5 | int (*DoUnk0)(int sod,void *); // screen of death 6 | int (*DoUnk1)(); // 7 | int (*DoUnk2)(); // blankscreen 8 | int (*DoUnk3)(int); // impose page 9 | int (*DoUnk4)(int); // game exit? 10 | int (*DoUnk5)(char); // controller setting game exit? 11 | int (*DoUnk6)(); // pageclose blankscreen 12 | int (*DoUnk7)(int,float,float); // pad battery notice 13 | int (*DoUnk8)(float); // pad battery notice float 14 | int (*DoUnk9)(int); // 15 | int (*DoUnk10)(); // confirm gameupdate dialog 16 | int (*DoUnk11)(); // wait for background task 17 | int (*DoUnk12)(); // error text plane 18 | int (*DoUnk13)(int); // start_xmb 19 | int (*DoUnk14)(); // notification btn navi 20 | int (*DoUnk15)(int); // game exit widget 21 | int (*DoUnk16)(int); // vibrationEnable flag 22 | int (*DoUnk17)(int); // psbutton notification ? 23 | int (*DoUnk18)(); // 24 | }; impose_plugin_interface * impose_interface; -------------------------------------------------------------------------------- /videorec/prx.cpp: -------------------------------------------------------------------------------- 1 | #include "stdafx.h" 2 | #include "ps3_savedata_plugin.h" 3 | #include "game_plugin.h" 4 | #include "rec_plugin.h" 5 | #include "x3.h" 6 | #include "impose_plugin.h" 7 | 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | 15 | #include 16 | #include 17 | #include 18 | #include 19 | #include 20 | #include 21 | #include 22 | #include 23 | #include 24 | #include 25 | #include 26 | 27 | #include "recording_settings.h" 28 | 29 | SYS_MODULE_INFO( videorec, 0, 1, 1); 30 | SYS_MODULE_START( _videorec_prx_entry ); 31 | SYS_MODULE_STOP( _videorec_prx_stop ); 32 | SYS_MODULE_EXIT( _videorec_prx_exit ); 33 | 34 | SYS_LIB_DECLARE_WITH_STUB( LIBNAME, SYS_LIB_AUTO_EXPORT|SYS_LIB_WEAK_IMPORT, STUBNAME ); 35 | SYS_LIB_EXPORT( _videorec_export_function, LIBNAME ); 36 | 37 | SYS_LIB_EXPORT( _videorec_export_function_video_rec, LIBNAME ); 38 | SYS_LIB_EXPORT( _videorec_export_function_klicensee, LIBNAME ); 39 | SYS_LIB_EXPORT( _videorec_export_function_secureid, LIBNAME ); 40 | SYS_LIB_EXPORT( _videorec_export_function_sfoverride, LIBNAME ); 41 | 42 | void * getNIDfunc(const char * vsh_module, uint32_t fnid) 43 | { 44 | // 0x10000 = ELF 45 | // 0x10080 = segment 2 start 46 | // 0x10200 = code start 47 | 48 | uint32_t table = (*(uint32_t*)0x1008C) + 0x984; // vsh table address 49 | 50 | while(((uint32_t)*(uint32_t*)table) != 0) 51 | { 52 | uint32_t* export_stru_ptr = (uint32_t*)*(uint32_t*)table; // ptr to export stub, size 2C, "sys_io" usually... Exports:0000000000635BC0 stru_635BC0: ExportStub_s <0x1C00, 1, 9, 0x39, 0, 0x2000000, aSys_io, ExportFNIDTable_sys_io, ExportStubTable_sys_io> 53 | 54 | const char* lib_name_ptr = (const char*)*(uint32_t*)((char*)export_stru_ptr + 0x10); 55 | 56 | if(strncmp(vsh_module,lib_name_ptr,strlen(lib_name_ptr))==0) 57 | { 58 | //log("found module name\n"); 59 | // we got the proper export struct 60 | uint32_t lib_fnid_ptr = *(uint32_t*)((char*)export_stru_ptr + 0x14); 61 | uint32_t lib_func_ptr = *(uint32_t*)((char*)export_stru_ptr + 0x18); 62 | uint16_t count = *(uint16_t*)((char*)export_stru_ptr + 6); // amount of exports 63 | for(int i=0;iDoUnk13 != ps3_interface_function13_hook) 219 | { 220 | DoUnk13_ = ps3_savedata_interface->DoUnk13; 221 | ps3_savedata_interface->DoUnk13 = ps3_interface_function13_hook; 222 | log("Secure File Id Hook placed.\n"); 223 | } 224 | 225 | return ps3_savedata_plugin_init_bk(view); 226 | } 227 | extern "C" int _videorec_export_function_secureid(void) 228 | { 229 | if(securfileid_hooked==false) 230 | { 231 | hook_func((void*)ps3_savedata_plugin_init, (void*)ps3_savedata_plugin_init_bk ,(void*)ps3_savedata_plugin_init_hook ); 232 | securfileid_hooked = true; 233 | return CELL_OK; 234 | } 235 | else 236 | { 237 | restore_func((void*)ps3_savedata_plugin_init, (void*)ps3_savedata_plugin_init_bk); 238 | securfileid_hooked = false; 239 | return 1; 240 | } 241 | } 242 | 243 | 244 | 245 | 246 | 247 | bool sfoverride_hooked = false; 248 | bool print_sysver = false; 249 | bool print_attribute = false; 250 | int x3_0xD277E345_(int r3,int * index_table, int * out){}; 251 | int (*x3_0xD277E345_bk)(int r3,int * index_table, int * out) = x3_0xD277E345_; 252 | int x3_0xD277E345_hook(int r3,int * index_table, int * out) 253 | { 254 | int ret = x3_0xD277E345_bk(r3,index_table,out); 255 | if(ret == CELL_OK) 256 | { 257 | if(print_sysver == true) 258 | { 259 | print_sysver = false; 260 | char * str = (char*)(*out); 261 | log("PS3_SYSTEM_VER: %s\n",str); 262 | str[0] = 0; // fallback 00.00 :D 263 | strcpy(str,"02.8000"); // lets just use some lower firmware :) 264 | } 265 | if(print_attribute == true) 266 | { 267 | print_attribute = false; 268 | int * str = (int*)(*out); 269 | log("ATTRIBUTE: %08x\n",*str); 270 | *str = *str | 0xA5000000; 271 | } 272 | } 273 | } 274 | int x3_0xA06976E_(int r3,int * index_table, int * out, int * r6, int * max_len){}; 275 | int (*x3_0xA06976E_bk)(int r3,int * index_table, int * out, int * r6, int * max_len) = x3_0xA06976E_; 276 | int x3_0xA06976E_hook(int r3,int * index_table, int * out, int * r6, int * max_len) 277 | { 278 | if(*out != 0) 279 | { 280 | char * str = (char*)(*out); 281 | if(strcmp(str,"PS3_SYSTEM_VER")==0) 282 | { 283 | //print_sysver = true; 284 | } 285 | if(strcmp(str,"ATTRIBUTE")==0) 286 | { 287 | print_attribute = true; 288 | } 289 | } 290 | 291 | int ret = x3_0xA06976E_bk(r3,index_table,out,r6,max_len); 292 | return ret; 293 | } 294 | int GetItemFromMetaList_(int metalist,int item, char * objectfield, int * out){}; 295 | int (*GetItemFromMetaList_bk)(int metalist,int item, char * objectfield, int * out) = GetItemFromMetaList_; 296 | int GetItemFromMetaList_hook(int metalist,int item, char * objectfield, int * out) 297 | { 298 | int ret = GetItemFromMetaList_bk(metalist,item,objectfield,out); 299 | if(ret == CELL_OK) 300 | { 301 | if(out[2] != 0) 302 | { 303 | if(strcmp(objectfield,"Game:Game.ps3SystemVer") == 0) 304 | { 305 | //log("Game:Game.ps3SystemVer: %s\n",(char*)out[2]); 306 | //((char*)(out[2]))[0] = 0; 307 | } 308 | if(strcmp(objectfield,"Game:Game.attribute") == 0) 309 | { 310 | log("Game:Game.attribute: %x\n",*(int*)out[2]); 311 | *(int*)out[2] = *(int*)out[2] | 0xA5; 312 | log_data(out,0x10); 313 | } 314 | //log("ObjectField: "); 315 | //log(objectfield); 316 | //log(" -> "); 317 | //log((char*)out[2]); 318 | //log("\n"); 319 | } 320 | } 321 | return ret; 322 | } 323 | int GetItemFromMetaList_Mini_(int metalist,int item, char * objectfield, int * out){}; 324 | int (*GetItemFromMetaList_bk_Mini)(int metalist,int item, char * objectfield, int * out) = GetItemFromMetaList_Mini_; 325 | int GetItemFromMetaList_hook_Mini(int metalist,int item, char * objectfield, int * out) 326 | { 327 | int ret = GetItemFromMetaList_bk_Mini(metalist,item,objectfield,out); 328 | if(ret == CELL_OK) 329 | { 330 | if(out[2] != 0) 331 | { 332 | if(strcmp(objectfield,"Game:Game.ps3SystemVer") == 0) 333 | { 334 | log("Game:Game.ps3SystemVer: %s\n",(char*)out[2]); 335 | ((char*)(out[2]))[0] = 0; 336 | } 337 | if(strcmp(objectfield,"Game:Game.attribute") == 0) 338 | { 339 | log("Game:Game.attribute: %x\n",*(int*)out[2]); 340 | *(int*)out[2] = *(int*)out[2] | 0xA5; 341 | } 342 | log("ObjectField: "); 343 | log(objectfield); 344 | log(" -> "); 345 | log((char*)out[2]); 346 | log("\n"); 347 | } 348 | } 349 | return ret; 350 | } 351 | 352 | #define PSPREMOTEPLAYV1 1 353 | #define PSPREMOTEPLAYV2 4 354 | #define VITAREMOTEPLAY 0x80 355 | #define SYSTEMBGM 0x20 356 | int sys_game_get_system_sw_version() 357 | { 358 | system_call_0(376); 359 | return_to_user_prog(int); 360 | } 361 | #define swap(x) ((((x) & 0xFF000000) >> 24) | (((x) & 0x00FF0000) >> 8) | (((x) & 0x0000FF00) << 8) | (((x) & 0x000000FF) << 24)) 362 | #define swap16(x) ((((x) & 0xFF00) >> 8) | (((x) << 8) & 0x00FF)) 363 | void override_sfo(void * buf) 364 | { 365 | sfo_hdr * hdr = (sfo_hdr*)buf; 366 | void * key_table = (void*)((int)buf + ((int)swap(hdr->key_table_start))); 367 | void * data_table = (void*)((int)buf + ((int)swap(hdr->data_table_start))); 368 | void * idx_table = (void*)((int)buf + 0x14); 369 | 370 | for(int i = 0; i < swap(hdr->table_entries); i++) 371 | { 372 | index_table * idx = (index_table *)((int)idx_table + i*0x10 ); 373 | 374 | char * key_1 = (char*)((int)key_table + ((int)swap16(idx->key_1_offset))); 375 | 376 | uint8_t * data_1 = (uint8_t*)((int)data_table + ((int)swap(idx->data_1_offset))); 377 | 378 | if(strcmp(key_1,"ATTRIBUTE") == 0) 379 | { 380 | log("Activate Flags:\n"); 381 | log("[x] PSP Remote Play (v1)\n"); 382 | log("[x] PSP Remote Play (v2)\n"); 383 | log("[x] Vita Remote Play\n"); 384 | log("[x] InGame System BGM\n"); 385 | data_1[0] = data_1[0] | (PSPREMOTEPLAYV1 | PSPREMOTEPLAYV2 | VITAREMOTEPLAY |SYSTEMBGM ); 386 | } 387 | if(strcmp(key_1,"PS3_SYSTEM_VER") == 0) 388 | { 389 | int sw_version = sys_game_get_system_sw_version(); 390 | log("system sdk_version: %d\n", sw_version); 391 | 392 | int sfo_version = 0; 393 | sfo_version = ((((data_1[1]) - 0x30) & 0x0F) * 10000) + ((((data_1[3]) - 0x30) & 0x0F) * 1000) + ((((data_1[4]) - 0x30) & 0x0F) * 100); 394 | 395 | log("sfo sdk_version: %d\n", sfo_version); 396 | 397 | if( sfo_version > sw_version ) 398 | { 399 | //log("PS3_SYSTEM_VER change to 1.0\n"); 400 | //strcpy(key_1,"01.0000"); 401 | } 402 | } 403 | } 404 | } 405 | bool reading_sfo = false; 406 | int cellFsOpen_(const char *path,int flags,int *fd,void *arg,uint64_t size){}; 407 | int (*cellFsOpen_bk)(const char *path,int flags,int *fd,void *arg,uint64_t size) = cellFsOpen_; 408 | int cellFsOpen_hook(const char *path,int flags,int *fd,void *arg,uint64_t size) 409 | { 410 | reading_sfo = false; 411 | if(strcmp(path,"/dev_hdd0/tmp/hfw_settings.log") == 0) 412 | { 413 | return cellFsOpen_bk(path,flags,fd,arg,size); 414 | } 415 | else 416 | { 417 | if(strcmp(path,"/dev_bdvd/PS3_GAME/PARAM.SFO")==0)//strstr(path,".SFO") != 0) 418 | { 419 | //log("cellFsOpen(%s)\n",(char*)path); 420 | reading_sfo = true; 421 | } 422 | return cellFsOpen_bk(path,flags,fd,arg,size); 423 | } 424 | } 425 | int cellFsRead_(int fd, void *buf, uint64_t nbytes, uint64_t *nread){}; 426 | int (*cellFsRead_bk)(int fd, void *buf, uint64_t nbytes, uint64_t *nread) = cellFsRead_; 427 | int cellFsRead_hook(int fd, void *buf, uint64_t nbytes, uint64_t *nread) 428 | { 429 | if(reading_sfo == true) 430 | { 431 | if(nbytes > 0x200) 432 | { 433 | //log("cellFsRead(%x,",(int) buf); 434 | //log("%x)\n",(int)nbytes); 435 | int ret = cellFsRead_bk(fd,buf,nbytes,nread); 436 | //log_data(buf,nbytes); 437 | override_sfo(buf); 438 | return ret; 439 | } 440 | } 441 | return cellFsRead_bk(fd,buf,nbytes,nread); 442 | } 443 | extern "C" int _videorec_export_function_sfoverride(void) 444 | { 445 | 446 | if(sfoverride_hooked==false) 447 | { 448 | hook_func((void*)((int)getNIDfunc("sys_fs",0x718BF5F8)), (void*)cellFsOpen_bk ,(void*)cellFsOpen_hook ); 449 | hook_func((void*)((int)getNIDfunc("sys_fs",0x4D5FF8E2)), (void*)cellFsRead_bk ,(void*)cellFsRead_hook ); 450 | hook_func((void*)((int)getNIDfunc("x3",0xA06976E)), (void*)x3_0xA06976E_bk ,(void*)x3_0xA06976E_hook ); 451 | hook_func((void*)((int)getNIDfunc("x3",0xD277E345)), (void*)x3_0xD277E345_bk ,(void*)x3_0xD277E345_hook ); 452 | 453 | int * x3interface = (int*)xCB_Interface__GetInterface(xCore_GetInterface()); 454 | hook_func((void*)x3interface[39], (void*)GetItemFromMetaList_bk ,(void*)GetItemFromMetaList_hook ); 455 | 456 | x3interface = (int*)xCBMini_GetInterface(xCore_GetInterface()); 457 | hook_func((void*)x3interface[39], (void*)GetItemFromMetaList_bk_Mini ,(void*)GetItemFromMetaList_hook_Mini ); 458 | 459 | sfoverride_hooked = true; 460 | return CELL_OK; 461 | } 462 | else 463 | { 464 | restore_func((void*)((int)getNIDfunc("sys_fs",0x718BF5F8)), (void*)cellFsOpen_bk ); 465 | restore_func((void*)((int)getNIDfunc("sys_fs",0x4D5FF8E2)), (void*)cellFsRead_bk ); 466 | restore_func((void*)((int)getNIDfunc("x3",0xA06976E)), (void*)x3_0xA06976E_bk); 467 | restore_func((void*)((int)getNIDfunc("x3",0xD277E345)), (void*)x3_0xD277E345_bk); 468 | 469 | int * x3interface = (int*)xCB_Interface__GetInterface(xCore_GetInterface()); 470 | restore_func((void*)x3interface[39], (void*)GetItemFromMetaList_bk); 471 | 472 | x3interface = (int*)xCBMini_GetInterface(xCore_GetInterface()); 473 | restore_func((void*)x3interface[39], (void*)GetItemFromMetaList_bk_Mini); 474 | 475 | sfoverride_hooked = false; 476 | return 1; 477 | } 478 | } 479 | 480 | 481 | 482 | 483 | void notify(char * param) 484 | { 485 | log(param); log("\n"); 486 | vshtask_A02D46E7(0, param); 487 | } 488 | void notify(const char * format, int param1) 489 | { 490 | char tmp[0x100]; 491 | vsh_sprintf(tmp, format, param1); 492 | log(tmp); log("\n"); 493 | vshtask_A02D46E7(0, tmp); 494 | } 495 | void notify(const char * format, int param1, int param2, int param3, int param4, bool logging) 496 | { 497 | char tmp[0x100]; 498 | vsh_sprintf(tmp, format, param1, param2, param3, param4); 499 | if (logging == true){ log(tmp); log("\n"); } 500 | vshtask_A02D46E7(0, tmp); 501 | } 502 | 503 | extern "C" int _videorec_prx_entry(void) 504 | { 505 | (void*&)(vsh_sprintf) = (void*)((int)getNIDfunc("stdc",0x273B9711)); 506 | 507 | (void*&)(vshmain_75A22E21) = (void*)((int)getNIDfunc("vshmain",0x75A22E21)); 508 | (void*&)(sub_CEF84_opd) = (void*)((int)getNIDfunc("vshmain",0x74105666)); 509 | (void*&)(vshmain_6D5FC398) = (void*)((int)getNIDfunc("vshmain",0x6D5FC398)); 510 | (uint32_t*&)sub_CEF84_opd -= (10*2);// game_plugin loading 511 | (void*&)(vshmain_A4338777) = (void*)((int)getNIDfunc("vshmain",0xA4338777));// Get XMB Status Flag 512 | (void*&)(npdr_handler_opd) = (void*)((int)getNIDfunc("vshmain",0x302125E4)); 513 | (uint32_t*&)npdr_handler_opd -= (10*2);// original NPDR-Handler 514 | (void*&)(ps3_savedata_plugin_init) = (void*)((int)getNIDfunc("vshmain",0xBEF63A14)); 515 | (uint32_t*&)ps3_savedata_plugin_init -= (0x130*2); 516 | (void*&)(reco_open) = (void*)((int)getNIDfunc("vshmain",0xBEF63A14)); 517 | (uint32_t*&)reco_open -= (50*2); 518 | // fetch recording utility vsh options 519 | int* func_start = (int*&)(*((int*&)reco_open)); 520 | func_start += 3; 521 | int dword1 = ((*func_start) & 0x0000FFFF) - 1; 522 | func_start += 2; 523 | recOpt = (uint32_t*)((dword1 << 16) + ((*func_start) & 0x0000FFFF));//(uint32_t*)0x72EEC0; 524 | 525 | (void*&)(vshtask_A02D46E7) = (void*)((int)getNIDfunc("vshtask",0xA02D46E7)); // notification message func 526 | 527 | (void*&)(View_Find) = (void*)((int)getNIDfunc("paf",0xF21655F3)); 528 | (void*&)(plugin_GetInterface) = (void*)((int)getNIDfunc("paf",0x23AFB290)); 529 | (void*&)(plugin_SetInterface) = (void*)((int)getNIDfunc("paf",0xA1DC401)); 530 | (void*&)(paf_11E195B3_opd) = (void*)((int)getNIDfunc("paf",0x11E195B3)); 531 | 532 | (void*&)(vsh_37857F3F) = (void*)((int)getNIDfunc("vsh",0x37857F3F)); // createMemoryContainer 533 | (void*&)(vsh_E7C34044) = (void*)((int)getNIDfunc("vsh",0xE7C34044)); // getMemoryContainer 534 | (void*&)(vsh_F399CA36) = (void*)((int)getNIDfunc("vsh",0xF399CA36)); // destroyMemoryContainer 535 | 536 | (void*&)(xCore_GetInterface) = (void*)((int)getNIDfunc("x3",0x16FA740A)); 537 | (void*&)(xCB_Interface__GetInterface) = (void*)((int)getNIDfunc("mms_db",0x8EC9A2A7)); 538 | (void*&)(xCBMini_GetInterface) = (void*)((int)getNIDfunc("mms_db",0xEA4FCE1B)); 539 | 540 | return SYS_PRX_RESIDENT; 541 | } 542 | 543 | extern "C" int _videorec_prx_stop(void) 544 | { 545 | if(securfileid_hooked==true) 546 | { 547 | restore_func((void*)ps3_savedata_plugin_init, (void*)ps3_savedata_plugin_init_bk); securfileid_hooked=false; 548 | } 549 | if(klic_hooked == true) 550 | { 551 | restore_func((void*)npdr_handler_opd,(void*)npdr_handler_); klic_hooked = false; 552 | } 553 | if(recording_hooked == true) 554 | { 555 | //restore_func((void*)sub_CEF84_opd, (void*)sub_CEF84_); recording_hooked = false; 556 | //restore_func((void*)vshmain_6D5FC398, (void*)vshmain_6D5FC398_); 557 | } 558 | return SYS_PRX_STOP_OK; 559 | } 560 | 561 | extern "C" int _videorec_prx_exit(void) 562 | { 563 | return SYS_PRX_STOP_SUCCESS; 564 | } 565 | -------------------------------------------------------------------------------- /videorec/ps3_savedata_plugin.h: -------------------------------------------------------------------------------- 1 | // Mysis ps3_savedata_plugin.h v0.1 2 | class ps3_savedata_plugin_game_interface 3 | { 4 | public: 5 | int (*DoUnk0)(); 6 | int (*DoUnk1)(); 7 | int (*DoUnk2)(); 8 | int (*DoUnk3)(); 9 | int (*DoUnk4)(); 10 | int (*DoUnk5)(); 11 | int (*DoUnk6)(); 12 | int (*DoUnk7)(); 13 | int (*DoUnk8)(); 14 | int (*DoUnk9)(); 15 | int (*DoUnk10)(); 16 | int (*DoUnk11)(); 17 | int (*DoUnk12)(); 18 | int (*DoUnk13)(int*,int*,char*,int,void *); // 19 | int (*DoUnk14)(); 20 | int (*DoUnk15)(); 21 | int (*DoUnk16)(); 22 | int (*DoUnk17)(); 23 | int (*DoUnk18)(); 24 | int (*DoUnk19)(); 25 | int (*DoUnk20)(); 26 | int (*DoUnk21)(); 27 | int (*DoUnk22)(); 28 | int (*DoUnk23)(); 29 | int (*DoUnk24)(); 30 | int (*DoUnk25)(); 31 | int (*DoUnk26)(); 32 | int (*DoUnk27)(); 33 | int (*DoUnk28)(); 34 | int (*DoUnk29)(); 35 | int (*DoUnk30)(); 36 | int (*DoUnk31)(); 37 | int (*DoUnk32)(); 38 | int (*DoUnk33)(); 39 | int (*DoUnk34)(); 40 | int (*DoUnk35)(); 41 | int (*DoUnk36)(); 42 | int (*DoUnk37)(); 43 | int (*DoUnk38)(); 44 | int (*DoUnk39)(); 45 | int (*DoUnk40)(); 46 | int (*DoUnk41)(); 47 | int (*DoUnk42)(); 48 | int (*DoUnk43)(); 49 | int (*DoUnk44)(); 50 | int (*DoUnk45)(); 51 | int (*DoUnk46)(); 52 | int (*DoUnk47)(); 53 | int (*DoUnk48)(); 54 | int (*DoUnk49)(); 55 | int (*DoUnk50)(); 56 | int (*DoUnk51)(); 57 | int (*DoUnk52)(); 58 | int (*DoUnk53)(); 59 | int (*DoUnk54)(); 60 | int (*DoUnk55)(); 61 | int (*DoUnk56)(); 62 | int (*DoUnk57)(); 63 | }; -------------------------------------------------------------------------------- /videorec/rec_plugin.h: -------------------------------------------------------------------------------- 1 | // Mysis rec_plugin.h v0.1 2 | class rec_plugin_interface 3 | { 4 | public: 5 | int (*DoUnk0)(); 6 | int (*start)(); //RecStart 7 | int (*stop)(); //RecStop 8 | int (*close)(int isdiscard); 9 | int (*geti)(int giprm); // RecGetInfo 10 | int (*md)(void * mdarg,int); //RecSetInfo 11 | int (*etis)(int start_time_msec); //RecSetInfo 12 | int (*etie)(int end_time_msec); //RecSetInfo 13 | }; rec_plugin_interface * rec_interface; -------------------------------------------------------------------------------- /videorec/recording_settings.h: -------------------------------------------------------------------------------- 1 | #include 2 | 3 | #define MPEG4 0x0000 4 | #define AVC_MP 0x1000 5 | #define AVC_BL 0x2000 6 | #define MJPEG 0x3000 7 | #define M4HD 0x4000 8 | 9 | #define SMALL 0x000 10 | #define MIDDLE 0x100 11 | #define LARGE 0x200 12 | #define HD720 0x600 13 | #define HD1080 0x700 14 | 15 | #define _512K 0x00 16 | #define _768K 0x10 17 | #define _1024K 0x20 18 | #define _1536K 0x30 19 | #define _2048K 0x40 20 | #define _5000K 0x60 21 | #define _11000K 0x70 22 | #define _20000K 0x80 23 | #define _25000K 0x90 24 | #define _30000K 0xA0 25 | 26 | uint32_t * recOpt = 0; 27 | bool recording = false; 28 | sys_memory_container_t recContainer; 29 | 30 | int video_setting = MJPEG + HD720 + _20000K; 31 | int audio_setting = CELL_REC_PARAM_AUDIO_FMT_PCM_768K; 32 | int mc_size = 7; 33 | bool game_container = false; 34 | char * rec_extension = "avi"; 35 | 36 | -------------------------------------------------------------------------------- /videorec/stdafx.cpp: -------------------------------------------------------------------------------- 1 | // stdafx.cpp : source file that includes just the standard includes 2 | // stdafx.obj will contain the pre-compiled type information 3 | 4 | #include "stdafx.h" 5 | 6 | // TODO: reference any additional headers you need in STDAFX.H 7 | // and not in this file 8 | -------------------------------------------------------------------------------- /videorec/stdafx.h: -------------------------------------------------------------------------------- 1 | // stdafx.h : include file for standard system include files, 2 | // or project specific include files that are used frequently, but 3 | // are changed infrequently 4 | // 5 | 6 | #pragma once 7 | 8 | // TODO: reference additional headers your program requires here 9 | static int (*View_Find)(const char *); 10 | static int (*vsh_sprintf)( char*, const char*,...); 11 | static int (*npdr_handler_opd)(const void *buf, unsigned int bufsize); 12 | static int (*plugin_GetInterface)(int view,int interface); 13 | static int (*plugin_SetInterface)(int view, int interface, void * Handler); 14 | static int (*paf_11E195B3_opd)(int view, char * objectname); 15 | 16 | static int (*ps3_savedata_plugin_init)(void*); 17 | static int (*sub_CEF84_opd)(int view); 18 | 19 | 20 | int recording_start(char * action); 21 | static int (*vsh_37857F3F)(int)=0; 22 | static int (*vsh_F399CA36)(int)=0; 23 | static int (*vsh_E7C34044)(int)=0; 24 | static int (*vshmain_A4338777)() = 0; 25 | static int * (*vshmain_75A22E21)() = 0; 26 | static int (*xCore_GetInterface)() = 0; 27 | static int (*xCB_Interface__GetInterface)(int) = 0; 28 | static int (*xCBMini_GetInterface)(int) = 0; 29 | 30 | static void * fake_plugin_action_if[3] = {(void*)recording_start, 31 | 0, 32 | 0}; 33 | 34 | static int (*vshtask_A02D46E7)(int,const char *); 35 | static void notify(char * param); 36 | static void notify(const char * format, int param1); 37 | 38 | 39 | static int (*vshmain_6D5FC398)(int dev_type,int port_num,int intr_type); // BeginInGameXMB 40 | 41 | static int (*reco_open)(int); 42 | 43 | 44 | #define MB(x) (x*(1024*1024)) 45 | 46 | struct sfo_hdr 47 | { 48 | int magic; 49 | int version; 50 | int key_table_start; 51 | int data_table_start; 52 | int table_entries; 53 | }; 54 | struct index_table 55 | { 56 | short key_1_offset; 57 | short data_1_fmt; 58 | int data_1_len; 59 | int data_1_max_len; 60 | int data_1_offset; 61 | }; 62 | 63 | 64 | #pragma hdrstop 65 | -------------------------------------------------------------------------------- /videorec/videorec.vcxproj: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Debug 6 | PS3 7 | 8 | 9 | Release 10 | PS3 11 | 12 | 13 | 14 | {16921676-8D2E-41EC-B6A0-92709543D066} 15 | 16 | 17 | 18 | DynamicLibrary 19 | SNC 20 | 21 | 22 | DynamicLibrary 23 | SNC 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | .prx 37 | 38 | 39 | 40 | _DEBUG;__CELL_ASSERT__;%(PreprocessorDefinitions); 41 | true 42 | Use 43 | 44 | 45 | $(SCE_PS3_ROOT)\target\ppu\lib\libsyscall.a;$(SCE_PS3_ROOT)\target\ppu\lib\libc.a;$(SCE_PS3_ROOT)\target\ppu\lib\librtc_stub.a;%(AdditionalDependencies) 46 | PRXFile 47 | 48 | 49 | 50 | 51 | NDEBUG;%(PreprocessorDefinitions); 52 | Level2 53 | Use 54 | 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | Create 69 | Create 70 | 71 | 72 | 73 | 74 | 75 | 76 | -------------------------------------------------------------------------------- /videorec/videorec.vcxproj.filters: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cxx;cc;s;asm 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hpp 11 | 12 | 13 | 14 | 15 | Header Files 16 | 17 | 18 | Header Files 19 | 20 | 21 | Header Files 22 | 23 | 24 | Header Files 25 | 26 | 27 | Header Files 28 | 29 | 30 | Header Files 31 | 32 | 33 | Header Files 34 | 35 | 36 | 37 | 38 | Source Files 39 | 40 | 41 | Source Files 42 | 43 | 44 | -------------------------------------------------------------------------------- /videorec/videorec.vcxproj.user: -------------------------------------------------------------------------------- 1 | 2 | 3 | -------------------------------------------------------------------------------- /videorec/x3.h: -------------------------------------------------------------------------------- 1 | 2 | // xCBMini_GetInterface 3 | class xCBMini 4 | { 5 | public: 6 | int (*New)(int *); // New() 7 | int (*DoUnk1)(); 8 | int (*DoUnk2)(); // 0x80030050 9 | int (*DoUnk3)(int r3,int r4,int * r5, void * r6); 10 | int (*DoUnk4)(); 11 | int (*CreateQuery)(); 12 | int (*DoUnk6)(); 13 | int (*DoUnk7)(); 14 | int (*DoUnk8)(); 15 | int (*DoUnk9)(); 16 | int (*DoUnk10)(); 17 | int (*DoUnk11)(); 18 | int (*DoUnk12)(); 19 | int (*DoUnk13)(); // 0x80030050 20 | int (*CreateResultIterator)(); 21 | int (*DoUnk15)(); 22 | int (*DoUnk16)(); 23 | int (*DoUnk17)(); 24 | int (*DoUnk18)(); 25 | int (*DoUnk19)(); 26 | int (*ResultIteratorLookItemByIndex)(); // ResultIteratorLookItemByIndex 27 | int (*ResultIteratorGetItemByPosition)(); // ResultIteratorGetItemByPosition 28 | int (*ResultIteratorGetCurrentPosition)(); // ResultIteratorGetCurrentPosition 29 | int (*DoUnk23)(); 30 | int (*ResultIteratorSetCurrentByIDEx)(); // ResultIteratorSetCurrentByIDEx 31 | int (*ResultIteratorGetTotal)(); // ResultIteratorGetTotal 32 | int (*DoUnk26)(); // 0x80030050 33 | int (*DoUnk27)(); 34 | int (*DoUnk28)(); 35 | int (*DoUnk29)(); 36 | int (*DoUnk30)(); 37 | int (*DoUnk31)(); // 0x00000000 38 | int (*DoUnk32)(); 39 | int (*GetMetadataType)(int r3,unsigned long long r4,int * r5); // GetMetadataType 40 | int (*DoUnk34)(); 41 | int (*CreateMetaList)(int r3, int* r4); // CreateMetaList 42 | int (*DoUnk36)(int r3, int r4); 43 | int (*AppendItemToMetaList)(int r3, int r4, int * r5); // AppendItemToMetaList 44 | int (*DoUnk38)(); 45 | int (*GetItemFromMetaList)(); // GetItemFromMetaList 46 | int (*SetItemToMetaList)(); // SetItemToMetaList 47 | int (*DoUnk41)(); 48 | int (*GetMetaData)(); // GetMetaData 49 | int (*SetMetaData)(int r3, unsigned long long r4, int r5); // SetMetaData 50 | int (*DoUnk44)(); 51 | int (*DoUnk45)(); 52 | int (*DoUnk46)(); 53 | int (*DoUnk47)(); // 0x80030050 54 | int (*DoUnk48)(); // 0x80030050 55 | int (*DoUnk49)(); 56 | int (*DoUnk50)(); 57 | int (*DoUnk51)(); // 0x80030050 58 | int (*DoUnk52)(); 59 | int (*DoUnk53)(); 60 | int (*DoUnk54)(); 61 | int (*DoUnk55)(); 62 | int (*DoUnk56)(); 63 | int (*DoUnk57)(); 64 | int (*DoUnk58)(); // 0x80030050 65 | int (*DoUnk59)(); // 0x80030050 66 | int (*DoUnk60)(); // Delete_Async 67 | int (*DoUnk61)(); // 0x80030050 68 | int (*DoUnk62)(); // 0x80030050 69 | int (*DoUnk63)(); 70 | int (*DoUnk64)(); 71 | int (*DoUnk65)(); // 0x80030050 72 | int (*MoveAsyncWithFlag)(int r3, int * r4, int r5, int * r6); // MoveAsyncWithFlag 73 | int (*DoUnk67)(); 74 | int (*DoUnk68)(); // 0x80030050 75 | int (*DoUnk69)(); // 0x80030050 76 | int (*DoUnk70)(); // 0x80030050 77 | int (*DoUnk71)(); 78 | int (*DoUnk72)(); 79 | int (*DoUnk73)(); // 0x80030050 80 | int (*DoUnk74)(); // 0x80030050 81 | int (*DoUnk75)(); // 0x80030050 82 | int (*DoUnk76)(); // 0x80030050 83 | int (*DoUnk77)(); // 0x80030050 84 | int (*DoUnk78)(); 85 | int (*DoUnk79)(); 86 | int (*DoUnk80)(); // 0x80030050 87 | unsigned long long (*DoUnk81)(); 88 | int (*DoUnk82)(); 89 | int (*DoUnk83)(); // 0x80030050 90 | int (*GenerateMetadataFromFileWithOption)(int r3,char * r4,int * r5, int r6, int * r7, int * r8); // GenerateMetadataFromFileWithOption 91 | int (*DoUnk85)(); 92 | int (*DoUnk86)(); 93 | int (*DoUnk87)(); // 0x80030050 94 | int (*DoUnk88)(); 95 | int (*DoUnk89)(); 96 | int (*DoUnk90)(); 97 | int (*DoUnk91)(); // 0x80030050 98 | int (*DoUnk92)(); // 0x80030050 99 | int (*DoUnk93)(int r3, const char * r4, const char * r5); 100 | int (*DoUnk94)(); 101 | int (*DoUnk95)(); 102 | int (*DoUnk96)(); // 0x80030050 103 | int (*DoUnk97)(); // 0x80030050 104 | int (*DoUnk98)(); // 0x80030050 105 | int (*DoUnk99)(); // 0x80030050 106 | int (*DoUnk100)(); // 0x80030050 107 | int (*DoUnk101)(); // 0x80030050 108 | int (*DoUnk102)(); // 0x80030050 109 | int (*DoUnk103)(); // 0x80030050 110 | int (*DoUnk104)(); // 0x80030050 111 | int (*DoUnk105)(); // 0x80030050 112 | int (*DoUnk106)(); // 0x80030050 113 | int (*DoUnk107)(); // 0x80030050 114 | int (*DoUnk108)(); // 0x80030050 115 | int (*DoUnk109)(); // 0x80030050 116 | int (*DoUnk110)(); // 0x80030050 117 | int (*DoUnk111)(); // 0 118 | int (*DoUnk112)(); // 0 119 | int (*DoUnk113)(); 120 | int (*DoUnk114)(); // 0 121 | int (*DoUnk115)(); // 0 122 | int (*DoUnk116)(); // 0 123 | int (*DoUnk117)(); // 0 124 | int (*DoUnk118)(); // 0 125 | int (*DoUnk119)(); // 0 126 | int (*DoUnk120)(); // 0 127 | int (*DoUnk121)(); // 0 128 | int (*DoUnk122)(); // 0 129 | int (*DoUnk123)(); // 0 130 | int (*DoUnk124)(); // 0 131 | int (*DoUnk125)(); // 0 132 | int (*DoUnk126)(); // 0 133 | int (*DoUnk127)(); // 0 134 | int (*DoUnk128)(); // 0 135 | int (*DoUnk129)(); // 0 136 | int (*DoUnk130)(); // 0 137 | int (*DoUnk131)(); // 0 138 | int (*DoUnk132)(); // 0 139 | }; xCBMini * iCBMini; -------------------------------------------------------------------------------- /xai_plugin.sdf: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/xai_plugin.sdf -------------------------------------------------------------------------------- /xai_plugin.sln: -------------------------------------------------------------------------------- 1 | 2 | Microsoft Visual Studio Solution File, Format Version 11.00 3 | # Visual Studio 2010 4 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "xai_plugin", "xai_plugin\xai_plugin.vcxproj", "{85CAA0A3-5E2B-4991-BA29-D7095F1C5C54}" 5 | ProjectSection(ProjectDependencies) = postProject 6 | {16921676-8D2E-41EC-B6A0-92709543D066} = {16921676-8D2E-41EC-B6A0-92709543D066} 7 | EndProjectSection 8 | EndProject 9 | Project("{8BC9CEB8-8B4A-11D0-8D11-00A0C91BC942}") = "videorec", "videorec\videorec.vcxproj", "{16921676-8D2E-41EC-B6A0-92709543D066}" 10 | EndProject 11 | Global 12 | GlobalSection(SolutionConfigurationPlatforms) = preSolution 13 | Debug|PS3 = Debug|PS3 14 | Release|PS3 = Release|PS3 15 | EndGlobalSection 16 | GlobalSection(ProjectConfigurationPlatforms) = postSolution 17 | {85CAA0A3-5E2B-4991-BA29-D7095F1C5C54}.Debug|PS3.ActiveCfg = Debug|PS3 18 | {85CAA0A3-5E2B-4991-BA29-D7095F1C5C54}.Debug|PS3.Build.0 = Debug|PS3 19 | {85CAA0A3-5E2B-4991-BA29-D7095F1C5C54}.Release|PS3.ActiveCfg = Debug|PS3 20 | {85CAA0A3-5E2B-4991-BA29-D7095F1C5C54}.Release|PS3.Build.0 = Debug|PS3 21 | {16921676-8D2E-41EC-B6A0-92709543D066}.Debug|PS3.ActiveCfg = Debug|PS3 22 | {16921676-8D2E-41EC-B6A0-92709543D066}.Debug|PS3.Build.0 = Debug|PS3 23 | {16921676-8D2E-41EC-B6A0-92709543D066}.Release|PS3.ActiveCfg = Release|PS3 24 | {16921676-8D2E-41EC-B6A0-92709543D066}.Release|PS3.Build.0 = Release|PS3 25 | EndGlobalSection 26 | GlobalSection(SolutionProperties) = preSolution 27 | HideSolutionNode = FALSE 28 | EndGlobalSection 29 | EndGlobal 30 | -------------------------------------------------------------------------------- /xai_plugin.v11.suo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/xai_plugin.v11.suo -------------------------------------------------------------------------------- /xai_plugin.v12.suo: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/xai_plugin.v12.suo -------------------------------------------------------------------------------- /xai_plugin/des.cpp: -------------------------------------------------------------------------------- 1 | #include "des.h" 2 | #include "string.h" 3 | 4 | #define GET_UINT32_BE(n,b,i) \ 5 | { \ 6 | (n) = ( (uint32_t) (b)[(i) ] << 24 ) \ 7 | | ( (uint32_t) (b)[(i) + 1] << 16 ) \ 8 | | ( (uint32_t) (b)[(i) + 2] << 8 ) \ 9 | | ( (uint32_t) (b)[(i) + 3] ); \ 10 | } 11 | 12 | #define PUT_UINT32_BE(n,b,i) \ 13 | { \ 14 | (b)[(i) ] = (unsigned char) ( (n) >> 24 ); \ 15 | (b)[(i) + 1] = (unsigned char) ( (n) >> 16 ); \ 16 | (b)[(i) + 2] = (unsigned char) ( (n) >> 8 ); \ 17 | (b)[(i) + 3] = (unsigned char) ( (n) ); \ 18 | } 19 | 20 | static const uint32_t LHs[16] = 21 | { 22 | 0x00000000, 0x00000001, 0x00000100, 0x00000101, 23 | 0x00010000, 0x00010001, 0x00010100, 0x00010101, 24 | 0x01000000, 0x01000001, 0x01000100, 0x01000101, 25 | 0x01010000, 0x01010001, 0x01010100, 0x01010101 26 | }; 27 | 28 | static const uint32_t RHs[16] = 29 | { 30 | 0x00000000, 0x01000000, 0x00010000, 0x01010000, 31 | 0x00000100, 0x01000100, 0x00010100, 0x01010100, 32 | 0x00000001, 0x01000001, 0x00010001, 0x01010001, 33 | 0x00000101, 0x01000101, 0x00010101, 0x01010101, 34 | }; 35 | 36 | #define SWAP(a,b) { uint32_t t = a; a = b; b = t; t = 0; } 37 | 38 | #define DES_IP(X,Y) \ 39 | { \ 40 | T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \ 41 | T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \ 42 | T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \ 43 | T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \ 44 | Y = ((Y << 1) | (Y >> 31)) & 0xFFFFFFFF; \ 45 | T = (X ^ Y) & 0xAAAAAAAA; Y ^= T; X ^= T; \ 46 | X = ((X << 1) | (X >> 31)) & 0xFFFFFFFF; \ 47 | } 48 | 49 | #define DES_ROUND(X,Y) \ 50 | { \ 51 | T = *SK++ ^ X; \ 52 | Y ^= SB8[ (T ) & 0x3F ] ^ \ 53 | SB6[ (T >> 8) & 0x3F ] ^ \ 54 | SB4[ (T >> 16) & 0x3F ] ^ \ 55 | SB2[ (T >> 24) & 0x3F ]; \ 56 | \ 57 | T = *SK++ ^ ((X << 28) | (X >> 4)); \ 58 | Y ^= SB7[ (T ) & 0x3F ] ^ \ 59 | SB5[ (T >> 8) & 0x3F ] ^ \ 60 | SB3[ (T >> 16) & 0x3F ] ^ \ 61 | SB1[ (T >> 24) & 0x3F ]; \ 62 | } 63 | 64 | /* 65 | * Expanded DES S-boxes 66 | */ 67 | static const uint32_t SB1[64] = 68 | { 69 | 0x01010400, 0x00000000, 0x00010000, 0x01010404, 70 | 0x01010004, 0x00010404, 0x00000004, 0x00010000, 71 | 0x00000400, 0x01010400, 0x01010404, 0x00000400, 72 | 0x01000404, 0x01010004, 0x01000000, 0x00000004, 73 | 0x00000404, 0x01000400, 0x01000400, 0x00010400, 74 | 0x00010400, 0x01010000, 0x01010000, 0x01000404, 75 | 0x00010004, 0x01000004, 0x01000004, 0x00010004, 76 | 0x00000000, 0x00000404, 0x00010404, 0x01000000, 77 | 0x00010000, 0x01010404, 0x00000004, 0x01010000, 78 | 0x01010400, 0x01000000, 0x01000000, 0x00000400, 79 | 0x01010004, 0x00010000, 0x00010400, 0x01000004, 80 | 0x00000400, 0x00000004, 0x01000404, 0x00010404, 81 | 0x01010404, 0x00010004, 0x01010000, 0x01000404, 82 | 0x01000004, 0x00000404, 0x00010404, 0x01010400, 83 | 0x00000404, 0x01000400, 0x01000400, 0x00000000, 84 | 0x00010004, 0x00010400, 0x00000000, 0x01010004 85 | }; 86 | 87 | static const uint32_t SB2[64] = 88 | { 89 | 0x80108020, 0x80008000, 0x00008000, 0x00108020, 90 | 0x00100000, 0x00000020, 0x80100020, 0x80008020, 91 | 0x80000020, 0x80108020, 0x80108000, 0x80000000, 92 | 0x80008000, 0x00100000, 0x00000020, 0x80100020, 93 | 0x00108000, 0x00100020, 0x80008020, 0x00000000, 94 | 0x80000000, 0x00008000, 0x00108020, 0x80100000, 95 | 0x00100020, 0x80000020, 0x00000000, 0x00108000, 96 | 0x00008020, 0x80108000, 0x80100000, 0x00008020, 97 | 0x00000000, 0x00108020, 0x80100020, 0x00100000, 98 | 0x80008020, 0x80100000, 0x80108000, 0x00008000, 99 | 0x80100000, 0x80008000, 0x00000020, 0x80108020, 100 | 0x00108020, 0x00000020, 0x00008000, 0x80000000, 101 | 0x00008020, 0x80108000, 0x00100000, 0x80000020, 102 | 0x00100020, 0x80008020, 0x80000020, 0x00100020, 103 | 0x00108000, 0x00000000, 0x80008000, 0x00008020, 104 | 0x80000000, 0x80100020, 0x80108020, 0x00108000 105 | }; 106 | 107 | static const uint32_t SB3[64] = 108 | { 109 | 0x00000208, 0x08020200, 0x00000000, 0x08020008, 110 | 0x08000200, 0x00000000, 0x00020208, 0x08000200, 111 | 0x00020008, 0x08000008, 0x08000008, 0x00020000, 112 | 0x08020208, 0x00020008, 0x08020000, 0x00000208, 113 | 0x08000000, 0x00000008, 0x08020200, 0x00000200, 114 | 0x00020200, 0x08020000, 0x08020008, 0x00020208, 115 | 0x08000208, 0x00020200, 0x00020000, 0x08000208, 116 | 0x00000008, 0x08020208, 0x00000200, 0x08000000, 117 | 0x08020200, 0x08000000, 0x00020008, 0x00000208, 118 | 0x00020000, 0x08020200, 0x08000200, 0x00000000, 119 | 0x00000200, 0x00020008, 0x08020208, 0x08000200, 120 | 0x08000008, 0x00000200, 0x00000000, 0x08020008, 121 | 0x08000208, 0x00020000, 0x08000000, 0x08020208, 122 | 0x00000008, 0x00020208, 0x00020200, 0x08000008, 123 | 0x08020000, 0x08000208, 0x00000208, 0x08020000, 124 | 0x00020208, 0x00000008, 0x08020008, 0x00020200 125 | }; 126 | 127 | static const uint32_t SB4[64] = 128 | { 129 | 0x00802001, 0x00002081, 0x00002081, 0x00000080, 130 | 0x00802080, 0x00800081, 0x00800001, 0x00002001, 131 | 0x00000000, 0x00802000, 0x00802000, 0x00802081, 132 | 0x00000081, 0x00000000, 0x00800080, 0x00800001, 133 | 0x00000001, 0x00002000, 0x00800000, 0x00802001, 134 | 0x00000080, 0x00800000, 0x00002001, 0x00002080, 135 | 0x00800081, 0x00000001, 0x00002080, 0x00800080, 136 | 0x00002000, 0x00802080, 0x00802081, 0x00000081, 137 | 0x00800080, 0x00800001, 0x00802000, 0x00802081, 138 | 0x00000081, 0x00000000, 0x00000000, 0x00802000, 139 | 0x00002080, 0x00800080, 0x00800081, 0x00000001, 140 | 0x00802001, 0x00002081, 0x00002081, 0x00000080, 141 | 0x00802081, 0x00000081, 0x00000001, 0x00002000, 142 | 0x00800001, 0x00002001, 0x00802080, 0x00800081, 143 | 0x00002001, 0x00002080, 0x00800000, 0x00802001, 144 | 0x00000080, 0x00800000, 0x00002000, 0x00802080 145 | }; 146 | 147 | static const uint32_t SB5[64] = 148 | { 149 | 0x00000100, 0x02080100, 0x02080000, 0x42000100, 150 | 0x00080000, 0x00000100, 0x40000000, 0x02080000, 151 | 0x40080100, 0x00080000, 0x02000100, 0x40080100, 152 | 0x42000100, 0x42080000, 0x00080100, 0x40000000, 153 | 0x02000000, 0x40080000, 0x40080000, 0x00000000, 154 | 0x40000100, 0x42080100, 0x42080100, 0x02000100, 155 | 0x42080000, 0x40000100, 0x00000000, 0x42000000, 156 | 0x02080100, 0x02000000, 0x42000000, 0x00080100, 157 | 0x00080000, 0x42000100, 0x00000100, 0x02000000, 158 | 0x40000000, 0x02080000, 0x42000100, 0x40080100, 159 | 0x02000100, 0x40000000, 0x42080000, 0x02080100, 160 | 0x40080100, 0x00000100, 0x02000000, 0x42080000, 161 | 0x42080100, 0x00080100, 0x42000000, 0x42080100, 162 | 0x02080000, 0x00000000, 0x40080000, 0x42000000, 163 | 0x00080100, 0x02000100, 0x40000100, 0x00080000, 164 | 0x00000000, 0x40080000, 0x02080100, 0x40000100 165 | }; 166 | 167 | static const uint32_t SB6[64] = 168 | { 169 | 0x20000010, 0x20400000, 0x00004000, 0x20404010, 170 | 0x20400000, 0x00000010, 0x20404010, 0x00400000, 171 | 0x20004000, 0x00404010, 0x00400000, 0x20000010, 172 | 0x00400010, 0x20004000, 0x20000000, 0x00004010, 173 | 0x00000000, 0x00400010, 0x20004010, 0x00004000, 174 | 0x00404000, 0x20004010, 0x00000010, 0x20400010, 175 | 0x20400010, 0x00000000, 0x00404010, 0x20404000, 176 | 0x00004010, 0x00404000, 0x20404000, 0x20000000, 177 | 0x20004000, 0x00000010, 0x20400010, 0x00404000, 178 | 0x20404010, 0x00400000, 0x00004010, 0x20000010, 179 | 0x00400000, 0x20004000, 0x20000000, 0x00004010, 180 | 0x20000010, 0x20404010, 0x00404000, 0x20400000, 181 | 0x00404010, 0x20404000, 0x00000000, 0x20400010, 182 | 0x00000010, 0x00004000, 0x20400000, 0x00404010, 183 | 0x00004000, 0x00400010, 0x20004010, 0x00000000, 184 | 0x20404000, 0x20000000, 0x00400010, 0x20004010 185 | }; 186 | 187 | static const uint32_t SB7[64] = 188 | { 189 | 0x00200000, 0x04200002, 0x04000802, 0x00000000, 190 | 0x00000800, 0x04000802, 0x00200802, 0x04200800, 191 | 0x04200802, 0x00200000, 0x00000000, 0x04000002, 192 | 0x00000002, 0x04000000, 0x04200002, 0x00000802, 193 | 0x04000800, 0x00200802, 0x00200002, 0x04000800, 194 | 0x04000002, 0x04200000, 0x04200800, 0x00200002, 195 | 0x04200000, 0x00000800, 0x00000802, 0x04200802, 196 | 0x00200800, 0x00000002, 0x04000000, 0x00200800, 197 | 0x04000000, 0x00200800, 0x00200000, 0x04000802, 198 | 0x04000802, 0x04200002, 0x04200002, 0x00000002, 199 | 0x00200002, 0x04000000, 0x04000800, 0x00200000, 200 | 0x04200800, 0x00000802, 0x00200802, 0x04200800, 201 | 0x00000802, 0x04000002, 0x04200802, 0x04200000, 202 | 0x00200800, 0x00000000, 0x00000002, 0x04200802, 203 | 0x00000000, 0x00200802, 0x04200000, 0x00000800, 204 | 0x04000002, 0x04000800, 0x00000800, 0x00200002 205 | }; 206 | 207 | static const uint32_t SB8[64] = 208 | { 209 | 0x10001040, 0x00001000, 0x00040000, 0x10041040, 210 | 0x10000000, 0x10001040, 0x00000040, 0x10000000, 211 | 0x00040040, 0x10040000, 0x10041040, 0x00041000, 212 | 0x10041000, 0x00041040, 0x00001000, 0x00000040, 213 | 0x10040000, 0x10000040, 0x10001000, 0x00001040, 214 | 0x00041000, 0x00040040, 0x10040040, 0x10041000, 215 | 0x00001040, 0x00000000, 0x00000000, 0x10040040, 216 | 0x10000040, 0x10001000, 0x00041040, 0x00040000, 217 | 0x00041040, 0x00040000, 0x10041000, 0x00001000, 218 | 0x00000040, 0x10040040, 0x00001000, 0x00041040, 219 | 0x10001000, 0x00000040, 0x10000040, 0x10040000, 220 | 0x10040040, 0x10000000, 0x00040000, 0x10001040, 221 | 0x00000000, 0x10041040, 0x00040040, 0x10000040, 222 | 0x10040000, 0x10001000, 0x10001040, 0x00000000, 223 | 0x10041040, 0x00041000, 0x00041000, 0x00001040, 224 | 0x00001040, 0x00040040, 0x10000000, 0x10041000 225 | }; 226 | 227 | #define DES_FP(X,Y) \ 228 | { \ 229 | X = ((X << 31) | (X >> 1)) & 0xFFFFFFFF; \ 230 | T = (X ^ Y) & 0xAAAAAAAA; X ^= T; Y ^= T; \ 231 | Y = ((Y << 31) | (Y >> 1)) & 0xFFFFFFFF; \ 232 | T = ((Y >> 8) ^ X) & 0x00FF00FF; X ^= T; Y ^= (T << 8); \ 233 | T = ((Y >> 2) ^ X) & 0x33333333; X ^= T; Y ^= (T << 2); \ 234 | T = ((X >> 16) ^ Y) & 0x0000FFFF; Y ^= T; X ^= (T << 16); \ 235 | T = ((X >> 4) ^ Y) & 0x0F0F0F0F; Y ^= T; X ^= (T << 4); \ 236 | } 237 | 238 | void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) 239 | { 240 | int i; 241 | uint32_t X, Y, T; 242 | 243 | GET_UINT32_BE( X, key, 0 ); 244 | GET_UINT32_BE( Y, key, 4 ); 245 | 246 | /* 247 | * Permuted Choice 1 248 | */ 249 | T = ((Y >> 4) ^ X) & 0x0F0F0F0F; X ^= T; Y ^= (T << 4); 250 | T = ((Y ) ^ X) & 0x10101010; X ^= T; Y ^= (T ); 251 | 252 | X = (LHs[ (X ) & 0xF] << 3) | (LHs[ (X >> 8) & 0xF ] << 2) 253 | | (LHs[ (X >> 16) & 0xF] << 1) | (LHs[ (X >> 24) & 0xF ] ) 254 | | (LHs[ (X >> 5) & 0xF] << 7) | (LHs[ (X >> 13) & 0xF ] << 6) 255 | | (LHs[ (X >> 21) & 0xF] << 5) | (LHs[ (X >> 29) & 0xF ] << 4); 256 | 257 | Y = (RHs[ (Y >> 1) & 0xF] << 3) | (RHs[ (Y >> 9) & 0xF ] << 2) 258 | | (RHs[ (Y >> 17) & 0xF] << 1) | (RHs[ (Y >> 25) & 0xF ] ) 259 | | (RHs[ (Y >> 4) & 0xF] << 7) | (RHs[ (Y >> 12) & 0xF ] << 6) 260 | | (RHs[ (Y >> 20) & 0xF] << 5) | (RHs[ (Y >> 28) & 0xF ] << 4); 261 | 262 | X &= 0x0FFFFFFF; 263 | Y &= 0x0FFFFFFF; 264 | 265 | /* 266 | * calculate subkeys 267 | */ 268 | for( i = 0; i < 16; i++ ) 269 | { 270 | if( i < 2 || i == 8 || i == 15 ) 271 | { 272 | X = ((X << 1) | (X >> 27)) & 0x0FFFFFFF; 273 | Y = ((Y << 1) | (Y >> 27)) & 0x0FFFFFFF; 274 | } 275 | else 276 | { 277 | X = ((X << 2) | (X >> 26)) & 0x0FFFFFFF; 278 | Y = ((Y << 2) | (Y >> 26)) & 0x0FFFFFFF; 279 | } 280 | 281 | *SK++ = ((X << 4) & 0x24000000) | ((X << 28) & 0x10000000) 282 | | ((X << 14) & 0x08000000) | ((X << 18) & 0x02080000) 283 | | ((X << 6) & 0x01000000) | ((X << 9) & 0x00200000) 284 | | ((X >> 1) & 0x00100000) | ((X << 10) & 0x00040000) 285 | | ((X << 2) & 0x00020000) | ((X >> 10) & 0x00010000) 286 | | ((Y >> 13) & 0x00002000) | ((Y >> 4) & 0x00001000) 287 | | ((Y << 6) & 0x00000800) | ((Y >> 1) & 0x00000400) 288 | | ((Y >> 14) & 0x00000200) | ((Y ) & 0x00000100) 289 | | ((Y >> 5) & 0x00000020) | ((Y >> 10) & 0x00000010) 290 | | ((Y >> 3) & 0x00000008) | ((Y >> 18) & 0x00000004) 291 | | ((Y >> 26) & 0x00000002) | ((Y >> 24) & 0x00000001); 292 | 293 | *SK++ = ((X << 15) & 0x20000000) | ((X << 17) & 0x10000000) 294 | | ((X << 10) & 0x08000000) | ((X << 22) & 0x04000000) 295 | | ((X >> 2) & 0x02000000) | ((X << 1) & 0x01000000) 296 | | ((X << 16) & 0x00200000) | ((X << 11) & 0x00100000) 297 | | ((X << 3) & 0x00080000) | ((X >> 6) & 0x00040000) 298 | | ((X << 15) & 0x00020000) | ((X >> 4) & 0x00010000) 299 | | ((Y >> 2) & 0x00002000) | ((Y << 8) & 0x00001000) 300 | | ((Y >> 14) & 0x00000808) | ((Y >> 9) & 0x00000400) 301 | | ((Y ) & 0x00000200) | ((Y << 7) & 0x00000100) 302 | | ((Y >> 7) & 0x00000020) | ((Y >> 3) & 0x00000011) 303 | | ((Y << 2) & 0x00000004) | ((Y >> 21) & 0x00000002); 304 | } 305 | } 306 | 307 | int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ) 308 | { 309 | int i; 310 | 311 | mbedtls_des_setkey( ctx->sk, key ); 312 | 313 | for( i = 0; i < 16; i += 2 ) 314 | { 315 | SWAP( ctx->sk[i ], ctx->sk[30 - i] ); 316 | SWAP( ctx->sk[i + 1], ctx->sk[31 - i] ); 317 | } 318 | 319 | return( 0 ); 320 | } 321 | 322 | int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, 323 | const unsigned char input[8], 324 | unsigned char output[8] ) 325 | { 326 | int i; 327 | uint32_t X, Y, T, *SK; 328 | 329 | SK = ctx->sk; 330 | 331 | GET_UINT32_BE( X, input, 0 ); 332 | GET_UINT32_BE( Y, input, 4 ); 333 | 334 | DES_IP( X, Y ); 335 | 336 | for( i = 0; i < 8; i++ ) 337 | { 338 | DES_ROUND( Y, X ); 339 | DES_ROUND( X, Y ); 340 | } 341 | 342 | DES_FP( Y, X ); 343 | 344 | PUT_UINT32_BE( Y, output, 0 ); 345 | PUT_UINT32_BE( X, output, 4 ); 346 | 347 | return( 0 ); 348 | } 349 | 350 | 351 | int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, 352 | int mode, 353 | size_t length, 354 | unsigned char iv[8], 355 | const unsigned char *input, 356 | unsigned char *output ) 357 | { 358 | int i; 359 | unsigned char temp[8]; 360 | 361 | if( length % 8 ) 362 | return( MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH ); 363 | 364 | if( mode == MBEDTLS_DES_ENCRYPT ) 365 | { 366 | while( length > 0 ) 367 | { 368 | for( i = 0; i < 8; i++ ) 369 | output[i] = (unsigned char)( input[i] ^ iv[i] ); 370 | 371 | mbedtls_des_crypt_ecb( ctx, output, output ); 372 | memcpy( iv, output, 8 ); 373 | 374 | input += 8; 375 | output += 8; 376 | length -= 8; 377 | } 378 | } 379 | else /* MBEDTLS_DES_DECRYPT */ 380 | { 381 | while( length > 0 ) 382 | { 383 | memcpy( temp, input, 8 ); 384 | mbedtls_des_crypt_ecb( ctx, input, output ); 385 | 386 | for( i = 0; i < 8; i++ ) 387 | output[i] = (unsigned char)( output[i] ^ iv[i] ); 388 | 389 | memcpy( iv, temp, 8 ); 390 | 391 | input += 8; 392 | output += 8; 393 | length -= 8; 394 | } 395 | } 396 | 397 | return( 0 ); 398 | } 399 | -------------------------------------------------------------------------------- /xai_plugin/des.h: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | 4 | typedef struct 5 | { 6 | uint32_t sk[32]; /*!< DES subkeys */ 7 | } mbedtls_des_context; 8 | 9 | #define MBEDTLS_DES_KEY_SIZE 8 10 | 11 | void mbedtls_des_setkey( uint32_t SK[32], const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); 12 | 13 | int mbedtls_des_setkey_dec( mbedtls_des_context *ctx, const unsigned char key[MBEDTLS_DES_KEY_SIZE] ); 14 | 15 | 16 | int mbedtls_des_crypt_cbc( mbedtls_des_context *ctx, 17 | int mode, 18 | size_t length, 19 | unsigned char iv[8], 20 | const unsigned char *input, 21 | unsigned char *output ); 22 | 23 | int mbedtls_des_crypt_ecb( mbedtls_des_context *ctx, 24 | const unsigned char input[8], 25 | unsigned char output[8] ); 26 | 27 | 28 | #define MBEDTLS_ERR_DES_INVALID_INPUT_LENGTH -0x0032 /**< The data input has an invalid length. */ 29 | 30 | #define MBEDTLS_DES_ENCRYPT 1 31 | #define MBEDTLS_DES_DECRYPT 0 32 | -------------------------------------------------------------------------------- /xai_plugin/download_plugin.h: -------------------------------------------------------------------------------- 1 | // Mysis download_plugin v0.1 2 | 3 | // Interface 1 4 | class download_if 5 | { 6 | public: 7 | int (*DoUnk0)(int); 8 | int (*DoUnk1)(wchar_t * url); 9 | int (*DoUnk2)(wchar_t * device_path); 10 | int (*DoUnk3)(int, wchar_t *url); 11 | int (*DoUnk4)(int,wchar_t * url,wchar_t *,int,int,uint64_t,uint64_t); 12 | int (*DoUnk5)(int,wchar_t * url,wchar_t * device_path); 13 | int (*DoUnk6)(wchar_t * mimeType,wchar_t *userdata); 14 | int (*DoUnk7)(wchar_t * url,wchar_t *mimeType,void * userdata); 15 | int (*DoUnk8)(void *); 16 | int (*DoUnk9)(void *,int,int); 17 | int (*DoUnk10)(uint8_t); 18 | int (*DoUnk11)(int); 19 | int (*DoUnk12)(char *); 20 | int (*DoUnk13)(char *); 21 | int (*DoUnk14)(int, void *); 22 | int (*DoUnk15)(int,int,int,int,uint64_t,uint64_t,uint64_t); 23 | int (*DoUnk16)(int,wchar_t *,wchar_t *,uint64_t,char *,char *,char *); 24 | int (*DoUnk17)(int); 25 | int (*DoUnk18)(int,void *); 26 | }; 27 | -------------------------------------------------------------------------------- /xai_plugin/explore_plugin.h: -------------------------------------------------------------------------------- 1 | // Mysis explore_plugin.h v0.1 2 | class explore_plugin_interface 3 | { 4 | public: 5 | int (*DoUnk0)(int); 6 | int (*DoUnk1)(); 7 | int (*DoUnk2)(); 8 | int (*DoUnk3)(); 9 | int (*DoUnk4)(); // 10 | int (*DoUnk5)(int *); // ptr = { , count } 11 | int (*DoUnk6)(char *,void *,int); 12 | int (*DoUnk7)(int,int); 13 | int (*DoUnk8)(void *,int,int); 14 | int (*DoUnk9)(void *,int,int); 15 | int (*DoUnk10)(int*,char *); 16 | int (*DoUnk11)(char *, char *, int *); 17 | int (*DoUnk12)(void *); 18 | int (*DoUnk13)(int); 19 | int (*DoUnk14)(int); 20 | int (*DoUnk15)(int,int,int); 21 | int (*DoUnk16)(int,int,int); 22 | int (*DoUnk17)(int,int,int*,int*,int*); 23 | int (*DoUnk18)(int); 24 | int (*DoUnk19)(int); 25 | int (*DoUnk20)(int,uint64_t); 26 | int (*DoUnk21)(void *); 27 | int (*DoUnk22)(void *); 28 | int (*DoUnk23)(); // 29 | int (*DoUnk24)(); 30 | int (*DoUnk25)(); // get target id check 31 | int (*DoUnk26)(char *, char *); 32 | int (*DoUnk27)(void *); 33 | int (*DoUnk28)(char *, void *); 34 | int (*DoUnk29)(char *, void *); 35 | }; -------------------------------------------------------------------------------- /xai_plugin/game_ext_plugin.h: -------------------------------------------------------------------------------- 1 | // Mysis game_ext_plugin.h v0.1 2 | class game_ext_plugin_interface 3 | { 4 | public: 5 | int (*DoUnk0)(); 6 | int (*DoUnk1)(void *, void *); 7 | int (*DoUnk2)(char *, int, int); 8 | int (*DoUnk3)(char *, int); 9 | int (*DoUnk4)(char *, char *, int, int); 10 | int (*DoUnk5)(char *, int, char *, int); 11 | int (*DoUnk6)(void *); 12 | int (*DoUnk7)(int,int,void*); 13 | int (*DoUnk8)(); 14 | int (*DoUnk9)(int, char*, void*,void*); 15 | int (*DoUnk10)(int , void* , void * ); 16 | int (*DoUnk11)(int, int, void*, void*); 17 | int (*DoUnk12)(void*); 18 | int (*DoUnk13)(char*, char*); 19 | int (*DoUnk14)(char*); 20 | int (*DoUnk15)(); 21 | int (*DoUnk16)(char*); 22 | int (*DoUnk17)(char*); 23 | int (*DoUnk18)(); 24 | int (*DoUnk19)(void*); 25 | int (*DoUnk20)(char*,int, char*); 26 | int (*DoUnk21)(char*,int,char*); 27 | int (*DoUnk22)(char*,int,char*); 28 | int (*DoUnk23)(int,char*,int); 29 | int (*DoUnk24)(int,int); 30 | int (*DoUnk25)(void*); 31 | int (*DoUnk26)(void*); 32 | int (*DoUnk27)(void*); 33 | int (*DoUnk28)(int*,char*); 34 | int (*DoUnk29)(void*,char*); 35 | int (*DoUnk30)(); 36 | int (*DoUnk31)(); 37 | int (*DoUnk32)(void*,char*,void*,int); 38 | int (*DoUnk33)(char*); 39 | int (*DoUnk34)(char*); 40 | }; 41 | -------------------------------------------------------------------------------- /xai_plugin/gccpch.h: -------------------------------------------------------------------------------- 1 | // gccpch.h : include file for standard system include files, 2 | // or project specific include files that are used frequently, but 3 | // are changed infrequently. 4 | // gccpch.h.gch will contain the pre-compiled type information 5 | // 6 | 7 | #include 8 | 9 | 10 | #ifndef __GCCPCH__ 11 | #define __GCCPCH__ 12 | 13 | // TODO: reference additional headers your program requires here 14 | int console_write(const char * s); 15 | int sys_sm_shutdown(uint16_t op); 16 | void xmb_reboot(uint16_t op); 17 | void plugin_shutdown(); 18 | int GetProductCode(); 19 | void * getNIDfunc(const char * vsh_module, uint32_t fnid); 20 | int FindView(char * pluginname); 21 | int GetPluginInterface(const char * pluginname, int interface_); 22 | int LoadPlugin(char * pluginname, void * handler); 23 | static int (*plugin_SetInterface)(int view, int interface, void * Handler); 24 | static int (*plugin_SetInterface2)(int view, int interface, void * Handler); 25 | static int (*plugin_GetInterface)(int view,int interface); 26 | static int (*View_Find)(const char *); 27 | static int (*vsh_sprintf)( char*, const char*,...); 28 | 29 | void wait(int seconds); 30 | void lockInputDevice(); 31 | void unlockInputDevice(); 32 | 33 | static int (*vshtask_A02D46E7)(int,const char *); 34 | 35 | #define SYS_SOFT_REBOOT 0x0200 36 | #define SYS_POWER_OFF 0x1100 37 | #define SYS_HARD_REBOOT 0x1200 38 | 39 | #define __VIEW__ "ACT0" 40 | 41 | class xai_plugin_interface_action 42 | { 43 | public: 44 | static void xai_plugin_action(const char * action); 45 | }; 46 | 47 | 48 | static void * xai_plugin_action_if[3] = {(void*)xai_plugin_interface_action::xai_plugin_action, 49 | 0, 50 | 0}; 51 | 52 | class xai_plugin_interface 53 | { 54 | public: 55 | static void xai_plugin_init(int view); 56 | static int xai_plugin_start(void * view); 57 | static int xai_plugin_stop(void); 58 | static void xai_plugin_exit(void); 59 | }; 60 | 61 | static void * xai_plugin_functions[4] = {(void*)xai_plugin_interface::xai_plugin_init, 62 | (void*)xai_plugin_interface::xai_plugin_start, 63 | (void*)xai_plugin_interface::xai_plugin_stop, 64 | (void*)xai_plugin_interface::xai_plugin_exit}; 65 | 66 | 67 | #endif 68 | -------------------------------------------------------------------------------- /xai_plugin/hfw_settings.h: -------------------------------------------------------------------------------- 1 | //#include 2 | //#include 3 | //#include 4 | 5 | #define PRODUCT_MODE_FLAG_OFFSET 0x48C07 6 | #define RECOVERY_MODE_FLAG_OFFSET 0x48C61 7 | 8 | #define VSH_PROCESS_NAME "_main_vsh.self" 9 | //#define INLINE inline __attribute__((always_inline)) 10 | //#define MAKE_KERNEL_ADDRESS(addr) (0x8000000000000000ULL | ((uint32_t)addr)) 11 | //#define MKA MAKE_KERNEL_ADDRESS 12 | 13 | //#define TOC 0x34FBB0// CEX 4.82/4.84/4.85 14 | //#define process_rtoc_entry_1 -0x7800 15 | 16 | #define LV2 0 17 | #define LV1 1 18 | #define RAM 2 19 | 20 | #define LV2_DUMP "LV2-FW%X.%X%X.bin" 21 | #define LV1_DUMP "LV1-FW%X.%X%X.bin" 22 | #define RAM_DUMP "RAM-FW%X.%X%X.bin" 23 | #define TMP_FOLDER "/dev_hdd0/tmp" 24 | 25 | #define SINGLE_BEEP 0x6 26 | #define DOUBLE_BEEP 0x36 27 | #define TRIPLE_BEEP 0x1B6 28 | #define CONTINUOUS_BEEP 0xFFFF 29 | 30 | #define process_id_t uint32_t 31 | #define SYSCALL8_OPCODE_PS3MAPI 0x7777 32 | #define PS3MAPI_OPCODE_GET_ALL_PROC_PID 0x0021 33 | #define PS3MAPI_OPCODE_GET_PROC_NAME_BY_PID 0x0022 34 | #define PS3MAPI_OPCODE_GET_PROC_MEM 0x0031 35 | #define PS3MAPI_OPCODE_SET_PROC_MEM 0x0032 36 | #define MAX_PROCESS 16 37 | 38 | #define QA_FLAG_OFFSET 0x48C0A 39 | 40 | #define printf(...) 41 | //#define DPRINTF(...) 42 | #define DPRINTF printf 43 | 44 | int poke_vsh(uint64_t address, char *buf, int size); 45 | int read_vsh(uint64_t address, char *buf, int size); 46 | 47 | void kpatch(uint64_t kaddr, uint64_t kbytes); 48 | void psn_patch(uint32_t paddr, uint32_t pbytes, bool reset); 49 | void reset_psn_patches(); 50 | 51 | uint64_t lv1_peek(uint64_t addr); 52 | uint8_t lv1_peek8(uint64_t addr); 53 | uint16_t lv1_peek16(uint64_t addr) ; 54 | uint32_t lv1_peek32(uint64_t addr); 55 | void lv1_poke( uint64_t addr, uint64_t val); 56 | void lv1_poke32(uint64_t addr, uint32_t value); 57 | 58 | void hook_func(void * original,void * backup, void * hook_function); 59 | void load_cfw_functions(); 60 | 61 | /*void convert_utf16_to_ascii(const uint16_t *utf16, char *ascii, size_t maxLen); 62 | void ascii_to_utf16(const char *ascii, uint16_t *utf16, size_t maxLen); 63 | int getHexInput(const char *prompt, uint64_t *outValue); 64 | int lv1_peek_keyboard(); 65 | int lv1_poke_keyboard();*/ 66 | 67 | //static int extract_field(const char *json, const char *key, char *dest, size_t dest_size); 68 | //void process_json_command(const char *json); 69 | //void process_json_file(const char *filepath); 70 | //void scan_usb_for_json(void); 71 | 72 | #define eieio() \ 73 | { \ 74 | asm volatile("eieio"); \ 75 | asm volatile("sync"); \ 76 | } 77 | #define isync() asm volatile("isync") 78 | 79 | struct lv2_storage_device_info { 80 | uint8_t res1[32]; 81 | uint32_t vendor_id; 82 | uint32_t device_id; 83 | uint64_t capacity; 84 | uint32_t sector_size; 85 | uint32_t media_count; 86 | uint8_t res2[8]; 87 | }; 88 | 89 | int lv2_ss_get_cache_of_flash_ext_flag(uint8_t *flag); 90 | int lv2_storage_get_device_info(uint64_t dev_id, struct storage_device_info *info); 91 | int lv2_storage_open(uint64_t dev_id, uint32_t *dev_handle); 92 | int lv2_storage_close(uint32_t dev_handle); 93 | int lv2_storage_read(uint32_t dev_handle, uint64_t unknown1, uint64_t start_sector, uint64_t sector_count, const void *buf, uint32_t *unknown2, uint64_t flags); 94 | int lv2_storage_write(uint32_t dev_handle, uint64_t unknown1, uint64_t start_sector, uint64_t sector_count, const void *buf, uint32_t *unknown2, uint64_t flags); 95 | int lv2_dbg_get_console_type(uint64_t* out_type); 96 | bool check_flash_type(); 97 | 98 | uint32_t lv2_ss_update_mgr_if(uint32_t packet_id, uint64_t arg1, uint64_t arg2, uint64_t arg3, uint64_t arg4, uint64_t arg5, uint64_t arg6); 99 | uint32_t lv2_um_read_eeprom(uint32_t offset, uint8_t* outValue); 100 | uint32_t lv2_um_write_eeprom(uint32_t offset, uint8_t inValue); 101 | 102 | bool IsFileExist(const char* path); 103 | size_t GetFileSize(FILE* f); 104 | 105 | double GetFWVersion(); 106 | 107 | //const char* flashtype; 108 | //const char* banksel; 109 | bool FlashIsNor(); 110 | 111 | bool TargetIsCEX(); 112 | bool TargetIsDEX(); 113 | bool TargetIsDECR(); 114 | 115 | uint8_t get_bank_indicator(); 116 | void set_bank_indicator(uint8_t value); 117 | 118 | void CompareROSBanks(void); 119 | 120 | void NorWrite(uint64_t offset, const void* data, uint64_t size); 121 | void NorRead(uint64_t offset, void* data, uint64_t size); 122 | 123 | void BadWDSD_Write_Stagex(); 124 | void BadWDSD_Write_ros(bool compare, bool doFlashRos1); 125 | 126 | bool IsExploited(); 127 | int InstallQCFW(bool doLegacy, bool doSkipRosCompare, bool doFlashRos1); 128 | int InstallStagexOnly(); 129 | int InstallCoreOSOnly(bool doSkipRosCompare, bool doFlashRos1); 130 | void VerifyQCFW(void); 131 | void VerifyStagexOnly(void); 132 | void VerifyCoreOSOnly(void); 133 | 134 | // HV dump region functions 135 | int dump_lv0_code(); 136 | int dump_lv1_code(); 137 | int dump_lv2_region(); 138 | //int dump_spe_mmio(int idx); 139 | int dump_spe0_mmio(); 140 | int dump_spe1_mmio(); 141 | int dump_spe2_mmio(); 142 | int dump_spe3_mmio(); 143 | int dump_spe4_mmio(); 144 | int dump_spe5_mmio(); 145 | int dump_spe6_mmio(); 146 | int dump_pervasive_mem(); 147 | //int dump_spe_shadow(int idx); 148 | int dump_spe1_shadow(); 149 | int dump_spe2_shadow(); 150 | int dump_spe3_shadow(); 151 | int dump_spe4_shadow(); 152 | int dump_spe5_shadow(); 153 | int dump_spe6_shadow(); 154 | int dump_xdr_ch1_size(); 155 | int dump_xdr_ch0_size(); 156 | int dump_xdr_type(); 157 | 158 | int dump_sb_bus_base(); 159 | int dump_sata1_regs(); 160 | int dump_sata2_regs(); 161 | int dump_usb1_regs(); 162 | int dump_usb2_regs(); 163 | int dump_gelic_regs(); 164 | int dump_encdec_regs(); 165 | int dump_sb_ext_intc(); 166 | int dump_sb_int_hdl1(); 167 | int dump_sb_int_hdl2(); 168 | int dump_sb_status(); 169 | 170 | int dump_syscon_pkt_hdr(); 171 | int dump_syscon_pkt_bdy(); 172 | int dump_syscon_recv1(); 173 | int dump_syscon_recv2(); 174 | int dump_syscon_send_hdr(); 175 | int dump_syscon_send_bdy(); 176 | int dump_syscon_send1(); 177 | int dump_syscon_send2(); 178 | int dump_syscon_rcv3(); 179 | int dump_syscon_testbit(); 180 | int dump_syscon_notify(); 181 | 182 | int dump_sata1_bar(); 183 | int dump_sata2_bar(); 184 | int dump_gelic_bar(); 185 | int dump_encdec_bar(); 186 | int dump_encdec_test(); 187 | int dump_encdec_cmd(); 188 | int dump_usb1_bar(); 189 | int dump_usb2_bar(); 190 | 191 | int dump_sata1_bar2(); 192 | int dump_sata2_bar2(); 193 | int dump_sata1_bar3(); 194 | int dump_sata2_bar3(); 195 | int dump_usb1_bar2(); 196 | int dump_usb2_bar2(); 197 | 198 | int dump_nor_flash(); 199 | int dump_sys_rom(); 200 | 201 | int dump_avmngr_regs1(); 202 | int dump_avmngr_regs2(); 203 | int dump_av_outctrl(); 204 | int dump_av_pllctrl(); 205 | int dump_av_misc1(); 206 | int dump_av_misc2(); 207 | int dump_av_misc3(); 208 | int dump_av_misc4(); 209 | int dump_av_misc5(); 210 | 211 | int dump_gpu_mem1(); 212 | int dump_gpu_mem2(); 213 | int dump_gpu_mem3(); 214 | int dump_gpu_mem4(); 215 | int dump_gpu_mem5(); 216 | 217 | int dump_rsx_intstate(); 218 | int dump_ramin_all(); 219 | int dump_ramin_hash(); 220 | int dump_ramin_fifo(); 221 | int dump_dma_objs(); 222 | int dump_graph_objs(); 223 | int dump_graph_ctx(); 224 | 225 | int dump_gameos0(); 226 | int dump_gameos1(); 227 | int dump_gameos2(); 228 | int dump_gameos_htab(); 229 | 230 | // Dump all regions at once 231 | int dump_all_regions(); 232 | 233 | 234 | 235 | // RSX Overclocking 236 | /*#define eieio() \ 237 | { \ 238 | asm volatile("eieio"); \ 239 | asm volatile("sync"); \ 240 | }*/ 241 | 242 | void log_to_usb(const char *message); 243 | 244 | // RSX Overclocking 245 | void TestRsxClockSettings(); 246 | void TestRsxClockSettingsSafe(); 247 | 248 | void apply_rsx_clock(uint64_t core, uint64_t mem); 249 | void apply_rsx_mem_clock(uint64_t mem_mhz); 250 | 251 | void OverclockGpuCoreTest(); 252 | void OverclockGpuMemTest(); 253 | 254 | // Matched Speeds 255 | void set_rsx_clock_100_100(); 256 | void set_rsx_clock_150_150(); 257 | void set_rsx_clock_200_200(); 258 | void set_rsx_clock_250_250(); 259 | void set_rsx_clock_300_300(); 260 | void set_rsx_clock_350_350(); 261 | void set_rsx_clock_400_400(); 262 | void set_rsx_clock_450_450(); 263 | void set_rsx_clock_500_500(); 264 | void set_rsx_clock_550_550(); 265 | void set_rsx_clock_600_600(); 266 | void set_rsx_clock_650_650(); 267 | void set_rsx_clock_700_700(); 268 | void set_rsx_clock_750_750(); 269 | void set_rsx_clock_800_800(); 270 | void set_rsx_clock_850_850(); 271 | void set_rsx_clock_900_900(); 272 | void set_rsx_clock_950_950(); 273 | void set_rsx_clock_1000_1000(); 274 | 275 | // Core-Only Speeds 276 | void set_rsx_clock_100_650(); 277 | void set_rsx_clock_150_650(); 278 | void set_rsx_clock_200_650(); 279 | void set_rsx_clock_250_650(); 280 | void set_rsx_clock_300_650(); 281 | void set_rsx_clock_350_650(); 282 | void set_rsx_clock_400_650(); 283 | void set_rsx_clock_450_650(); 284 | void set_rsx_clock_500_650(); 285 | void set_rsx_clock_550_650(); 286 | void set_rsx_clock_600_650(); 287 | //void set_rsx_clock_650_650();// Duplicate 288 | void set_rsx_clock_700_650(); 289 | void set_rsx_clock_750_650(); 290 | void set_rsx_clock_800_650(); 291 | void set_rsx_clock_850_650(); 292 | void set_rsx_clock_900_650(); 293 | void set_rsx_clock_950_650(); 294 | void set_rsx_clock_1000_650(); 295 | 296 | // Memory Only Speeds 297 | void set_rsx_clock_500_100(); 298 | void set_rsx_clock_500_150(); 299 | void set_rsx_clock_500_200(); 300 | void set_rsx_clock_500_250(); 301 | void set_rsx_clock_500_300(); 302 | void set_rsx_clock_500_350(); 303 | void set_rsx_clock_500_400(); 304 | void set_rsx_clock_500_450(); 305 | //void set_rsx_clock_500_500();// Duplicate 306 | void set_rsx_clock_500_550(); 307 | void set_rsx_clock_500_600(); 308 | //void set_rsx_clock_500_650();// Duplicate 309 | void set_rsx_clock_500_700(); 310 | void set_rsx_clock_500_750(); 311 | void set_rsx_clock_500_800(); 312 | void set_rsx_clock_500_850(); 313 | void set_rsx_clock_500_900(); 314 | void set_rsx_clock_500_950(); 315 | void set_rsx_clock_500_1000(); 316 | 317 | void set_rsx_core_clock_100(void); 318 | void set_rsx_core_clock_150(void); 319 | void set_rsx_core_clock_200(void); 320 | void set_rsx_core_clock_250(void); 321 | void set_rsx_core_clock_300(void); 322 | void set_rsx_core_clock_350(void); 323 | void set_rsx_core_clock_400(void); 324 | void set_rsx_core_clock_450(void); 325 | void set_rsx_core_clock_500(void); 326 | void set_rsx_core_clock_550(void); 327 | void set_rsx_core_clock_600(void); 328 | void set_rsx_core_clock_650(void); 329 | void set_rsx_core_clock_700(void); 330 | void set_rsx_core_clock_750(void); 331 | void set_rsx_core_clock_800(void); 332 | void set_rsx_core_clock_850(void); 333 | void set_rsx_core_clock_900(void); 334 | void set_rsx_core_clock_950(void); 335 | void set_rsx_core_clock_1000(void); 336 | 337 | void set_rsx_mem_clock_100(void); 338 | void set_rsx_mem_clock_125(void); 339 | void set_rsx_mem_clock_150(void); 340 | void set_rsx_mem_clock_175(void); 341 | void set_rsx_mem_clock_200(void); 342 | void set_rsx_mem_clock_225(void); 343 | void set_rsx_mem_clock_250(void); 344 | void set_rsx_mem_clock_275(void); 345 | void set_rsx_mem_clock_300(void); 346 | void set_rsx_mem_clock_325(void); 347 | void set_rsx_mem_clock_350(void); 348 | void set_rsx_mem_clock_375(void); 349 | void set_rsx_mem_clock_400(void); 350 | void set_rsx_mem_clock_425(void); 351 | void set_rsx_mem_clock_450(void); 352 | void set_rsx_mem_clock_475(void); 353 | void set_rsx_mem_clock_500(void); 354 | void set_rsx_mem_clock_525(void); 355 | void set_rsx_mem_clock_550(void); 356 | void set_rsx_mem_clock_575(void); 357 | void set_rsx_mem_clock_600(void); 358 | void set_rsx_mem_clock_625(void); 359 | void set_rsx_mem_clock_650(void); 360 | void set_rsx_mem_clock_675(void); 361 | void set_rsx_mem_clock_700(void); 362 | void set_rsx_mem_clock_725(void); 363 | void set_rsx_mem_clock_750(void); 364 | void set_rsx_mem_clock_775(void); 365 | void set_rsx_mem_clock_800(void); 366 | void set_rsx_mem_clock_825(void); 367 | void set_rsx_mem_clock_850(void); 368 | void set_rsx_mem_clock_875(void); 369 | void set_rsx_mem_clock_900(void); 370 | void set_rsx_mem_clock_925(void); 371 | void set_rsx_mem_clock_950(void); 372 | void set_rsx_mem_clock_975(void); 373 | void set_rsx_mem_clock_1000(void); 374 | 375 | int sys_ss_get_console_id(void * idps); 376 | int sys_ss_get_open_psid(void * psid); 377 | int cellSsAimGetDeviceId(void * idps); 378 | void clean_log(); 379 | void log_klic(); 380 | void log_secureid(); 381 | void enable_recording(); 382 | void enable_screenshot(); 383 | bool rsod_fix(); 384 | void remarry_bd(); 385 | void check_temperature(); 386 | int dump_lv2(); 387 | void unlock_hdd_space(); 388 | void control_led(const char * action); 389 | void override_sfo(); 390 | bool enable_hvdbg(); 391 | void backup_registry(); 392 | void usb_firm_loader(); 393 | void dump_disc_key(); 394 | void dump_idps(); 395 | void dump_psid(); 396 | void applicable_version(); 397 | void toggle_dlna(); 398 | void rebuild_db(); 399 | int fs_check(); 400 | void recovery_mode(); 401 | bool service_mode(); 402 | void read_qa_flag(); 403 | void toggle_generic(char* path_to_file, char* name); 404 | void toggle_auto_update(); 405 | void toggle_hen_repair(); 406 | void toggle_patch_libaudio(); 407 | void toggle_hotkey_polling(); 408 | void toggle_app_home(); 409 | void toggle_quick_preview(); 410 | void toggle_hen_dev_build(); 411 | void uninstall_hen(); 412 | int switch_hen_mode(int mode);// Used for switching from release to debug 413 | void disable_remaps_on_next_boot(); 414 | void toggle_rap_bin(); 415 | 416 | // Clear Web Cache Functions (History, Auth Cache, Cookie) 417 | void toggle_clear_web_history(); 418 | void toggle_clear_web_auth_cache(); 419 | void toggle_clear_web_cookie(); 420 | 421 | // Clear PSN Cache Functions (CI, MI, PTL) 422 | void toggle_clear_psn_ci(); 423 | void toggle_clear_psn_mi(); 424 | void toggle_clear_psn_ptl(); 425 | 426 | // BadHTAB Testing 427 | int dump_full_ram(); 428 | int dump_lv1(); 429 | bool test_lv1_peek(); 430 | bool test_lv1_peek32(); 431 | bool test_lv1_poke(); 432 | bool test_lv1_poke32(); 433 | void badhtab_copy_log(); 434 | void badhtab_toggle_glitcher_test(); 435 | void badhtab_toggle_skip_stage1(); 436 | //void badhtab_toggle_skip_stage_cfw(); 437 | void badhtab_toggle_skip_stage2(); 438 | void badhtab_toggle_skip_patch_more_lv1(); 439 | void badhtab_toggle_lv1_dump(); 440 | void badhtab_toggle_lv1_dump_240m(); 441 | void badhtab_toggle_otheros(); 442 | void badhtab_toggle_lv2_kernel_self(); 443 | void badhtab_toggle_lv2_kernel_fself(); 444 | 445 | // BadWDSD Testing 446 | void badwdsd_copy_log(); 447 | void badwdsd_toggle_lv2_kernel_fself(); 448 | void badwdsd_toggle_lv2_kernel_zfself(); 449 | void badwdsd_toggle_otheros_fself(); 450 | void badwdsd_toggle_otheros_zfself(); 451 | void badwdsd_toggle_skip_ros_compare(); 452 | void badwdsd_toggle_flash_ros1(); 453 | 454 | // LV1 Patches 455 | int toggle_lv1_patch(const char* name, uint64_t addr, uint64_t ovalue, uint64_t pvalue); 456 | int toggle_lv1_patch32(const char* name, uint64_t addr, uint32_t ovalue, uint32_t pvalue); 457 | int unmask_bootldr(); 458 | 459 | void toggle_lv1_patch_unmask_bootldr(); 460 | void toggle_lv1_patch_test1(); 461 | void toggle_lv1_patch_test2(); 462 | 463 | union clock_s { 464 | public: 465 | struct { 466 | public: 467 | uint8_t junk1; 468 | uint8_t junk2; 469 | uint8_t mul; 470 | uint8_t junk3; 471 | }; 472 | uint32_t value; 473 | }; 474 | void lv1_read(uint64_t addr, uint64_t size, void *out_Buf); 475 | void lv1_write(uint64_t addr, uint64_t size, const void *in_Buf); 476 | 477 | void read_write_generic(const char* src, const char* dest); 478 | void read_write_generic_notify(const char* src, const char* dest); 479 | void read_write_generic2(const char* src, const char* dest, CellFsMode chmod); 480 | void remove_file(char* path_to_file, char* message); 481 | void write_toggle(char* path_to_file, char* message); 482 | 483 | void installPKG(char * path); 484 | int download_status(); 485 | void downloadPKG(wchar_t * url); 486 | 487 | int checkDirectory(char * pDirectoryPath); 488 | void searchDirectory(char * pDirectoryPath, char * fileformat, char * fileout ); 489 | 490 | int read_recovery_mode_flag(void * data); 491 | int set_recovery_mode_flag(uint8_t value); 492 | int read_product_mode_flag(void * data); 493 | int set_product_mode_flag(uint8_t value); 494 | 495 | static int (*update_mgr_read_eprom)(int offset, void * buffer); 496 | static int (*update_mgr_write_eprom)(int offset, int value); 497 | 498 | static int (*xBDVDGetInstance)(); 499 | 500 | static int (*vsh_2B58A92C)(void*); 501 | static int (*vsh_E20104BE)(); 502 | static void *(*allocator_759E0635)(size_t); 503 | static void (*allocator_77A602DD)(void *); 504 | 505 | int cellFsUtilMount(const char * device_name, const char * device_fs, const char * device_path, int r6, int write_prot, int r8, int * r9); 506 | int cellFsUtilUnMount(const char * device_path, int r4); 507 | 508 | int* load_module(char * path); 509 | int AesCbcCfbEncrypt(void *out, void *in, uint32_t length, void *user_key, int bits, void *iv); 510 | int AesCbcCfbDecrypt(void *out, void *in, uint32_t length, void *user_key, int bits, void *iv); 511 | 512 | 513 | 514 | static uint8_t eid2_indiv_seed_[0x40] = {0x74, 0x92, 0xE5, 0x7C, 0x2C, 0x7C, 0x63, 0xF4, 0x49, 0x42, 0x26, 0x8F, 0xB4, 0x1C, 0x58, 0xED, 515 | 0x66, 0x83, 0x41, 0xF9, 0xC9, 0x7B, 0x29, 0x83, 0x96, 0xFA, 0x9D, 0x82, 0x07, 0x51, 0x99, 0xD8, 516 | 0xBC, 0x1A, 0x93, 0x4B, 0x37, 0x4F, 0xA3, 0x8D, 0x46, 0xAF, 0x94, 0xC7, 0xC3, 0x33, 0x73, 0xB3, 517 | 0x09, 0x57, 0x20, 0x84, 0xFE, 0x2D, 0xE3, 0x44, 0x57, 0xE0, 0xF8, 0x52, 0x7A, 0x34, 0x75, 0x3D}; 518 | 519 | struct pblock_aes_struct 520 | { 521 | uint8_t pblock_hdr[0x10]; 522 | uint8_t pblock_des[0x60]; 523 | uint8_t pblock_hash[0x10]; 524 | }; 525 | struct sblock_aes_struct 526 | { 527 | uint8_t sblock_hdr[0x10]; 528 | uint8_t sblock_des[0x670]; 529 | uint8_t sblock_hash[0x10]; 530 | }; 531 | struct eid2_struct 532 | { 533 | unsigned short pblock_size; 534 | unsigned short sblock_size; 535 | uint8_t padding[0x1C]; // 00.... 00 00 / 00 03 536 | pblock_aes_struct pblock_aes; 537 | sblock_aes_struct sblock_aes; 538 | }; 539 | 540 | struct inquiry_block { 541 | uint8_t pkt[0x20]; /* packet command block */ 542 | uint32_t pktlen; 543 | uint32_t blocks; 544 | uint32_t block_size; 545 | uint32_t proto; /* transfer mode */ 546 | uint32_t in_out; /* transfer direction */ 547 | uint32_t unknown; 548 | }; 549 | 550 | enum lv2_atapi_proto { 551 | NON_DATA_PROTO = 0, 552 | PIO_DATA_IN_PROTO = 1, 553 | PIO_DATA_OUT_PROTO = 2, 554 | DMA_PROTO = 3 555 | }; 556 | enum lv2_atapi_in_out { 557 | DIR_WRITE = 0, /* memory -> device */ 558 | DIR_READ = 1 /* device -> memory */ 559 | }; 560 | struct lv2_atapi_cmnd_block { 561 | uint8_t pkt[0x20]; /* packet command block */ 562 | uint32_t pktlen; 563 | uint32_t blocks; 564 | uint32_t block_size; 565 | uint32_t proto; /* transfer mode */ 566 | uint32_t in_out; /* transfer direction */ 567 | uint32_t unknown; 568 | } __attribute__((packed)); 569 | 570 | typedef struct 571 | { 572 | void *unk_00; // 0 573 | char name[24]; // 8 574 | // ... 575 | } __attribute__((packed)) UnkProcessStruct; 576 | 577 | typedef struct _process_t 578 | { 579 | void *syscall_table; // 0 580 | uint64_t unk_8[4]; // 8 581 | uint32_t pid; // 0x28 582 | int status; // 0x2C 583 | void *mem_object; // 0x30 584 | UnkProcessStruct *unk_38; // 0x38 585 | uint64_t unk_40; // 0x40 586 | void *first_thread; // 0x48 587 | uint64_t unk_50; // 0x50 588 | uint64_t unk_58; // 0x58 589 | void *unk_60; // 0x60 590 | void *unk_68; // 0x68 vshprocess -> mios2_SPU_Service.elf 591 | void *unk_70; // 0x70 vshprocess -> mios2_SPU_Service.elf 592 | uint64_t unk_78; // 0x78 593 | uint64_t unk_80; // 0x80 594 | uint64_t unk_88[4]; // 0x88 595 | uint64_t unk_A8; // 0xA8 user address? 596 | struct _process_t *parent; // 0xB0 597 | struct _process_t *first_child; // 0xB8 598 | struct _process_t *next_sibling; // 0xC0 599 | uint64_t num_children; // 0xC8 600 | void *unk_D0; // 0xD0 601 | uint64_t unk_D8; // 0xD8 602 | uint64_t unk_E0; // 0xE0 603 | uint64_t unk_E8; // 0xE8 604 | uint64_t unk_F0[2]; // 0xF0 605 | uint64_t unk_100; // 0x100 606 | uint64_t unk_108; // 0x108 607 | void *unk_110; // 0x110 608 | void *unk_118; // 0x118 vshprocess -> pointer to unk_D0 609 | uint64_t unk_120; // 0x120 610 | void *unk_128; // 0x128 only on vshprocess -> same as first_thread 611 | void *unk_130; // 0x130 only on vsh process -> same as first thread 612 | uint64_t unk_138; // 0x138 613 | uint64_t unk_140[4]; // 0x140 614 | char *process_image; // 0x160 615 | void *unk_168; // 0x168 616 | uint64_t unk_170; // 0x170 617 | uint64_t unk_178; // 0x178 618 | uint64_t unk_180; // 0x180 619 | uint64_t unk_188[4]; // 0x188 620 | uint64_t unk_1A8; // 0x1A8 621 | uint64_t unk_1B0; // 0x1B0 622 | uint64_t unk_1B8; // 0x1B8 623 | uint64_t unk_1C0; // 0x1C0 624 | uint64_t unk_1C8; // 0x1C8 625 | uint64_t unk_1D0; // 0x1D0 626 | uint64_t unk_1D8; // 0x1D8 627 | uint64_t unk_1E0; // 0x1E0 628 | uint64_t unk_1E8[4]; // 0x1E8 629 | void *object_table; // 0x208 waiting for a better name... 630 | // ...? 631 | // 0x26C -> sdk version 32bits 632 | } __attribute__((packed)) *process_t; 633 | -------------------------------------------------------------------------------- /xai_plugin/log.cpp: -------------------------------------------------------------------------------- 1 | 2 | #include "log.h" 3 | #include 4 | #include 5 | #include 6 | #include "gccpch.h" 7 | #include 8 | #include 9 | 10 | void load_log_functions() 11 | { 12 | (void*&)(vsh_sprintf) = (void*)((int)getNIDfunc("stdc",0x273B9711)); 13 | } 14 | 15 | void log_data(const void * buffer, int bufsize) 16 | { 17 | log("Dumping Data:\n"); 18 | char tmp[0x30]; 19 | for(int i=0;i 2 | 3 | void load_log_functions(); 4 | char * getlogpath(); 5 | void setlogpath(char * path); 6 | 7 | int sprintf_(char *str, const char *format, int v1); 8 | int sprintf_(char *str, const char *format, int v1, int v2); 9 | int sprintf_(char *str, const char *format, int v1, int v2, int v3); 10 | int sprintf_(char *str, const char *format, int v1, int v2, int v3, int v4); 11 | int sprintf_(char *str, const char *format, int v1, int v2, int v3, int v4, int v5); 12 | //int sprintf_(char *str, const char *format, int v1, int v2, int v3, int v4, int v5, int v6, int v7, int v8); 13 | //int sprintf_(char *str, const char *format, int v1, int v2, int v3, int v4, int v5, int v6, int v7, int v8, int v9, int v10, int v11, int v12, int v13, int v14, int v15, int v16); 14 | 15 | /*int swprintf_(wchar_t *str, size_t size, const wchar_t *format); 16 | int swprintf_(wchar_t *str, size_t size, const wchar_t *format, int v1); 17 | int swprintf_(wchar_t *str, size_t size, const wchar_t *format, int v1, int v2); 18 | int swprintf_(wchar_t *str, size_t size, const wchar_t *format, int v1, int v2, int v3); 19 | int swprintf_(wchar_t *str, size_t size, const wchar_t *format, int v1, int v2, int v3, int v4); 20 | int swprintf_(wchar_t *str, size_t size, const wchar_t *format, int v1, int v2, int v3, int v4, int v5); 21 | int swprintf_(wchar_t *str, size_t size, const wchar_t *format, int v1, int v2, int v3, int v4, int v5, int v6); 22 | int swprintf_(wchar_t *str, size_t size, const wchar_t *format, int v1, int v2, int v3, int v4, int v5, int v6, int v7); 23 | int swprintf_(wchar_t *str, size_t size, const wchar_t *format, int v1, int v2, int v3, int v4, int v5, int v6, int v7, int v8); 24 | int swprintf_(wchar_t *str, size_t size, const wchar_t *format, int v1, int v2, int v3, int v4, int v5, int v6, int v7, int v8, int v9);*/ 25 | 26 | void log(char * buffer); 27 | void log(char * format, char * param1); 28 | void log(char * format, const char * param1); 29 | void log(char * format, const wchar_t * param1); 30 | void log(char * format, char param1); 31 | void log(char * format, int param1); 32 | //void log(const char format, const char* param2); 33 | void log(const char * format, int param1, const char* param2); 34 | void log(const char * format, int param1, const char* param2, const char* param3); 35 | void log(char * format, float param1); 36 | void log(char * pluginname,char * view, const char * function); 37 | 38 | void log_key(char * keyname,void * key); 39 | void log_data(const void * buffer, int bufsize); 40 | 41 | void log_function(char * pluginname,char * view, const char * function, char * format, int param1); 42 | void log_function(char * pluginname,char * view, const char * function, char * format, const char* param1); 43 | 44 | void notify(char * param); 45 | void notify(char * format, char * param1); 46 | void notify(const char * format, int param1); 47 | //void notify(const char* format, const char* param1); 48 | void notify(const char * format, int param1, int param2); 49 | void notify(const char * format, int param1, int param2, int param3, int param4); 50 | void notify(const char* format, const char* param1, uint64_t param2, uint32_t param3, uint32_t param4); 51 | void notify(const char * format, char* param1, int param2); 52 | void notify(const char * format, const char* param1, int param2); 53 | //void notify(const char * format, int param1, int param2, int param3); 54 | void notify(const char * format, int param1, int param2, bool logging); 55 | void notify(const char * format, int param1, int param2, int param3, int param4, bool logging); 56 | void notify(const char * format, int param1, char * param2, int param3, int param4, bool logging); 57 | void notify(const char * format, int param1, int param2, int param3, int param4, int param5, int param6, bool logging); 58 | 59 | void notify64(const char * format, uint64_t param1); 60 | void notify64(const char * format, uint64_t param1, uint64_t param2); 61 | void notify64(const char * format, uint64_t param1, uint64_t param2, uint64_t param3); 62 | void notify64(const char * format, char* param1, uint64_t param2, uint64_t param3); 63 | void notify64(const char * format, char* param1, uint64_t param2, uint64_t param3, uint64_t param4); 64 | void notify64(const char * format, uint64_t param1, uint64_t param2, uint64_t param3, uint64_t param4, uint64_t param5, uint64_t param6, uint64_t param7, uint64_t param8); 65 | 66 | void dump_file(const char * path, void * buffer, int size); -------------------------------------------------------------------------------- /xai_plugin/prx.cpp: -------------------------------------------------------------------------------- 1 | #include 2 | #include 3 | #include 4 | #include 5 | #include 6 | #include 7 | 8 | #include 9 | #include 10 | #include 11 | #include 12 | #include 13 | #include 14 | 15 | #include "gccpch.h" 16 | #include "xmb_plugin.h" 17 | #include "log.h" 18 | #include "hfw_settings.h" 19 | #include "x3.h" 20 | #include "xRegistry.h" 21 | #include "download_plugin.h" 22 | 23 | 24 | 25 | SYS_MODULE_INFO( xai_plugin, 0, 1, 1); 26 | SYS_MODULE_START( _xai_plugin_prx_entry ); 27 | SYS_MODULE_STOP( _xai_plugin_prx_stop ); 28 | SYS_MODULE_EXIT( _xai_plugin_prx_exit ); 29 | 30 | SYS_LIB_DECLARE_WITH_STUB( LIBNAME, SYS_LIB_AUTO_EXPORT, STUBNAME ); 31 | SYS_LIB_EXPORT( _xai_plugin_export_function, LIBNAME ); 32 | 33 | // An exported function is needed to generate the project's PRX stub export library 34 | extern "C" int _xai_plugin_export_function(void) 35 | { 36 | return CELL_OK; 37 | } 38 | 39 | void * getNIDfunc(const char * vsh_module, uint32_t fnid) 40 | { 41 | // 0x10000 = ELF 42 | // 0x10080 = segment 2 start 43 | // 0x10200 = code start 44 | 45 | uint32_t table = (*(uint32_t*)0x1008C) + 0x984; // vsh table address 46 | 47 | while(((uint32_t)*(uint32_t*)table) != 0) 48 | { 49 | uint32_t* export_stru_ptr = (uint32_t*)*(uint32_t*)table; // ptr to export stub, size 2C, "sys_io" usually... Exports:0000000000635BC0 stru_635BC0: ExportStub_s <0x1C00, 1, 9, 0x39, 0, 0x2000000, aSys_io, ExportFNIDTable_sys_io, ExportStubTable_sys_io> 50 | 51 | const char* lib_name_ptr = (const char*)*(uint32_t*)((char*)export_stru_ptr + 0x10); 52 | 53 | if(strncmp(vsh_module,lib_name_ptr,strlen(lib_name_ptr))==0) 54 | { 55 | //log("found module name\n"); 56 | // we got the proper export struct 57 | uint32_t lib_fnid_ptr = *(uint32_t*)((char*)export_stru_ptr + 0x14); 58 | uint32_t lib_func_ptr = *(uint32_t*)((char*)export_stru_ptr + 0x18); 59 | uint16_t count = *(uint16_t*)((char*)export_stru_ptr + 6); // amount of exports 60 | for(int i=0;iShutdown(xai_plugin,0,0); 103 | //} 104 | 105 | 106 | xsetting_AF1F161_class* (*xsetting_AF1F161)() = 0; 107 | int GetProductCode() 108 | { 109 | return xsetting_AF1F161()->GetProductCode(); 110 | } 111 | 112 | int FindView(char * pluginname) 113 | { 114 | return View_Find(pluginname); 115 | } 116 | int GetPluginInterface(const char * pluginname, int interface_) 117 | { 118 | return plugin_GetInterface(View_Find(pluginname),interface_); 119 | } 120 | int LoadPlugin(char * pluginname, void * handler) 121 | { 122 | log_function("xai_plugin","1",__FUNCTION__,"(%s)\n",pluginname); 123 | return xmm0_interface->LoadPlugin3( xmm0_interface->GetPluginIdByName(pluginname), handler,0); 124 | } 125 | 126 | 127 | void wait(int sleep_time) 128 | { 129 | sys_timer_sleep(sleep_time); 130 | } 131 | void (*paf_55EE69A7)()=0; 132 | void lockInputDevice() { paf_55EE69A7(); } 133 | void (*paf_E26BBDE4)()=0; 134 | void unlockInputDevice() { paf_E26BBDE4(); } 135 | 136 | int load_functions() 137 | { 138 | (void*&)(View_Find) = (void*)((int)getNIDfunc("paf",0xF21655F3)); 139 | (void*&)(plugin_GetInterface) = (void*)((int)getNIDfunc("paf",0x23AFB290)); 140 | (void*&)(plugin_SetInterface) = (void*)((int)getNIDfunc("paf",0xA1DC401)); 141 | (void*&)(plugin_SetInterface2) = (void*)((int)getNIDfunc("paf",0x3F7CB0BF)); 142 | 143 | (void*&)(paf_55EE69A7) = (void*)((int)getNIDfunc("paf",0x55EE69A7)); // lockInputDevice 144 | (void*&)(paf_E26BBDE4) = (void*)((int)getNIDfunc("paf",0xE26BBDE4)); // unlockInputDevice 145 | 146 | (void*&)(xsetting_AF1F161) = (void*)((int)getNIDfunc("xsetting",0xAF1F161)); 147 | 148 | load_log_functions(); 149 | load_cfw_functions(); 150 | 151 | unsigned int xmm0_id = ('X' << 24) | ('M' << 16) | ('M' << 8) | '0'; 152 | unsigned int xmb2_id = ('X' << 24) | ('M' << 16) | ('B' << 8) | '2'; 153 | //xmm0_interface = (xmb_plugin_xmm0 *)GetPluginInterface("xmb_plugin",'XMM0'); 154 | //xmb2_interface = (xmb_plugin_xmb2 *)GetPluginInterface("xmb_plugin",'XMB2'); 155 | xmm0_interface = (xmb_plugin_xmm0 *)GetPluginInterface("xmb_plugin", xmm0_id); 156 | xmb2_interface = (xmb_plugin_xmb2 *)GetPluginInterface("xmb_plugin", xmb2_id); 157 | 158 | 159 | setlogpath("/dev_hdd0/tmp/hfw_settings.log"); // default path 160 | 161 | uint8_t data; 162 | int ret = read_product_mode_flag(&data); 163 | if(ret == CELL_OK) 164 | { 165 | if(data != 0xFF) 166 | { 167 | setlogpath("/dev_usb/hfw_settings.log"); // to get output data 168 | } 169 | } 170 | return 0; 171 | } 172 | 173 | int setInterface(unsigned int view) 174 | { 175 | return plugin_SetInterface2(view, 1, xai_plugin_functions); 176 | } 177 | 178 | extern "C" int _xai_plugin_prx_entry(size_t args, void *argp) 179 | { 180 | load_functions(); 181 | log_function("xai_plugin","",__FUNCTION__,"()\n",0); 182 | setInterface(*(unsigned int*)argp); 183 | return SYS_PRX_RESIDENT; 184 | } 185 | 186 | extern "C" int _xai_plugin_prx_stop(void) 187 | { 188 | log_function("xai_plugin","",__FUNCTION__,"()\n",0); 189 | return SYS_PRX_STOP_OK; 190 | } 191 | 192 | extern "C" int _xai_plugin_prx_exit(void) 193 | { 194 | log_function("xai_plugin","",__FUNCTION__,"()\n",0); 195 | return SYS_PRX_STOP_OK; 196 | } 197 | 198 | 199 | void xai_plugin_interface::xai_plugin_init(int view) 200 | { 201 | unsigned int act0_id = ('A' << 24) | ('C' << 16) | ('T' << 8) | '0'; 202 | log_function("xai_plugin","1",__FUNCTION__,"()\n",0); 203 | //plugin_SetInterface(view,'ACT0', xai_plugin_action_if); 204 | plugin_SetInterface(view, act0_id, xai_plugin_action_if); 205 | } 206 | 207 | int xai_plugin_interface::xai_plugin_start(void * view) 208 | { 209 | log_function("xai_plugin","1",__FUNCTION__,"()\n",0); 210 | return SYS_PRX_START_OK; 211 | } 212 | 213 | int xai_plugin_interface::xai_plugin_stop(void) 214 | { 215 | log_function("xai_plugin","1",__FUNCTION__,"()\n",0); 216 | return SYS_PRX_STOP_OK; 217 | } 218 | 219 | void xai_plugin_interface::xai_plugin_exit(void) 220 | { 221 | log_function("xai_plugin","1",__FUNCTION__,"()\n",0); 222 | } 223 | 224 | void xai_plugin_interface_action::xai_plugin_action(const char * action) 225 | { 226 | log_function("xai_plugin",__VIEW__,__FUNCTION__,"(%s)\n",action); 227 | 228 | // HFW Tools XML 229 | 230 | // Restart PS3 231 | if(strcmp(action,"soft_reboot_action")==0) 232 | { 233 | xmb_reboot(SYS_SOFT_REBOOT); 234 | } 235 | else if(strcmp(action,"hard_reboot_action")==0) 236 | { 237 | xmb_reboot(SYS_HARD_REBOOT); 238 | } 239 | else if(strcmp(action,"power_off_action")==0) 240 | { 241 | xmb_reboot(SYS_POWER_OFF); 242 | } 243 | 244 | // In-Game Settings 245 | else if (strcmp(action, "override_sfo") == 0) 246 | { 247 | override_sfo(); 248 | } 249 | /* 250 | else if (strcmp(action, "enable_screenshot") == 0) 251 | { 252 | enable_screenshot(); 253 | } 254 | */ 255 | /* 256 | else if(strcmp(action,"enable_recording")==0) 257 | { 258 | enable_recording(); 259 | } 260 | */ 261 | 262 | // Basic Tools 263 | else if(strcmp(action, "show_temp") == 0) 264 | { 265 | check_temperature(); 266 | } 267 | 268 | // QA Tools 269 | else if(strcmp(action, "check_qa") == 0) 270 | { 271 | read_qa_flag(); 272 | } 273 | 274 | // Dump Tools 275 | else if(strcmp(action, "dump_lv2") == 0) 276 | { 277 | dump_lv2(); 278 | } 279 | else if(strcmp(action,"clean_log")==0) 280 | { 281 | clean_log(); 282 | } 283 | else if (strcmp(action, "dump_idps") == 0) 284 | { 285 | dump_idps(); 286 | } 287 | else if (strcmp(action, "dump_psid") == 0) 288 | { 289 | dump_psid(); 290 | } 291 | else if(strcmp(action,"log_klic")==0) 292 | { 293 | log_klic(); 294 | } 295 | else if(strcmp(action,"log_secureid")==0) 296 | { 297 | log_secureid(); 298 | } 299 | else if (strcmp(action, "dump_disc_key") == 0) 300 | { 301 | dump_disc_key(); 302 | } 303 | else if (strcmp(action, "backup_registry") == 0) 304 | { 305 | backup_registry(); 306 | } 307 | 308 | // Service Tools 309 | else if (strcmp(action, "applicable_version") == 0) 310 | { 311 | applicable_version(); 312 | } 313 | else if (strcmp(action, "fs_check") == 0) 314 | { 315 | //if(fs_check() == CELL_OK) 316 | // xmb_reboot(SYS_SOFT_REBOOT); 317 | sys_sm_shutdown(SYS_SOFT_REBOOT); // no need to unlink files. 318 | } 319 | else if (strcmp(action, "rebuild_db") == 0) 320 | { 321 | rebuild_db(); 322 | xmb_reboot(SYS_SOFT_REBOOT); 323 | } 324 | else if (strcmp(action, "recovery_mode") == 0) 325 | { 326 | recovery_mode(); 327 | xmb_reboot(SYS_HARD_REBOOT); 328 | } 329 | else if(strcmp(action, "toggle_hdd_space") == 0) 330 | { 331 | unlock_hdd_space(); 332 | } 333 | /* 334 | else if(strcmp(action,"service_mode")==0) 335 | { 336 | if(service_mode() == true) 337 | xmb_reboot(SYS_HARD_REBOOT); 338 | } 339 | */ 340 | 341 | // Update Tools 342 | 343 | // PS3HEN Automatic Update Toggle 344 | else if (strcmp(action, "toggle_auto_update") == 0) 345 | { 346 | toggle_auto_update(); 347 | } 348 | 349 | // PS3HEN libaudio Patch Toggle 350 | else if (strcmp(action, "toggle_patch_libaudio") == 0) 351 | { 352 | toggle_patch_libaudio(); 353 | } 354 | 355 | // Clear Web Cache: History 356 | else if (strcmp(action, "toggle_clear_web_history") == 0) 357 | { 358 | toggle_clear_web_history(); 359 | } 360 | 361 | // Clear Web Cache: Auth Cache 362 | else if (strcmp(action, "toggle_clear_web_auth_cache") == 0) 363 | { 364 | toggle_clear_web_auth_cache(); 365 | } 366 | 367 | // Clear Web Cache: Cookie 368 | else if (strcmp(action, "toggle_clear_web_cookie") == 0) 369 | { 370 | toggle_clear_web_cookie(); 371 | } 372 | 373 | // Clear PSN Cache: CI 374 | else if (strcmp(action, "toggle_clear_psn_ci") == 0) 375 | { 376 | toggle_clear_psn_ci(); 377 | } 378 | 379 | // Clear PSN Cache: MI 380 | else if (strcmp(action, "toggle_clear_psn_mi") == 0) 381 | { 382 | toggle_clear_psn_mi(); 383 | } 384 | 385 | // Clear PSN Cache: PTL 386 | else if (strcmp(action, "toggle_clear_psn_ptl") == 0) 387 | { 388 | toggle_clear_psn_ptl(); 389 | } 390 | 391 | // Switch HEN Mode Release 392 | else if (strcmp(action, "hen_mode_release") == 0) 393 | { 394 | switch_hen_mode(0); 395 | } 396 | 397 | // Switch HEN Mode Debug 398 | else if (strcmp(action, "hen_mode_debug") == 0) 399 | { 400 | switch_hen_mode(1); 401 | } 402 | 403 | // Switch HEN Mode USB Release 404 | else if (strcmp(action, "hen_mode_usb_000") == 0) 405 | { 406 | switch_hen_mode(2); 407 | } 408 | 409 | // Switch HEN Mode USB Debug 410 | else if (strcmp(action, "hen_mode_usb_001") == 0) 411 | { 412 | switch_hen_mode(3); 413 | } 414 | 415 | /* 416 | // PS3HEN Repair Installation Files Toggle 417 | else if (strcmp(action, "toggle_hen_repair") == 0) 418 | { 419 | toggle_hen_repair(); 420 | } 421 | */ 422 | 423 | // Toggle Developer Build Type 424 | else if (strcmp(action, "toggle_hen_dev_build") == 0) 425 | { 426 | toggle_hen_dev_build(); 427 | } 428 | 429 | // Disable Remapping On Next Reboot 430 | else if (strcmp(action, "disable_remaps_on_next_boot") == 0) 431 | { 432 | disable_remaps_on_next_boot(); 433 | } 434 | 435 | // Remove check file for HEN Install Flag 436 | else if (strcmp(action, "trigger_hen_install") == 0) 437 | { 438 | remove_file("/dev_rewrite/vsh/resource/explore/icon/hen_enable.png", "Reboot to re-install PS3HEN"); 439 | } 440 | 441 | // Uninstall PS3HEN 442 | else if (strcmp(action, "uninstall_hen") == 0) 443 | { 444 | uninstall_hen(); 445 | } 446 | 447 | // Toggle HotKey Polling on HEN Launch 448 | else if (strcmp(action, "toggle_hotkey_polling") == 0) 449 | { 450 | toggle_hotkey_polling(); 451 | } 452 | 453 | // Toggle app_home support 454 | else if (strcmp(action, "toggle_app_home") == 0) 455 | { 456 | toggle_app_home(); 457 | } 458 | 459 | // Toggle Quick Preview support 460 | else if (strcmp(action, "toggle_quick_preview") == 0) 461 | { 462 | toggle_quick_preview(); 463 | } 464 | 465 | // Toggle rap.bin support 466 | else if (strcmp(action, "toggle_rap_bin") == 0) 467 | { 468 | toggle_rap_bin(); 469 | } 470 | 471 | // BadWDSD/qCFW 472 | /*else if(strcmp(action, "badwdsd_install_qcfw") == 0) 473 | { 474 | InstallQCFW(false, false, false);// Default FALSE (doLegacy, doSkipRosCompare, doFlashRos1) 475 | } 476 | else if(strcmp(action, "badwdsd_install_stagex_only") == 0) 477 | { 478 | InstallStagexOnly(); 479 | } 480 | else if(strcmp(action, "badwdsd_install_coreos_only") == 0) 481 | { 482 | InstallCoreOSOnly(false, false);// Default FALSE doSkipRosCompare, doFlashRos1) 483 | }*/ 484 | 485 | else if (strcmp(action, "badwdsd_install_qcfw") == 0) 486 | { 487 | if (!InstallQCFW(false, false, false)) 488 | { 489 | notify("QCFW install failed, exiting.\n"); 490 | return; 491 | } 492 | } 493 | else if (strcmp(action, "badwdsd_install_stagex_only") == 0) 494 | { 495 | if (!InstallStagexOnly()) 496 | { 497 | notify("Stagex install failed, exiting.\n"); 498 | return; 499 | } 500 | } 501 | else if (strcmp(action, "badwdsd_install_coreos_only") == 0) 502 | { 503 | if (!InstallCoreOSOnly(false, false)) 504 | { 505 | notify("CoreOS install failed, exiting.\n"); 506 | return; 507 | } 508 | } 509 | 510 | else if(strcmp(action, "badwdsd_verify_qcfw") == 0) 511 | { 512 | VerifyQCFW(); 513 | } 514 | else if(strcmp(action, "badwdsd_verify_stagex_only") == 0) 515 | { 516 | VerifyStagexOnly(); 517 | } 518 | else if(strcmp(action, "badwdsd_verify_coreos_only") == 0) 519 | { 520 | VerifyCoreOSOnly(); 521 | } 522 | 523 | // Test indivdual functions 524 | else if(strcmp(action, "badwdsd_get_fw_version") == 0) 525 | { 526 | GetFWVersion(); 527 | } 528 | else if(strcmp(action, "badwdsd_target_is_cex") == 0) 529 | { 530 | TargetIsCEX(); 531 | } 532 | else if(strcmp(action, "badwdsd_target_is_dex") == 0) 533 | { 534 | TargetIsDEX(); 535 | } 536 | else if(strcmp(action, "badwdsd_target_is_decr") == 0) 537 | { 538 | TargetIsDECR(); 539 | } 540 | else if(strcmp(action, "badwdsd_is_exploited") == 0) 541 | { 542 | IsExploited(); 543 | } 544 | else if(strcmp(action, "badwdsd_get_bank_indicator") == 0) 545 | { 546 | get_bank_indicator(); 547 | } 548 | else if(strcmp(action, "badwdsd_set_bank_indicator_00") == 0) 549 | { 550 | set_bank_indicator(0x00); 551 | } 552 | else if(strcmp(action, "badwdsd_set_bank_indicator_ff") == 0) 553 | { 554 | set_bank_indicator(0xff); 555 | } 556 | else if(strcmp(action, "badwdsd_get_flash_type") == 0) 557 | { 558 | const char* flashtype = (FlashIsNor() ? "NOR" : "NAND"); 559 | notify("Flash is %s\n", (char*)flashtype); 560 | } 561 | else if(strcmp(action, "badwdsd_nor_read_compare_ros_banks") == 0) 562 | { 563 | CompareROSBanks(); 564 | } 565 | 566 | // BadHTAB Testing 567 | else if(strcmp(action, "dump_lv1") == 0) 568 | { 569 | dump_lv1(); 570 | } 571 | else if(strcmp(action, "dump_full_ram") == 0) 572 | { 573 | dump_full_ram(); 574 | } 575 | else if(strcmp(action, "badhtab_copy_log") == 0) 576 | { 577 | badhtab_copy_log(); 578 | } 579 | else if(strcmp(action, "badhtab_toggle_glitcher_test") == 0) 580 | { 581 | badhtab_toggle_glitcher_test(); 582 | } 583 | else if(strcmp(action, "badhtab_toggle_skip_stage1") == 0) 584 | { 585 | badhtab_toggle_skip_stage1(); 586 | } 587 | /*else if(strcmp(action, "badhtab_toggle_skip_stage_cfw") == 0) 588 | { 589 | badhtab_toggle_skip_stage_cfw(); 590 | }*/ 591 | else if(strcmp(action, "badhtab_toggle_skip_stage2") == 0) 592 | { 593 | badhtab_toggle_skip_stage2(); 594 | } 595 | else if(strcmp(action, "badhtab_toggle_skip_patch_more_lv1") == 0) 596 | { 597 | badhtab_toggle_skip_patch_more_lv1(); 598 | } 599 | else if(strcmp(action, "badhtab_toggle_lv1_dump") == 0) 600 | { 601 | badhtab_toggle_lv1_dump(); 602 | } 603 | else if(strcmp(action, "badhtab_toggle_lv1_dump_240m") == 0) 604 | { 605 | badhtab_toggle_lv1_dump_240m(); 606 | } 607 | else if(strcmp(action, "badhtab_toggle_otheros") == 0) 608 | { 609 | badhtab_toggle_otheros(); 610 | } 611 | else if(strcmp(action, "badhtab_toggle_lv2_kernel_self") == 0) 612 | { 613 | badhtab_toggle_lv2_kernel_self(); 614 | } 615 | else if(strcmp(action, "badhtab_toggle_lv2_kernel_fself") == 0) 616 | { 617 | badhtab_toggle_lv2_kernel_fself(); 618 | } 619 | else if (strcmp(action, "test_lv1_peek") == 0) 620 | { 621 | test_lv1_peek(); 622 | } 623 | else if (strcmp(action, "test_lv1_peek32") == 0) 624 | { 625 | test_lv1_peek32(); 626 | } 627 | else if (strcmp(action, "test_lv1_poke") == 0) 628 | { 629 | test_lv1_poke(); 630 | } 631 | else if (strcmp(action, "test_lv1_poke32") == 0) 632 | { 633 | test_lv1_poke32(); 634 | } 635 | 636 | // LV1 Patches 637 | else if (strcmp(action, "enable_hvdbg") == 0) 638 | { 639 | enable_hvdbg(); 640 | } 641 | else if (strcmp(action, "toggle_lv1_patch_unmask_bootldr") == 0) 642 | { 643 | toggle_lv1_patch_unmask_bootldr(); 644 | } 645 | else if (strcmp(action, "toggle_lv1_patch_test1") == 0) 646 | { 647 | toggle_lv1_patch_test1(); 648 | } 649 | else if (strcmp(action, "toggle_lv1_patch_test2") == 0) 650 | { 651 | toggle_lv1_patch_test2(); 652 | } 653 | 654 | 655 | 656 | // Hypervisor dump actions 657 | else if (strcmp(action, "dump_lv0_code") == 0) { 658 | dump_lv0_code(); 659 | } 660 | else if (strcmp(action, "dump_lv1_code") == 0) { 661 | dump_lv1_code(); 662 | } 663 | else if (strcmp(action, "dump_lv2_region") == 0) { 664 | dump_lv2_region(); 665 | } 666 | else if (strcmp(action, "dump_spe0_mmio") == 0) { 667 | dump_spe0_mmio(); 668 | } 669 | else if (strcmp(action, "dump_spe1_mmio") == 0) { 670 | dump_spe1_mmio(); 671 | } 672 | else if (strcmp(action, "dump_spe2_mmio") == 0) { 673 | dump_spe2_mmio(); 674 | } 675 | else if (strcmp(action, "dump_spe3_mmio") == 0) { 676 | dump_spe3_mmio(); 677 | } 678 | else if (strcmp(action, "dump_spe4_mmio") == 0) { 679 | dump_spe4_mmio(); 680 | } 681 | else if (strcmp(action, "dump_spe5_mmio") == 0) { 682 | dump_spe5_mmio(); 683 | } 684 | else if (strcmp(action, "dump_spe6_mmio") == 0) { 685 | dump_spe6_mmio(); 686 | } 687 | else if (strcmp(action, "dump_pervasive_mem") == 0) { 688 | dump_pervasive_mem(); 689 | } 690 | else if (strcmp(action, "dump_spe1_shadow") == 0) { 691 | dump_spe1_shadow(); 692 | } 693 | else if (strcmp(action, "dump_spe2_shadow") == 0) { 694 | dump_spe2_shadow(); 695 | } 696 | else if (strcmp(action, "dump_spe3_shadow") == 0) { 697 | dump_spe3_shadow(); 698 | } 699 | else if (strcmp(action, "dump_spe4_shadow") == 0) { 700 | dump_spe4_shadow(); 701 | } 702 | else if (strcmp(action, "dump_spe5_shadow") == 0) { 703 | dump_spe5_shadow(); 704 | } 705 | else if (strcmp(action, "dump_spe6_shadow") == 0) { 706 | dump_spe6_shadow(); 707 | } 708 | else if (strcmp(action, "dump_xdr_ch1_size") == 0) { 709 | dump_xdr_ch1_size(); 710 | } 711 | else if (strcmp(action, "dump_xdr_ch0_size") == 0) { 712 | dump_xdr_ch0_size(); 713 | } 714 | else if (strcmp(action, "dump_xdr_type") == 0) { 715 | dump_xdr_type(); 716 | } 717 | else if (strcmp(action, "dump_sb_bus_base") == 0) { 718 | dump_sb_bus_base(); 719 | } 720 | else if (strcmp(action, "dump_sata1_regs") == 0) { 721 | dump_sata1_regs(); 722 | } 723 | else if (strcmp(action, "dump_sata2_regs") == 0) { 724 | dump_sata2_regs(); 725 | } 726 | else if (strcmp(action, "dump_usb1_regs") == 0) { 727 | dump_usb1_regs(); 728 | } 729 | else if (strcmp(action, "dump_usb2_regs") == 0) { 730 | dump_usb2_regs(); 731 | } 732 | else if (strcmp(action, "dump_gelic_regs") == 0) { 733 | dump_gelic_regs(); 734 | } 735 | else if (strcmp(action, "dump_encdec_regs") == 0) { 736 | dump_encdec_regs(); 737 | } 738 | else if (strcmp(action, "dump_sb_ext_intc") == 0) { 739 | dump_sb_ext_intc(); 740 | } 741 | else if (strcmp(action, "dump_sb_int_hdl1") == 0) { 742 | dump_sb_int_hdl1(); 743 | } 744 | else if (strcmp(action, "dump_sb_int_hdl2") == 0) { 745 | dump_sb_int_hdl2(); 746 | } 747 | else if (strcmp(action, "dump_sb_status") == 0) { 748 | dump_sb_status(); 749 | } 750 | else if (strcmp(action, "dump_syscon_pkt_hdr") == 0) { 751 | dump_syscon_pkt_hdr(); 752 | } 753 | else if (strcmp(action, "dump_syscon_pkt_bdy") == 0) { 754 | dump_syscon_pkt_bdy(); 755 | } 756 | else if (strcmp(action, "dump_syscon_recv1") == 0) { 757 | dump_syscon_recv1(); 758 | } 759 | else if (strcmp(action, "dump_syscon_recv2") == 0) { 760 | dump_syscon_recv2(); 761 | } 762 | else if (strcmp(action, "dump_syscon_send_hdr") == 0) { 763 | dump_syscon_send_hdr(); 764 | } 765 | else if (strcmp(action, "dump_syscon_send_bdy") == 0) { 766 | dump_syscon_send_bdy(); 767 | } 768 | else if (strcmp(action, "dump_syscon_send1") == 0) { 769 | dump_syscon_send1(); 770 | } 771 | else if (strcmp(action, "dump_syscon_send2") == 0) { 772 | dump_syscon_send2(); 773 | } 774 | else if (strcmp(action, "dump_syscon_rcv3") == 0) { 775 | dump_syscon_rcv3(); 776 | } 777 | else if (strcmp(action, "dump_syscon_testbit") == 0) { 778 | dump_syscon_testbit(); 779 | } 780 | else if (strcmp(action, "dump_syscon_notify") == 0) { 781 | dump_syscon_notify(); 782 | } 783 | else if (strcmp(action, "dump_sata1_bar") == 0) { 784 | dump_sata1_bar(); 785 | } 786 | else if (strcmp(action, "dump_sata2_bar") == 0) { 787 | dump_sata2_bar(); 788 | } 789 | else if (strcmp(action, "dump_gelic_bar") == 0) { 790 | dump_gelic_bar(); 791 | } 792 | else if (strcmp(action, "dump_encdec_bar") == 0) { 793 | dump_encdec_bar(); 794 | } 795 | else if (strcmp(action, "dump_encdec_test") == 0) { 796 | dump_encdec_test(); 797 | } 798 | else if (strcmp(action, "dump_encdec_cmd") == 0) { 799 | dump_encdec_cmd(); 800 | } 801 | else if (strcmp(action, "dump_usb1_bar") == 0) { 802 | dump_usb1_bar(); 803 | } 804 | else if (strcmp(action, "dump_usb2_bar") == 0) { 805 | dump_usb2_bar(); 806 | } 807 | else if (strcmp(action, "dump_sata1_bar2") == 0) { 808 | dump_sata1_bar2(); 809 | } 810 | else if (strcmp(action, "dump_sata2_bar2") == 0) { 811 | dump_sata2_bar2(); 812 | } 813 | else if (strcmp(action, "dump_sata1_bar3") == 0) { 814 | dump_sata1_bar3(); 815 | } 816 | else if (strcmp(action, "dump_sata2_bar3") == 0) { 817 | dump_sata2_bar3(); 818 | } 819 | else if (strcmp(action, "dump_usb1_bar2") == 0) { 820 | dump_usb1_bar2(); 821 | } 822 | else if (strcmp(action, "dump_usb2_bar2") == 0) { 823 | dump_usb2_bar2(); 824 | } 825 | else if (strcmp(action, "dump_nor_flash") == 0) { 826 | dump_nor_flash(); 827 | } 828 | else if (strcmp(action, "dump_sys_rom") == 0) { 829 | dump_sys_rom(); 830 | } 831 | else if (strcmp(action, "dump_avmngr_regs1") == 0) { 832 | dump_avmngr_regs1(); 833 | } 834 | else if (strcmp(action, "dump_avmngr_regs2") == 0) { 835 | dump_avmngr_regs2(); 836 | } 837 | else if (strcmp(action, "dump_av_outctrl") == 0) { 838 | dump_av_outctrl(); 839 | } 840 | else if (strcmp(action, "dump_av_pllctrl") == 0) { 841 | dump_av_pllctrl(); 842 | } 843 | else if (strcmp(action, "dump_av_misc1") == 0) { 844 | dump_av_misc1(); 845 | } 846 | else if (strcmp(action, "dump_av_misc2") == 0) { 847 | dump_av_misc2(); 848 | } 849 | else if (strcmp(action, "dump_av_misc3") == 0) { 850 | dump_av_misc3(); 851 | } 852 | else if (strcmp(action, "dump_av_misc4") == 0) { 853 | dump_av_misc4(); 854 | } 855 | else if (strcmp(action, "dump_av_misc5") == 0) { 856 | dump_av_misc5(); 857 | } 858 | else if (strcmp(action, "dump_gpu_mem1") == 0) { 859 | dump_gpu_mem1(); 860 | } 861 | else if (strcmp(action, "dump_gpu_mem2") == 0) { 862 | dump_gpu_mem2(); 863 | } 864 | else if (strcmp(action, "dump_gpu_mem3") == 0) { 865 | dump_gpu_mem3(); 866 | } 867 | else if (strcmp(action, "dump_gpu_mem4") == 0) { 868 | dump_gpu_mem4(); 869 | } 870 | else if (strcmp(action, "dump_gpu_mem5") == 0) { 871 | dump_gpu_mem5(); 872 | } 873 | else if (strcmp(action, "dump_rsx_intstate") == 0) { 874 | dump_rsx_intstate(); 875 | } 876 | else if (strcmp(action, "dump_ramin_all") == 0) { 877 | dump_ramin_all(); 878 | } 879 | else if (strcmp(action, "dump_ramin_hash") == 0) { 880 | dump_ramin_hash(); 881 | } 882 | else if (strcmp(action, "dump_ramin_fifo") == 0) { 883 | dump_ramin_fifo(); 884 | } 885 | else if (strcmp(action, "dump_dma_objs") == 0) { 886 | dump_dma_objs(); 887 | } 888 | else if (strcmp(action, "dump_graph_objs") == 0) { 889 | dump_graph_objs(); 890 | } 891 | else if (strcmp(action, "dump_graph_ctx") == 0) { 892 | dump_graph_ctx(); 893 | } 894 | else if (strcmp(action, "dump_gameos0") == 0) { 895 | dump_gameos0(); 896 | } 897 | else if (strcmp(action, "dump_gameos1") == 0) { 898 | dump_gameos1(); 899 | } 900 | else if (strcmp(action, "dump_gameos2") == 0) { 901 | dump_gameos2(); 902 | } 903 | else if (strcmp(action, "dump_gameos_htab") == 0) { 904 | dump_gameos_htab(); 905 | } 906 | else if (strcmp(action, "dump_all_regions") == 0) { 907 | dump_all_regions(); 908 | } 909 | 910 | 911 | 912 | 913 | else if (strcmp(action, "lv1_oc_test_core") == 0) 914 | { 915 | OverclockGpuCoreTest(); 916 | } 917 | else if (strcmp(action, "lv1_oc_test_mem") == 0) 918 | { 919 | OverclockGpuMemTest(); 920 | } 921 | 922 | // RSX Overclocking 923 | 924 | 925 | else if (strcmp(action, "lv1_oc_test_all_speeds") == 0) 926 | { 927 | TestRsxClockSettings(); 928 | } 929 | else if (strcmp(action, "lv1_oc_test_safe_speeds") == 0) 930 | { 931 | TestRsxClockSettingsSafe(); 932 | } 933 | 934 | // Matched Speeds 935 | else if (strcmp(action, "set_rsx_clock_100_100") == 0) 936 | { 937 | set_rsx_clock_100_100(); 938 | } 939 | else if (strcmp(action, "set_rsx_clock_150_150") == 0) 940 | { 941 | set_rsx_clock_150_150(); 942 | } 943 | else if (strcmp(action, "set_rsx_clock_200_200") == 0) 944 | { 945 | set_rsx_clock_200_200(); 946 | } 947 | else if (strcmp(action, "set_rsx_clock_250_250") == 0) 948 | { 949 | set_rsx_clock_250_250(); 950 | } 951 | else if (strcmp(action, "set_rsx_clock_300_300") == 0) 952 | { 953 | set_rsx_clock_300_300(); 954 | } 955 | else if (strcmp(action, "set_rsx_clock_350_350") == 0) 956 | { 957 | set_rsx_clock_350_350(); 958 | } 959 | else if (strcmp(action, "set_rsx_clock_400_400") == 0) 960 | { 961 | set_rsx_clock_400_400(); 962 | } 963 | else if (strcmp(action, "set_rsx_clock_450_450") == 0) 964 | { 965 | set_rsx_clock_450_450(); 966 | } 967 | else if (strcmp(action, "set_rsx_clock_500_500") == 0) 968 | { 969 | set_rsx_clock_500_500(); 970 | } 971 | else if (strcmp(action, "set_rsx_clock_550_550") == 0) 972 | { 973 | set_rsx_clock_550_550(); 974 | } 975 | else if (strcmp(action, "set_rsx_clock_600_600") == 0) 976 | { 977 | set_rsx_clock_600_600(); 978 | } 979 | else if (strcmp(action, "set_rsx_clock_650_650") == 0) 980 | { 981 | set_rsx_clock_650_650(); 982 | } 983 | else if (strcmp(action, "set_rsx_clock_700_700") == 0) 984 | { 985 | set_rsx_clock_700_700(); 986 | } 987 | else if (strcmp(action, "set_rsx_clock_750_750") == 0) 988 | { 989 | set_rsx_clock_750_750(); 990 | } 991 | else if (strcmp(action, "set_rsx_clock_800_800") == 0) 992 | { 993 | set_rsx_clock_800_800(); 994 | } 995 | else if (strcmp(action, "set_rsx_clock_850_850") == 0) 996 | { 997 | set_rsx_clock_850_850(); 998 | } 999 | else if (strcmp(action, "set_rsx_clock_900_900") == 0) 1000 | { 1001 | set_rsx_clock_900_900(); 1002 | } 1003 | else if (strcmp(action, "set_rsx_clock_950_950") == 0) 1004 | { 1005 | set_rsx_clock_950_950(); 1006 | } 1007 | else if (strcmp(action, "set_rsx_clock_1000_1000") == 0) 1008 | { 1009 | set_rsx_clock_1000_1000(); 1010 | } 1011 | 1012 | // RSX Core Clock handlers (100 MHz → 1000 MHz in 50 MHz steps) 1013 | if (strcmp(action, "set_rsx_core_clock_100") == 0) 1014 | { 1015 | set_rsx_core_clock_100(); 1016 | } 1017 | else if (strcmp(action, "set_rsx_core_clock_150") == 0) 1018 | { 1019 | set_rsx_core_clock_150(); 1020 | } 1021 | else if (strcmp(action, "set_rsx_core_clock_200") == 0) 1022 | { 1023 | set_rsx_core_clock_200(); 1024 | } 1025 | else if (strcmp(action, "set_rsx_core_clock_250") == 0) 1026 | { 1027 | set_rsx_core_clock_250(); 1028 | } 1029 | else if (strcmp(action, "set_rsx_core_clock_300") == 0) 1030 | { 1031 | set_rsx_core_clock_300(); 1032 | } 1033 | else if (strcmp(action, "set_rsx_core_clock_350") == 0) 1034 | { 1035 | set_rsx_core_clock_350(); 1036 | } 1037 | else if (strcmp(action, "set_rsx_core_clock_400") == 0) 1038 | { 1039 | set_rsx_core_clock_400(); 1040 | } 1041 | else if (strcmp(action, "set_rsx_core_clock_450") == 0) 1042 | { 1043 | set_rsx_core_clock_450(); 1044 | } 1045 | else if (strcmp(action, "set_rsx_core_clock_500") == 0) 1046 | { 1047 | set_rsx_core_clock_500(); 1048 | } 1049 | else if (strcmp(action, "set_rsx_core_clock_550") == 0) 1050 | { 1051 | set_rsx_core_clock_550(); 1052 | } 1053 | else if (strcmp(action, "set_rsx_core_clock_600") == 0) 1054 | { 1055 | set_rsx_core_clock_600(); 1056 | } 1057 | else if (strcmp(action, "set_rsx_core_clock_650") == 0) 1058 | { 1059 | set_rsx_core_clock_650(); 1060 | } 1061 | else if (strcmp(action, "set_rsx_core_clock_700") == 0) 1062 | { 1063 | set_rsx_core_clock_700(); 1064 | } 1065 | else if (strcmp(action, "set_rsx_core_clock_750") == 0) 1066 | { 1067 | set_rsx_core_clock_750(); 1068 | } 1069 | else if (strcmp(action, "set_rsx_core_clock_800") == 0) 1070 | { 1071 | set_rsx_core_clock_800(); 1072 | } 1073 | else if (strcmp(action, "set_rsx_core_clock_850") == 0) 1074 | { 1075 | set_rsx_core_clock_850(); 1076 | } 1077 | else if (strcmp(action, "set_rsx_core_clock_900") == 0) 1078 | { 1079 | set_rsx_core_clock_900(); 1080 | } 1081 | else if (strcmp(action, "set_rsx_core_clock_950") == 0) 1082 | { 1083 | set_rsx_core_clock_950(); 1084 | } 1085 | else if (strcmp(action, "set_rsx_core_clock_1000") == 0) 1086 | { 1087 | set_rsx_core_clock_1000(); 1088 | } 1089 | 1090 | // RSX Memory Clock handlers (100 MHz → 1000 MHz in 25 MHz steps) 1091 | else if (strcmp(action, "set_rsx_mem_clock_100") == 0) 1092 | { 1093 | set_rsx_mem_clock_100(); 1094 | } 1095 | else if (strcmp(action, "set_rsx_mem_clock_125") == 0) 1096 | { 1097 | set_rsx_mem_clock_125(); 1098 | } 1099 | else if (strcmp(action, "set_rsx_mem_clock_150") == 0) 1100 | { 1101 | set_rsx_mem_clock_150(); 1102 | } 1103 | else if (strcmp(action, "set_rsx_mem_clock_175") == 0) 1104 | { 1105 | set_rsx_mem_clock_175(); 1106 | } 1107 | else if (strcmp(action, "set_rsx_mem_clock_200") == 0) 1108 | { 1109 | set_rsx_mem_clock_200(); 1110 | } 1111 | else if (strcmp(action, "set_rsx_mem_clock_225") == 0) 1112 | { 1113 | set_rsx_mem_clock_225(); 1114 | } 1115 | else if (strcmp(action, "set_rsx_mem_clock_250") == 0) 1116 | { 1117 | set_rsx_mem_clock_250(); 1118 | } 1119 | else if (strcmp(action, "set_rsx_mem_clock_275") == 0) 1120 | { 1121 | set_rsx_mem_clock_275(); 1122 | } 1123 | else if (strcmp(action, "set_rsx_mem_clock_300") == 0) 1124 | { 1125 | set_rsx_mem_clock_300(); 1126 | } 1127 | else if (strcmp(action, "set_rsx_mem_clock_325") == 0) 1128 | { 1129 | set_rsx_mem_clock_325(); 1130 | } 1131 | else if (strcmp(action, "set_rsx_mem_clock_350") == 0) 1132 | { 1133 | set_rsx_mem_clock_350(); 1134 | } 1135 | else if (strcmp(action, "set_rsx_mem_clock_375") == 0) 1136 | { 1137 | set_rsx_mem_clock_375(); 1138 | } 1139 | else if (strcmp(action, "set_rsx_mem_clock_400") == 0) 1140 | { 1141 | set_rsx_mem_clock_400(); 1142 | } 1143 | else if (strcmp(action, "set_rsx_mem_clock_425") == 0) 1144 | { 1145 | set_rsx_mem_clock_425(); 1146 | } 1147 | else if (strcmp(action, "set_rsx_mem_clock_450") == 0) 1148 | { 1149 | set_rsx_mem_clock_450(); 1150 | } 1151 | else if (strcmp(action, "set_rsx_mem_clock_475") == 0) 1152 | { 1153 | set_rsx_mem_clock_475(); 1154 | } 1155 | else if (strcmp(action, "set_rsx_mem_clock_500") == 0) 1156 | { 1157 | set_rsx_mem_clock_500(); 1158 | } 1159 | else if (strcmp(action, "set_rsx_mem_clock_525") == 0) 1160 | { 1161 | set_rsx_mem_clock_525(); 1162 | } 1163 | else if (strcmp(action, "set_rsx_mem_clock_550") == 0) 1164 | { 1165 | set_rsx_mem_clock_550(); 1166 | } 1167 | else if (strcmp(action, "set_rsx_mem_clock_575") == 0) 1168 | { 1169 | set_rsx_mem_clock_575(); 1170 | } 1171 | else if (strcmp(action, "set_rsx_mem_clock_600") == 0) 1172 | { 1173 | set_rsx_mem_clock_600(); 1174 | } 1175 | else if (strcmp(action, "set_rsx_mem_clock_625") == 0) 1176 | { 1177 | set_rsx_mem_clock_625(); 1178 | } 1179 | else if (strcmp(action, "set_rsx_mem_clock_650") == 0) 1180 | { 1181 | set_rsx_mem_clock_650(); 1182 | } 1183 | else if (strcmp(action, "set_rsx_mem_clock_675") == 0) 1184 | { 1185 | set_rsx_mem_clock_675(); 1186 | } 1187 | else if (strcmp(action, "set_rsx_mem_clock_700") == 0) 1188 | { 1189 | set_rsx_mem_clock_700(); 1190 | } 1191 | else if (strcmp(action, "set_rsx_mem_clock_725") == 0) 1192 | { 1193 | set_rsx_mem_clock_725(); 1194 | } 1195 | else if (strcmp(action, "set_rsx_mem_clock_750") == 0) 1196 | { 1197 | set_rsx_mem_clock_750(); 1198 | } 1199 | else if (strcmp(action, "set_rsx_mem_clock_775") == 0) 1200 | { 1201 | set_rsx_mem_clock_775(); 1202 | } 1203 | else if (strcmp(action, "set_rsx_mem_clock_800") == 0) 1204 | { 1205 | set_rsx_mem_clock_800(); 1206 | } 1207 | else if (strcmp(action, "set_rsx_mem_clock_825") == 0) 1208 | { 1209 | set_rsx_mem_clock_825(); 1210 | } 1211 | else if (strcmp(action, "set_rsx_mem_clock_850") == 0) 1212 | { 1213 | set_rsx_mem_clock_850(); 1214 | } 1215 | else if (strcmp(action, "set_rsx_mem_clock_875") == 0) 1216 | { 1217 | set_rsx_mem_clock_875(); 1218 | } 1219 | else if (strcmp(action, "set_rsx_mem_clock_900") == 0) 1220 | { 1221 | set_rsx_mem_clock_900(); 1222 | } 1223 | else if (strcmp(action, "set_rsx_mem_clock_925") == 0) 1224 | { 1225 | set_rsx_mem_clock_925(); 1226 | } 1227 | else if (strcmp(action, "set_rsx_mem_clock_950") == 0) 1228 | { 1229 | set_rsx_mem_clock_950(); 1230 | } 1231 | else if (strcmp(action, "set_rsx_mem_clock_975") == 0) 1232 | { 1233 | set_rsx_mem_clock_975(); 1234 | } 1235 | else if (strcmp(action, "set_rsx_mem_clock_1000") == 0) 1236 | { 1237 | set_rsx_mem_clock_1000(); 1238 | } 1239 | 1240 | /* 1241 | // NoPSN Patches 1242 | else if (strcmp(action, "nopsn_amazon") == 0) 1243 | { 1244 | // Amazon vshnet_sceLoginServiceGetNpStatus 1245 | uint32_t patch1 = 0x38600001; 1246 | uint32_t patch2 = 0x4E800020; 1247 | poke_vsh(0x242458, (char*)&patch1, 4); 1248 | poke_vsh(0x24245C, (char*)&patch2, 4); 1249 | notify("NoPSN Patch Applied For Amazon", 0, 0, 0, 0, false); 1250 | } 1251 | else if (strcmp(action, "nopsn_hulu") == 0) 1252 | { 1253 | // Hulu 1254 | // 0x24557C 1255 | uint32_t patch1 = 0x2F800001; 1256 | //uint32_t patch2 = 0x4E800020; 1257 | poke_vsh(0x242C10, (char*)&patch1, 4); 1258 | //poke_vsh(0x245580, (char*)&patch2, 4); 1259 | notify("NoPSN Patch Applied For Hulu", 0, 0, 0, 0, false); 1260 | } 1261 | else if (strcmp(action, "nopsn_youtube") == 0) 1262 | { 1263 | // Youtube vshnet_sceNpGetStatus 1264 | uint32_t patch = 0x2F800001; 1265 | poke_vsh(0x1B60A4, (char*)&patch, 4); 1266 | notify("NoPSN Patch Applied For Youtube", 0, 0, 0, 0, false); 1267 | } 1268 | else if (strcmp(action, "nopsn_test") == 0) 1269 | { 1270 | // TEST ONLY 1271 | 1272 | 1273 | // 001B6080 _Export_vshnet_sceNpGetStatus 1274 | // Allows YouTube to work 1275 | uint32_t patch1a = 0x38600001; 1276 | uint32_t patch1b = 0x4E800020; 1277 | uint32_t addr1a = 0x1B6080; 1278 | uint32_t addr1b = 0x1B6084; 1279 | poke_vsh(addr1a, (char*)&patch1a, 4); 1280 | poke_vsh(addr1b, (char*)&patch1b, 4); 1281 | notify("NoPSN Patch Applied For TEST ONLY\n_Export_vshnet_sceNpGetStatus: 0x%08X / %08X\n_Export_vshnet_sceNpGetStatus: 0x%08X / %08X\n", addr1a, patch1a, addr1b, patch1b, false); 1282 | 1283 | // 000F54E8 UNK_MANAGER_SIGNOUT 1284 | uint32_t patch2a = 0x38600000; 1285 | uint32_t patch2b = 0x4E800020; 1286 | uint32_t addr2a = 0xF54E8; 1287 | uint32_t addr2b = 0xF54EC; 1288 | poke_vsh(addr2a, (char*)&patch2a, 4); 1289 | poke_vsh(addr2b, (char*)&patch2b, 4); 1290 | notify("NoPSN Patch Applied For TEST ONLY\nUNK_MANAGER_SIGNOUT: 0x%08X / %08X\nUNK_MANAGER_SIGNOUT: 0x%08X / %08X\n", addr2a, patch2a, addr2b, patch2b, false); 1291 | 1292 | // Loop 1293 | // 002774D8 bne cr7, UNK_NP_GET_STATUS 1294 | uint32_t patch3a = 0x60000000; 1295 | uint32_t addr3a = 0x2774D8; 1296 | poke_vsh(addr3a, (char*)&patch3a, 4); 1297 | notify("NoPSN Patch Applied For TEST ONLY\nbne cr7, UNK_NP_GET_STATUS: 0x%08X / %08X\n", addr3a, patch3a, false); 1298 | 1299 | // 001B7C18 _Export_vshnet_sceNpGetNpId 1300 | uint32_t patch4a = 0x38600001; 1301 | uint32_t patch4b = 0x4E800020; 1302 | uint32_t addr4a = 0x1B7C18; 1303 | uint32_t addr4b = 0x1B7C1C; 1304 | poke_vsh(addr4a, (char*)&patch4a, 4); 1305 | poke_vsh(addr4b, (char*)&patch4b, 4); 1306 | notify("NoPSN Patch Applied For TEST ONLY\n_Export_vshnet_sceNpGetNpId: 0x%08X / %08X\n_Export_vshnet_sceNpGetNpId: 0x%08X / %08X\n", addr4a, patch4a, addr4b, patch4b, false); 1307 | 1308 | // 002439BC _Export_vshnet_sceLoginServiceInit 1309 | uint32_t patch5a = 0x38600001; 1310 | uint32_t patch5b = 0x4E800020; 1311 | uint32_t addr5a = 0x2439BC; 1312 | uint32_t addr5b = 0x2439C0; 1313 | poke_vsh(addr5a, (char*)&patch5a, 4); 1314 | poke_vsh(addr5b, (char*)&patch5b, 4); 1315 | notify("NoPSN Patch Applied For TEST ONLY\n_Export_vshnet_sceLoginServiceInit: 0x%08X / %08X\n_Export_vshnet_sceLoginServiceInit: 0x%08X / %08X\n", addr5a, patch5b, addr5a, patch5b, false); 1316 | 1317 | // 002438CC _Export_vshnet_sceLoginServiceLocalLogin 1318 | uint32_t patch6a = 0x38600000; 1319 | uint32_t patch6b = 0x4E800020; 1320 | uint32_t addr6a = 0x2438CC; 1321 | uint32_t addr6b = 0x2438D0; 1322 | poke_vsh(addr6a, (char*)&patch6a, 4); 1323 | poke_vsh(addr6b, (char*)&patch6b, 4); 1324 | notify("NoPSN Patch Applied For TEST ONLY\n_Export_vshnet_sceLoginServiceLocalLogin: 0x%08X / %08X\n_Export_vshnet_sceLoginServiceLocalLogin: 0x%08X / %08X\n", addr6a, patch6b, addr6a, patch6b, false); 1325 | 1326 | // 00242F1C _Export_vshnet_sceLoginServiceLocalLogout 1327 | uint32_t patch7a = 0x38600000; 1328 | uint32_t patch7b = 0x4E800020; 1329 | uint32_t addr7a = 0x242F1C; 1330 | uint32_t addr7b = 0x242F20; 1331 | poke_vsh(addr7a, (char*)&patch7a, 4); 1332 | poke_vsh(addr7b, (char*)&patch7b, 4); 1333 | notify("NoPSN Patch Applied For TEST ONLY\n_Export_vshnet_sceLoginServiceLocalLogout: 0x%08X / %08X\n_Export_vshnet_sceLoginServiceLocalLogout: 0x%08X / %08X\n", addr7a, patch7a, addr7b, patch7b, false); 1334 | 1335 | // 00242CC0 _Export_vshnet_sceLoginServiceNetworkLogin 1336 | uint32_t patch8a = 0x38600001;// 0 prevents signin / 1 gives error 0x00000001, some apps load, ie Amazon 1337 | uint32_t patch8b = 0x4E800020; 1338 | uint32_t addr8a = 0x242CC0; 1339 | uint32_t addr8b = 0x242CC4; 1340 | poke_vsh(addr8a, (char*)&patch8a, 4); 1341 | poke_vsh(addr8b, (char*)&patch8b, 4); 1342 | notify("NoPSN Patch Applied For TEST ONLY\n_Export_vshnet_sceLoginServiceNetworkLogin: 0x%08X / %08X\n_Export_vshnet_sceLoginServiceNetworkLogin: 0x%08X / %08X\n", addr8a, patch8a, addr8b, patch8b, false); 1343 | 1344 | // 00242BF0 _Export_vshnet_sceLoginServiceNetworkLogout 1345 | uint32_t patch9a = 0x38600000; 1346 | uint32_t patch9b = 0x4E800020; 1347 | uint32_t addr9a = 0x242BF0; 1348 | uint32_t addr9b = 0x242BF4; 1349 | poke_vsh(addr9a, (char*)&patch9a, 4); 1350 | poke_vsh(addr9b, (char*)&patch9b, 4); 1351 | notify("NoPSN Patch Applied For TEST ONLY\n_Export_vshnet_sceLoginServiceNetworkLogout: 0x%08X / %08X\n_Export_vshnet_sceLoginServiceNetworkLogout: 0x%08X / %08X\n", addr9a, patch9a, addr9b, patch9b, false); 1352 | 1353 | // 002438D4 _Export_vshnet_sceLoginServiceTerm 1354 | uint32_t patch10a = 0x38600001; 1355 | uint32_t patch10b = 0x4E800020; 1356 | uint32_t addr10a = 0x2438D4; 1357 | uint32_t addr10b = 0x2438D8; 1358 | poke_vsh(addr10a, (char*)&patch10a, 4); 1359 | poke_vsh(addr10b, (char*)&patch10b, 4); 1360 | notify("NoPSN Patch Applied For TEST ONLY\n_Export_vshnet_sceLoginServiceTerm: 0x%08X / %08X\n_Export_vshnet_sceLoginServiceTerm: 0x%08X / %08X\n", addr10a, patch10a, addr10b, patch10b, false); 1361 | 1362 | // 001B34DC _Export_vshnet_sceNpLogin 1363 | uint32_t patch11a = 0x38600001; 1364 | uint32_t patch11b = 0x4E800020; 1365 | uint32_t addr11a = 0x1B34DC; 1366 | uint32_t addr11b = 0x1B34E0; 1367 | poke_vsh(addr11a, (char*)&patch11a, 4); 1368 | poke_vsh(addr11b, (char*)&patch11b, 4); 1369 | notify("NoPSN Patch Applied For TEST ONLY\n_Export_vshnet_sceNpLogin: 0x%08X / %08X\n_Export_vshnet_sceNpLogin: 0x%08X / %08X\n", addr11a, patch11a, addr11b, patch11b, false); 1370 | 1371 | // 001B44B8 _Export_vshnet_sceNpLogin2 1372 | uint32_t patch12a = 0x38600001; 1373 | uint32_t patch12b = 0x4E800020; 1374 | uint32_t addr12a = 0x1B44B8; 1375 | uint32_t addr12b = 0x1B44BC; 1376 | poke_vsh(addr12a, (char*)&patch12a, 4); 1377 | poke_vsh(addr12b, (char*)&patch12b, 4); 1378 | notify("NoPSN Patch Applied For TEST ONLY\n_Export_vshnet_sceNpLogin: 0x%08X / %08X\n_Export_vshnet_sceNpLogin: 0x%08X / %08X\n", addr12a, patch12a, addr12b, patch12b, false); 1379 | 1380 | // 001B43BC _Export_vshnet_sceNpLogout 1381 | uint32_t patch13a = 0x38600000; 1382 | uint32_t patch13b = 0x4E800020; 1383 | uint32_t addr13a = 0x1B43BC; 1384 | uint32_t addr13b = 0x1B43C0; 1385 | poke_vsh(addr13a, (char*)&patch13a, 4); 1386 | poke_vsh(addr13b, (char*)&patch13b, 4); 1387 | notify("NoPSN Patch Applied For TEST ONLY\n_Export_vshnet_sceNpLogin: 0x%08X / %08X\n_Export_vshnet_sceNpLogin: 0x%08X / %08X\n", addr13a, patch13a, addr13b, patch13b, false); 1388 | 1389 | // 002452AC UNK_NP_ONLINE_0 1390 | // Setting to return 1 in r3 breaks some shit! 1391 | // if you sign in to psn, it forces a signin msg loop on xmb and loading friendim assets (PSN Store Icon blinks) 1392 | uint32_t patch14a = 0x38600001; 1393 | uint32_t patch14b = 0x4E800020; 1394 | uint32_t addr14a = 0x2452AC; 1395 | uint32_t addr14b = 0x2452B0; 1396 | poke_vsh(addr14a, (char*)&patch14a, 4); 1397 | poke_vsh(addr14b, (char*)&patch14b, 4); 1398 | notify("NoPSN Patch Applied For TEST ONLY\nUNK_NP_ONLINE_0: 0x%08X / %08X\nUNK_NP_ONLINE_0: 0x%08X / %08X\n", addr14a, patch14a, addr14b, patch14b, false); 1399 | 1400 | // 002452FC ble cr7, UNK_NP_ONLINE_1 1401 | // Original bytes: 40 9D 01 00 1402 | // crashes ps3 when you sign in 1403 | uint32_t patch15a = 0x4B9D0100; 1404 | uint32_t addr15a = 0x2452FC; 1405 | poke_vsh(addr15a, (char*)&patch15a, 4); 1406 | notify("NoPSN Patch Applied For TEST ONLY\nUNK_NP_ONLINE_1: 0x%08X / %08X\nUNK_NP_ONLINE_1: 0x%08X / %08X\n", addr15a, patch15a, false); 1407 | 1408 | // 00244AC0 UNK_NP_ONLINE_3 1409 | // blocks signin to psn? 1410 | uint32_t patch16a = 0x38600001; 1411 | uint32_t patch16b = 0x4E800020; 1412 | uint32_t addr16a = 0x244AC0; 1413 | uint32_t addr16b = 0x244AC0; 1414 | poke_vsh(addr16a, (char*)&patch16a, 4); 1415 | poke_vsh(addr16b, (char*)&patch16b, 4); 1416 | notify("NoPSN Patch Applied For TEST ONLY\nUNK_NP_ONLINE_3: 0x%08X / %08X\nUNK_NP_ONLINE_3: 0x%08X / %08X\n", addr16a, patch16a, addr16b, patch16b, false); 1417 | 1418 | // unk 1419 | uint32_t patch17a = 0x38600001; 1420 | uint32_t patch17b = 0x4E800020; 1421 | uint32_t addr17a = 0x244AC0; 1422 | uint32_t addr17b = 0x244AC0; 1423 | poke_vsh(addr17a, (char*)&patch17a, 4); 1424 | poke_vsh(addr17b, (char*)&patch17b, 4); 1425 | notify("NoPSN Patch Applied For TEST ONLY\nUNK_NP_ONLINE_3: 0x%08X / %08X\nUNK_NP_ONLINE_3: 0x%08X / %08X\n", addr17a, patch17a, addr17b, patch17b, false); 1426 | 1427 | 1428 | 1429 | } 1430 | else if (strcmp(action, "reset_psn_patches") == 0) 1431 | { 1432 | reset_psn_patches(); 1433 | notify("NoPSN Patches Reset", 0, 0, 0, 0, false); 1434 | } 1435 | 1436 | // Kernel Patches 1437 | else if (strcmp(action, "kernel_setfw_version_482") == 0) 1438 | { 1439 | kpatch(0x80000000002FCB68ULL, 0x323031372F30382FULL); 1440 | } 1441 | else if (strcmp(action, "kernel_setfw_version_484") == 0) 1442 | { 1443 | kpatch(0x80000000002FCB68ULL, 0x323031392F30312FULL); 1444 | } 1445 | else if (strcmp(action, "kernel_setfw_version_485") == 0) 1446 | { 1447 | kpatch(0x80000000002FCB68ULL, 0x323031392F30372FULL); 1448 | } 1449 | else if (strcmp(action, "kernel_setfw_version_486") == 0) 1450 | { 1451 | kpatch(0x80000000002FCB68ULL, 0x323032302F30312FULL); 1452 | } 1453 | */ 1454 | 1455 | // 1456 | 1457 | 1458 | } 1459 | 1460 | 1461 | -------------------------------------------------------------------------------- /xai_plugin/ps3_savedata_plugin.h: -------------------------------------------------------------------------------- 1 | // Mysis ps3_savedata_plugin.h v0.1 2 | class ps3_savedata_plugin_game_interface 3 | { 4 | public: 5 | int (*DoUnk0)(); 6 | int (*DoUnk1)(); 7 | int (*DoUnk2)(); 8 | int (*DoUnk3)(); 9 | int (*DoUnk4)(); 10 | int (*DoUnk5)(); 11 | int (*DoUnk6)(); 12 | int (*DoUnk7)(); 13 | int (*DoUnk8)(); 14 | int (*DoUnk9)(); 15 | int (*DoUnk10)(); 16 | int (*DoUnk11)(); 17 | int (*DoUnk12)(); 18 | int (*DoUnk13)(int*,int*,char*,int,void *); // 19 | int (*DoUnk14)(); 20 | int (*DoUnk15)(); 21 | int (*DoUnk16)(); 22 | int (*DoUnk17)(); 23 | int (*DoUnk18)(); 24 | int (*DoUnk19)(); 25 | int (*DoUnk20)(); 26 | int (*DoUnk21)(); 27 | int (*DoUnk22)(); 28 | int (*DoUnk23)(); 29 | int (*DoUnk24)(); 30 | int (*DoUnk25)(); 31 | int (*DoUnk26)(); 32 | int (*DoUnk27)(); 33 | int (*DoUnk28)(); 34 | int (*DoUnk29)(); 35 | int (*DoUnk30)(); 36 | int (*DoUnk31)(); 37 | int (*DoUnk32)(); 38 | int (*DoUnk33)(); 39 | int (*DoUnk34)(); 40 | int (*DoUnk35)(); 41 | int (*DoUnk36)(); 42 | int (*DoUnk37)(); 43 | int (*DoUnk38)(); 44 | int (*DoUnk39)(); 45 | int (*DoUnk40)(); 46 | int (*DoUnk41)(); 47 | int (*DoUnk42)(); 48 | int (*DoUnk43)(); 49 | int (*DoUnk44)(); 50 | int (*DoUnk45)(); 51 | int (*DoUnk46)(); 52 | int (*DoUnk47)(); 53 | int (*DoUnk48)(); 54 | int (*DoUnk49)(); 55 | int (*DoUnk50)(); 56 | int (*DoUnk51)(); 57 | int (*DoUnk52)(); 58 | int (*DoUnk53)(); 59 | int (*DoUnk54)(); 60 | int (*DoUnk55)(); 61 | int (*DoUnk56)(); 62 | int (*DoUnk57)(); 63 | }; -------------------------------------------------------------------------------- /xai_plugin/videorec.h: -------------------------------------------------------------------------------- 1 | 2 | extern "C" int _videorec_export_function_video_rec(void); 3 | extern "C" int _videorec_export_function_klicensee(void); 4 | extern "C" int _videorec_export_function_secureid(void); 5 | extern "C" int _videorec_export_function_sfoverride(void); -------------------------------------------------------------------------------- /xai_plugin/x3.h: -------------------------------------------------------------------------------- 1 | // Mysis x3.h v0.1 2 | 3 | #define NODISC 0xFFF0 4 | #define BDGAME 5 5 | #define BDMOVIE 9 6 | 7 | // _x3_xBDVDGetInstance() 8 | class xBDVD 9 | { 10 | public: 11 | int (*_BDInitialize)(); 12 | int (*_BDExit)(); 13 | int (*DoUnk2)(void *); 14 | int (*DoUnk3)(int *); 15 | int (*Execute)(int,int*,int); 16 | int (*DoUnk5)(int,int*,int*); 17 | int (*DoUnk6)(int*,int*,uint64_t,uint64_t*); 18 | int (*DoUnk7)(int*,uint64_t,int, uint64_t *); 19 | int (*DoUnk8)(int*); 20 | int (*DoUnk9)(int*); 21 | int (*DoUnk10)(int*); 22 | int (*DoUnk11)(int); 23 | int (*DoUnk12)(int); 24 | int (*DoUnk13)(int*); 25 | int (*DoUnk14)(int*); 26 | int (*DoUnk15)(int*); 27 | int (*DoUnk16)(); 28 | int (*DoUnk17)(void*); // title id, parental level 29 | int (*DoUnk18)(); 30 | int (*GetDiscType)(); // FFF0 = no disc, 5 = bd game, 9 = bd movie 31 | int (*DoUnk20)(); 32 | int (*DoUnk21)(); // sys_mutex_unlock 33 | int (*DoUnk22)(); // sys_mutex_trylock 34 | int (*DoUnk23)(); 35 | int (*DoUnk24)(int*); 36 | int (*DoUnk25)(int*); 37 | int (*SetModeSense)(int); 38 | int (*GetModeSense)(int*); 39 | int (*DoUnk28)(void*); 40 | int (*DoUnk29)(); 41 | int (*DoUnk30)(); 42 | int (*DoUnk31)(); 43 | int (*DoUnk32)(int); 44 | int (*DoUnk33)(int*); 45 | }; -------------------------------------------------------------------------------- /xai_plugin/xRegistry.h: -------------------------------------------------------------------------------- 1 | // Mysis xRegistry.h v0.1 2 | class xsetting_AF1F161_class 3 | { 4 | public: 5 | int (*GetProductCode)(); 6 | int (*GetProductSubCode)(); // Model Type, Mobo Id 7 | int (*GetUnk1)(void *) ; // uint8_t [0x1C] { hdmi, ieee802.11, msslot, sdslot, cfslot } 8 | int (*SetUnk2)(void *) ; 9 | int (*GetEnterButtonAssign)(int *) ; 10 | int (*SetEnterButtonAssign)(int); 11 | int (*GetLicenseArea)(int *) ; 12 | int (*SetSystemInitialize)(int); 13 | int (*GetSystemInitialize)(int *); 14 | int (*SetSystemLanguage)(int) ; 15 | int (*GetSystemLanguage)(int *); 16 | int (*SetSystemNickname)(char *); 17 | int (*GetSystemNickname)(char *,int *); // nick, length 18 | int (*SetSystemCharacterCodeOem)(int) ; 19 | int (*GetSystemCharacterCodeOem)(int *) ; 20 | int (*SetSystemCharacterCodeOemValue)(int) ; 21 | int (*GetSystemCharacterCodeOemValue)(int *) ; 22 | int (*SetsystemCharacterCodeAnsi)(int) ; 23 | int (*GetSystemCharacterCodeAnsi)(int *) ; 24 | int (*ResetNicknameDvdRegionDlnaFlag)(void) ; 25 | int (*SetSystemNotificationEnabled)(int) ; 26 | int (*GetSystemNotificationEnabled)(int *) ; 27 | int (*SetSystemDiscBootFirstEnabled)(int) ; 28 | int (*GetSystemDiscBootFirstEnabled)(int *) ; 29 | int (*SetSystemSoundEffectEnabled)(int) ; 30 | int (*GetSystemSoundEffectEnabled)(int *) ; 31 | int (*unk_new)(void *, void *) ; 32 | int (*unk_delete)(void *, void *) ; 33 | }; 34 | 35 | 36 | class xsetting_D0261D72_class 37 | { 38 | public: 39 | int (*saveAvcInitialCameraMode)(int) ; 40 | int (*loadAvcInitialCameraMode)(int *) ; 41 | int (*saveNpEnvironment)(char *,int *) ; // env, len 42 | int (*loadNpEnvironment)(char *,int *) ; // env, len 43 | int (*saveRegistryIntValue)(int, int) ; // id, value 44 | int (*loadRegistryIntValue)(int, int*) ; // id, value 45 | int (*saveRegistryStringValue)(int,char *, int) ; // id, string, len 46 | int (*loadRegistryStringValue)(int,char *, int) ; // id, string, len 47 | int (*Setunk1)(int) ; 48 | int (*Getunk2)(int, int *) ; 49 | int (*Setunk3)(int, int) ; 50 | 51 | int loadRegistryAvcVgaLastBitrate() {int v; loadRegistryIntValue(0x00, &v);return v;} 52 | int loadRegistryGameLevel0Control() {int v; loadRegistryIntValue(0x01, &v);return v;} 53 | int loadRegistryNetworkServiceControl() {int v; loadRegistryIntValue(0x02, &v);return v;} 54 | int loadRegistryCddaServer() {int v; loadRegistryIntValue(0x03, &v);return v;} 55 | int loadRegistryGameBgmPlayback() {int v; loadRegistryIntValue(0x04, &v);return v;} 56 | int loadRegistryGameBgmVolume() {int v; loadRegistryIntValue(0x05, &v);return v;} 57 | int loadRegistryDummyBgmPlayer() {int v; loadRegistryIntValue(0x06, &v);return v;} 58 | int loadRegistryDynamicNormalizer() {int v; loadRegistryIntValue(0x07, &v);return v;} 59 | int loadRegistryNpDebug() {int v; loadRegistryIntValue(0x08, &v);return v;} 60 | int loadRegistryNpTitleId(char * titleid,int max_len) {return loadRegistryStringValue(0x09,titleid,max_len);} 61 | int loadRegistryNavOnly() {int v; loadRegistryIntValue(0x0A, &v);return v;} 62 | int loadRegistryNpAdClockDiff() {int v; loadRegistryIntValue(0x0B, &v);return v;} 63 | int loadRegistryDebugDrmError() {int v; loadRegistryIntValue(0x0C, &v);return v;} 64 | int loadRegistryDebugDrmClock() {int v; loadRegistryIntValue(0x0D, &v);return v;} 65 | int loadRegistryDebugConsoleBind() {int v; loadRegistryIntValue(0x0E, &v);return v;} 66 | int loadRegistryDebugIngameCommerce2() {int v; loadRegistryIntValue(0x0F, &v);return v;} 67 | int loadRegistryDebugSFForce() {int v; loadRegistryIntValue(0x10, &v);return v;} 68 | int loadRegistryDebugSFManifest() {int v; loadRegistryIntValue(0x11, &v);return v;} 69 | int loadRegistryDebugSFManifestURL(char * titleid,int max_len) {return loadRegistryStringValue(0x12,titleid,max_len);} 70 | int loadRegistryNpGeoFiltering() {int v; loadRegistryIntValue(0x13, &v);return v;} 71 | int loadRegistryGameUpdateImposeTest() {int v; loadRegistryIntValue(0x14, &v);return v;} 72 | int loadRegistryGameUpdateForceOverwrite() {int v; loadRegistryIntValue(0x15, &v);return v;} 73 | int loadRegistryFakeNpSnsThrottle() {int v; loadRegistryIntValue(0x16, &v);return v;} 74 | int loadRegistryFakeNpSnsThrottleWaitSeconds() {int v; loadRegistryIntValue(0x17, &v);return v;} 75 | int loadRegistryTppsProxyFlag() {int v; loadRegistryIntValue(0x18, &v);return v;} 76 | int loadRegistryTppsProxyServer(char * proxy,int max_len) {return loadRegistryStringValue(0x19,proxy,max_len);} 77 | int loadRegistryTppsProxyPort() {int v; loadRegistryIntValue(0x1A, &v);return v;} 78 | int loadRegistryTppsProxyUserName(char * username,int max_len) {return loadRegistryStringValue(0x1B,username,max_len);} 79 | int loadRegistryTppsProxyPassword(char * password,int max_len) {return loadRegistryStringValue(0x1C,password,max_len);} 80 | int loadRegistryRegion() {int v; loadRegistryIntValue(0x1D, &v);return v;} 81 | int loadRegistryNotificationTrophy() {int v; loadRegistryIntValue(0x1E, &v);return v;} 82 | int loadRegistryLicenseArea() {int v; loadRegistryIntValue(0x1F, &v);return v;} 83 | int loadRegistryHddSerial(char * hddserial) {return loadRegistryStringValue(0x20,hddserial,0x3D);} 84 | int loadRegistryCoreDump() {int v; loadRegistryIntValue(0x21, &v);return v;} 85 | int loadRegistryCoreDumpOptionTrigger() {int v; loadRegistryIntValue(0x22, &v);return v;} 86 | int loadRegistryCoreDumpOptionFileGen() {int v; loadRegistryIntValue(0x23, &v);return v;} 87 | int loadRegistryCoreDumpOptionExeCtrl() {int v; loadRegistryIntValue(0x24, &v);return v;} 88 | int loadRegistryMatEnable() {int v; loadRegistryIntValue(0x25, &v);return v;} 89 | int loadRegistryUpdateServerUrl(char * url,int max_len) {return loadRegistryStringValue(0x26,url,max_len);} 90 | int loadRegistryFakeLimitSize() {int v; loadRegistryIntValue(0x27, &v);return v;} 91 | int loadRegistryFakeFreeSpace() {int v; loadRegistryIntValue(0x28, &v);return v;} 92 | int loadRegistryFakeSavedataOwner() {int v; loadRegistryIntValue(0x29, &v);return v;} 93 | int loadRegistryFakeHddSpeed() {int v; loadRegistryIntValue(0x2A, &v);return v;} 94 | int loadRegistryDebugGameType() {int v; loadRegistryIntValue(0x2B, &v);return v;} 95 | int loadRegistryDebugBootPath() {int v; loadRegistryIntValue(0x2C, &v);return v;} 96 | int loadRegistryDebugDirName(char * path,int max_len) {return loadRegistryStringValue(0x2D,path,max_len);} 97 | int loadRegistryAppHomeBootPath() {int v; loadRegistryIntValue(0x2E, &v);return v;} 98 | int loadRegistryWolDex() {int v; loadRegistryIntValue(0x2F, &v);return v;} 99 | int loadRegistryDispHddSpace() {int v; loadRegistryIntValue(0x30, &v);return v;} 100 | int loadRegistryAutoNetworkUpdate() {int v; loadRegistryIntValue(0x31, &v);return v;} 101 | int loadRegistryAutoPowerOff() {int v; loadRegistryIntValue(0x32, &v);return v;} 102 | int loadRegistryAutoPowerOffEx() {int v; loadRegistryIntValue(0x33, &v);return v;} 103 | int loadRegistryAutoPowerOffDebug() {int v; loadRegistryIntValue(0x34, &v);return v;} 104 | int loadRegistryHdmiControl() {int v; loadRegistryIntValue(0x35, &v);return v;} 105 | int loadRegistryHdmiControlEx() {int v; loadRegistryIntValue(0x36, &v);return v;} 106 | int loadRegistryPowerOnDiscBoot() {int v; loadRegistryIntValue(0x37, &v);return v;} 107 | int loadRegistryPowerOnReset() {int v; loadRegistryIntValue(0x38, &v);return v;} 108 | int loadRegistryDisable15Timeout() {int v; loadRegistryIntValue(0x39, &v);return v;} 109 | int loadRegistryDebugSystemUpdate() {int v; loadRegistryIntValue(0x3A, &v);return v;} 110 | int loadRegistryFakePlus() {int v; loadRegistryIntValue(0x3B, &v);return v;} 111 | int loadRegistryTurnOffWarning() {int v; loadRegistryIntValue(0x3C, &v);return v;} 112 | int loadRegistryBootMode(char * bootmode,int max_len) {return loadRegistryStringValue(0x3D,bootmode,max_len);} 113 | int loadRegistryCrashreportCrepo() {int v; loadRegistryIntValue(0x3E, &v);return v;} 114 | int loadRegistryCrashreportReporterStatus() {int v; loadRegistryIntValue(0x3F, &v);return v;} 115 | int loadRegistryCrashreportVshGeneratorEnableFlag() {int v; loadRegistryIntValue(0x40, &v);return v;} 116 | int loadRegistryDateTimeAutoCorrection() {int v; loadRegistryIntValue(0x41, &v);return v;} 117 | int loadRegistryAutobootStartTime() {int v; loadRegistryIntValue(0x42, &v);return v;} 118 | int loadRegistryEdyDebug() {int v; loadRegistryIntValue(0x43, &v);return v;} 119 | int loadRegistryUpConvert() {int v; loadRegistryIntValue(0x44, &v);return v;} 120 | int loadRegistryFnrLevel() {int v; loadRegistryIntValue(0x45, &v);return v;} 121 | int loadRegistryBnrLevel() {int v; loadRegistryIntValue(0x46, &v);return v;} 122 | int loadRegistryMnrLevel() {int v; loadRegistryIntValue(0x47, &v);return v;} 123 | int loadRegistrySequentialPlay() {int v; loadRegistryIntValue(0x48, &v);return v;} 124 | int loadRegistryHD50HzOutput() {int v; loadRegistryIntValue(0x49, &v);return v;} 125 | int loadRegistryOutputExtMenu() {int v; loadRegistryIntValue(0x4A, &v);return v;} 126 | int loadRegistryOutputExtFunc() {int v; loadRegistryIntValue(0x4B, &v);return v;} 127 | int loadRegistryDtcpIpSettingMenu() {int v; loadRegistryIntValue(0x4C, &v);return v;} 128 | int loadRegistryHddCaptionLanguage() {int v; loadRegistryIntValue(0x4D, &v);return v;} 129 | int loadRegistryHddSoundLanguage() {int v; loadRegistryIntValue(0x4E, &v);return v;} 130 | int loadRegistryClosedCaption() {int v; loadRegistryIntValue(0x4F, &v);return v;} 131 | int loadRegistryEmuUpConvert() {int v; loadRegistryIntValue(0x50, &v);return v;} 132 | int loadRegistryEmuSmoothing() {int v; loadRegistryIntValue(0x51, &v);return v;} 133 | int loadRegistryMinisUpConvert() {int v; loadRegistryIntValue(0x52, &v);return v;} 134 | int loadRegistryPspemuViewmode() {int v; loadRegistryIntValue(0x53, &v);return v;} 135 | int loadRegistryPspemu3dDisplay() {int v; loadRegistryIntValue(0x54, &v);return v;} 136 | int loadRegistryPspemu3dDepthAdjust() {int v; loadRegistryIntValue(0x55, &v);return v;} 137 | int loadRegistryPspemu3dMenu() {int v; loadRegistryIntValue(0x56, &v);return v;} 138 | int loadRegistryPspemuAdhocModeWlan() {int v; loadRegistryIntValue(0x57, &v);return v;} 139 | int loadRegistryPspemuAdhocModeCh() {int v; loadRegistryIntValue(0x58, &v);return v;} 140 | int loadRegistryPs2emuSaveUtility() {int v; loadRegistryIntValue(0x59, &v);return v;} 141 | int loadRegistryPs2softemuFunc() {int v; loadRegistryIntValue(0x5A, &v);return v;} 142 | int loadRegistryPs2BgCaution() {int v; loadRegistryIntValue(0x5B, &v);return v;} 143 | int loadRegistryCameraPlfreq() {int v; loadRegistryIntValue(0x5C, &v);return v;} 144 | int loadRegistryTvCategory() {int v; loadRegistryIntValue(0x5D, &v);return v;} 145 | int loadRegistryHomeInstaller() {int v; loadRegistryIntValue(0x5E, &v);return v;} 146 | int loadRegistryHomeQAMode() {int v; loadRegistryIntValue(0x5F, &v);return v;} 147 | int loadRegistryDummyInGameXMB() {int v; loadRegistryIntValue(0x60, &v);return v;} 148 | int loadRegistryYconExplained() {int v; loadRegistryIntValue(0x61, &v);return v;} 149 | int loadRegistryXaiDebugFlag() {int v; loadRegistryIntValue(0x62, &v);return v;} 150 | int loadRegistryAdServerURL(char * url,int max_len) {return loadRegistryStringValue(0x63,url,max_len);} 151 | int loadRegistryAdCatalogVersion(char * version,int max_len) {return loadRegistryStringValue(0x64,version,max_len);} 152 | int loadRegistryAdEnableNotification() {int v; loadRegistryIntValue(0x65, &v);return v;} 153 | int loadRegistryUploadDebug() {int v; loadRegistryIntValue(0x66, &v);return v;} 154 | int loadRegistryNetAutoDlDebug() {int v; loadRegistryIntValue(0x67, &v);return v;} 155 | int loadRegistryNetAutoDlFlag() {int v; loadRegistryIntValue(0x68, &v);return v;} 156 | int loadRegistryNetAutoDlTime() {int v; loadRegistryIntValue(0x69, &v);return v;} 157 | int loadRegistryNetAutoDlFunc() {int v; loadRegistryIntValue(0x6A, &v);return v;} 158 | int loadRegistryNetEmulationType() {int v; loadRegistryIntValue(0x6B, &v);return v;} // questionable 159 | int loadRegistryNetAdhocSsidPrefix(char * prefix,int max_len) {return loadRegistryStringValue(0x6C,prefix,max_len);} 160 | int loadRegistryPadVibrationEnable() {int v; loadRegistryIntValue(0x6D, &v);return v;} 161 | int loadRegistryPadAutoPowerOff() {int v; loadRegistryIntValue(0x6E, &v);return v;} 162 | int loadRegistryPadMagnetometer() {int v; loadRegistryIntValue(0x6F, &v);return v;} 163 | int loadRegistrySound0Initial() {int v; loadRegistryIntValue(0x70, &v);return v;} 164 | int loadRegistrySound1UsbHeadSetSound() {int v; loadRegistryIntValue(0x71, &v);return v;} // questionable 165 | int loadRegistryDlnaFlag() {int v; loadRegistryIntValue(0x72, &v);return v;} 166 | int loadRegistryDlnaDtcpipDevCert() {int v; loadRegistryIntValue(0x73, &v);return v;} // questionable 167 | int loadRegistryBrowserTrendEula() {int v; loadRegistryIntValue(0x74, &v);return v;} 168 | int loadRegistryBrowserTrendEnable() {int v; loadRegistryIntValue(0x75, &v);return v;} 169 | int loadRegistryBrowserTrendLastTime() {int v; loadRegistryIntValue(0x76, &v);return v;} 170 | int loadRegistryBrowserTrendTtl() {int v; loadRegistryIntValue(0x77, &v);return v;} 171 | int loadRegistryBrowserTrendRegistered() {int v; loadRegistryIntValue(0x78, &v);return v;} 172 | int loadRegistryBrowserHeapSize() {int v; loadRegistryIntValue(0x79, &v);return v;} 173 | int loadRegistryBrowserDebugMenu() {int v; loadRegistryIntValue(0x7A, &v);return v;} 174 | int loadRegistryBrowserType() {int v; loadRegistryIntValue(0x7B, &v);return v;} 175 | int loadRegistryWboardBaseUri(char * uri,int max_len) {return loadRegistryStringValue(0x7C,uri,max_len);} 176 | int loadRegistrySmssTargetServer() {int v; loadRegistryIntValue(0x7D, &v);return v;} 177 | int loadRegistrySmssResultOutput() {int v; loadRegistryIntValue(0x7E, &v);return v;} 178 | int loadRegistryDisplayForceEnable3D() {int v; loadRegistryIntValue(0x7F, &v);return v;} 179 | int loadRegistryDisplayScreenSize() {int v; loadRegistryIntValue(0x80, &v);return v;} 180 | int loadRegistryDisplayDeepColor() {int v; loadRegistryIntValue(0x81, &v);return v;} 181 | 182 | 183 | int saveRegistryDlnaFlag(int v) {return saveRegistryIntValue(0x72, v);} 184 | }; 185 | -------------------------------------------------------------------------------- /xai_plugin/xai_plugin.vcxproj: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | Debug 6 | PS3 7 | 8 | 9 | Release 10 | PS3 11 | 12 | 13 | 14 | {85CAA0A3-5E2B-4991-BA29-D7095F1C5C54} 15 | 16 | 17 | 18 | DynamicLibrary 19 | GCC 20 | 21 | 22 | DynamicLibrary 23 | GCC 24 | 25 | 26 | 27 | 28 | 29 | 30 | 31 | 32 | 33 | 34 | 35 | 36 | cellPRX_$(ProjectName) 37 | 38 | 39 | 40 | _DEBUG;__CELL_ASSERT__;%(PreprocessorDefinitions); 41 | true 42 | true 43 | MoreWarnings 44 | Level1 45 | WhenOptimizing 46 | 47 | 48 | $(SCE_PS3_ROOT)\target\ppu\lib\libfs_stub.a;$(SCE_PS3_ROOT)\target\ppu\lib\libsyscall.a;$(SCE_PS3_ROOT)\target\ppu\lib\libc.a;$(SCE_PS3_ROOT)\target\ppu\lib\librtc_stub.a;$(TargetDir)\cellPrx_videorec_stub.a;%(AdditionalDependencies) 49 | 50 | 51 | 52 | 53 | NDEBUG;%(PreprocessorDefinitions); 54 | Level2 55 | 56 | 57 | 58 | 59 | 60 | 61 | 62 | 63 | 64 | 65 | 66 | 67 | 68 | 69 | 70 | 71 | 72 | 73 | 74 | 75 | 76 | 77 | 78 | 79 | 80 | 81 | -------------------------------------------------------------------------------- /xai_plugin/xai_plugin.vcxproj.filters: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | 5 | {4FC737F1-C7A5-4376-A066-2A32D752A2FF} 6 | cpp;c;cxx;cc;s;asm 7 | 8 | 9 | {93995380-89BD-4b04-88EB-625FBE52EBFB} 10 | h;hpp 11 | 12 | 13 | 14 | 15 | Source Files 16 | 17 | 18 | Source Files 19 | 20 | 21 | Header Files 22 | 23 | 24 | Source Files 25 | 26 | 27 | Source Files 28 | 29 | 30 | 31 | 32 | Header Files 33 | 34 | 35 | Header Files 36 | 37 | 38 | Header Files 39 | 40 | 41 | Header Files 42 | 43 | 44 | Header Files 45 | 46 | 47 | Header Files 48 | 49 | 50 | Header Files 51 | 52 | 53 | Header Files 54 | 55 | 56 | Header Files 57 | 58 | 59 | Header Files 60 | 61 | 62 | Header Files 63 | 64 | 65 | -------------------------------------------------------------------------------- /xai_plugin/xai_plugin.vcxproj.user: -------------------------------------------------------------------------------- 1 | 2 | 3 | 4 | true 5 | 6 | -------------------------------------------------------------------------------- /xai_plugin/xmb_plugin.h: -------------------------------------------------------------------------------- 1 | // Mysis xmb_plugin.h v0.1 2 | enum plugins 3 | { 4 | system_plugin=0x00, 5 | xmb_plugin=0x01, 6 | explore_plugin=0x02, 7 | category_setting_plugin=0x03, 8 | user_plugin=0x04, 9 | sysconf_plugin=0x05, 10 | netconf_plugin=0x06, 11 | software_update_plugin=0x07, 12 | edy_plugin=0x08, 13 | print_plugin=0x09, 14 | deviceconf_plugin=0x0A, 15 | photoviewer_plugin=0x0B, 16 | audioplayer_plugin=0x0D, 17 | sacd_plugin=0x0E, 18 | eula_cddb_plugin=0x0F, 19 | videoplayer_plugin=0x10, 20 | bdp_plugin=0x11, 21 | bdp_disccheck_plugin=0x12, 22 | bdp_storage_plugin=0x13, 23 | game_plugin=0x14, 24 | gamedata_plugin=0x15, 25 | game_ext_plugin=0x16, 26 | ps3_savedata_plugin=0x17, 27 | vmc_savedata_plugin=0x18, 28 | premo_plugin=0x1A, 29 | webbrowser_plugin=0x1B, 30 | webrender_plugin=0x1C, 31 | //xai_plugin=0x1D, 32 | friendim_plugin=0x1E, 33 | friendml_plugin=0x1F, 34 | avc_plugin=0x20, 35 | avc2_text_plugin=0x21, 36 | nas_plugin=0x22, 37 | npsignin_plugin=0x23, 38 | np_trophy_plugin=0x24, 39 | np_trophy_ingame=0x25, 40 | friendtrophy_plugin=0x26, 41 | profile_plugin=0x27, 42 | videodownloader_plugin=0x28, 43 | download_plugin=0x29, 44 | thumthum_plugin=0x2A, 45 | micon_lock_plugin=0x2B, 46 | dlna_plugin=0x2C, 47 | strviewer_plugin=0x2D, 48 | playlist_plugin=0x2F, 49 | newstore_plugin=0x31, 50 | hknw_plugin=0x32, 51 | kensaku_plugin=0x34, 52 | regcam_plugin=0x35, 53 | idle_plugin=0x36, 54 | filecopy_plugin=0x37, 55 | wboard_plugin=0x38, 56 | poweroff_plugin=0x39, 57 | videoeditor_plugin=0x3A, 58 | scenefolder_plugin=0x3B, 59 | eula_hcopy_plugin=0x3C, 60 | mtpinitiator_plugin=0x3E, 61 | campaign_plugin=0x3F, 62 | remotedownload_plugin=0x40 63 | }; 64 | 65 | class xmb_plugin_xmm0 66 | { 67 | public: 68 | int (*GetPluginIdByName)(char *); 69 | char* (*GetPluginNameById)(int); 70 | int (*IsPluginViewAvailable)(int) ; 71 | int (*LoadPlugin3)(int, void *, int) ; 72 | int (*LoadPlugin4)(int *) ; 73 | int (*Shutdown)(int,void *,int) ; 74 | int (*DoUnk6)(int *) ; // shutdown as well? 75 | int (*DoUnk7)(int) ; 76 | int (*ActivatePlugin)(int) ; 77 | int (*DoUnk9)(int) ; 78 | int (*DoUnk10)(int) ; 79 | int (*DoUnk11)(int,int) ; 80 | int (*DoUnk12)(int,int,int) ; 81 | int (*DoUnk13)(int *) ; 82 | int (*DoUnk14)(int *) ; 83 | int (*DoUnk15)(int *) ; 84 | uint64_t (*GetModuleLoadOpinion)(int) ; 85 | void* (*SetModuleLoadOpinion)(int, uint64_t) ; 86 | int (*DoUnk18)(void *, int) ; 87 | int (*DoUnk19)(void *, int) ; 88 | int (*DoUnk20)(int *, int *) ; 89 | int (*DoUnk21)(int, int) ; 90 | int (*DoUnk22)(int) ; 91 | int (*DoUnk23)(const char *,int) ; 92 | int (*DoUnk24)(const char *,int) ; 93 | int (*DoUnk25)() ; 94 | }; 95 | 96 | 97 | class xmb_plugin_xmb2 98 | { 99 | public: 100 | int (*DoUnk0)(int); 101 | int (*DoUnk1)(int,int); 102 | int (*DoUnk2)(int, float); 103 | int (*DoUnk3)(); 104 | int (*DoUnk4)(); 105 | float (*DoUnk5)(float); 106 | float (*DoUnk6)(); 107 | int (*DoUnk7)(int,int); 108 | int (*DoUnk8)(); 109 | int (*DoUnk9)(int*,void*,const wchar_t *); 110 | int (*DoUnk10)(); 111 | int (*DoUnk11)(int); 112 | int (*DoUnk12)(int); 113 | int (*DoUnk13)(); 114 | int (*DoUnk14)(); 115 | int (*DoUnk15)(int,int); 116 | int (*DoUnk16)(int, int, int); 117 | int (*DoUnk17)(); 118 | int (*DoUnk18)(int,float,float); 119 | int (*DoUnk19)(int,int); 120 | int (*DoUnk20)(void *); 121 | int (*DoUnk21)(void *); 122 | int (*DoUnk22)(const wchar_t *); 123 | void * (*DoUnk23)(); 124 | int (*DoUnk24)(); 125 | void * (*DoUnk25)(); 126 | int (*DoUnk26)(int); 127 | int (*DoUnk27)(); 128 | int (*DoUnk28)(const char *); 129 | int (*DoUnk29)(); 130 | int (*DoUnk30)(void *, int*); 131 | int (*DoUnk31)(int); 132 | int (*DoUnk32)(int); 133 | }; 134 | 135 | 136 | class xmb_plugin_mod0 137 | { 138 | public: 139 | int (*DoUnk0)(); 140 | int (*DoUnk1)(); 141 | int (*DoUnk2)(); 142 | int (*DoUnk3)(); 143 | int (*DoUnk4)(); 144 | }; -------------------------------------------------------------------------------- /xai_plugin_reboot_template_src.rar: -------------------------------------------------------------------------------- https://raw.githubusercontent.com/esc0rtd3w/xai_plugin_hen/d4248c2b8b9eb97c9aa624ee0c5201a69c2f3349/xai_plugin_reboot_template_src.rar --------------------------------------------------------------------------------