Advertising (This ad goes away for registered users. You can Login or Register)

Search found 96 matches

by coyotebean
Thu Sep 13, 2012 4:56 am
Forum: Programming and Security
Topic: Coyotebeans PSP kernel exploit
Replies: 9
Views: 1987

Re: Coyotebeans PSP kernel exploit

That vulnerability is very specific and limited.
by coyotebean
Wed May 23, 2012 5:27 am
Forum: Programming and Security
Topic: sceNetAdhocPtpRecv question
Replies: 15
Views: 1697

Re: sceNetAdhocPtpRecv question

@wth when I tested with different revision of prxtool, it seems you may be using prxtool revision 2350 which does not handle that pspnet_adhoc relocation properly. prxtool revision (since?) 2459 will relocate that instruction to the data section even without -r option. (Relocation always applied to ...
by coyotebean
Mon May 21, 2012 5:44 pm
Forum: Programming and Security
Topic: sceNetAdhocPtpRecv question
Replies: 15
Views: 1697

Re: sceNetAdhocPtpRecv question

@wth the section address used to resolve the relocation is in the relocation entry. You cannot determine it from the instruction itself.

@thecobra this instruction set quick reference may be useful too http://www.mips.com/media/files/MD00565 ... -01.01.pdf
by coyotebean
Sun May 20, 2012 7:36 am
Forum: Programming and Security
Topic: sceNetAdhocPtpRecv question
Replies: 15
Views: 1697

Re: sceNetAdhocPtpRecv question

For Q1, that should be pointing to the data section. I use the -r switch when disassembling with prxtool to apply relocation to resolve this.
by coyotebean
Wed May 09, 2012 6:07 am
Forum: Programming and Security
Topic: Kernel Exploit Hen Question
Replies: 25
Views: 6740

Re: Kernel Exploit Hen Question

Hi all, i think i found a vulnerabilities in one of the kernel functions but it seems fails/jump out when i set it to write to a kernel address. REPORT: [spoiler]Register $s2 is $a1 before any modification. $a3 is loaded from MEM[$v0 + 104] $v0 = $k1 & $a1 loc_0000XXXX is the end of the function. $...
by coyotebean
Tue Aug 30, 2011 2:41 pm
Forum: Programming and Security
Topic: Variable remains 0
Replies: 14
Views: 2007

Re: Variable remains 0

(|EcLiPsE|) wrote:Could somebody tell my why was CI_bomb was treated like obj_food?
When i = 20??
by coyotebean
Wed Aug 17, 2011 5:44 am
Forum: General
Topic: 6.60 PSARDumper By Proxima
Replies: 20
Views: 21560

Re: 6.60 PSARDumper By Proxima

ok 2 fixes in popsdeco 0.13... if (memcmp(version, "3.8", 3) == 0 || memcmp(version, "3.9", 3) == 0) { table_mode = 1; } else if (memcmp(version, "4.", 2) == 0) { table_mode = 2; } else if (memcmp(version, "5.", 2) == 0) { table_mode = 3; } else if ((memcmp(version, "6.3", 3) == 0) && (psarVersion ...
by coyotebean
Wed Aug 17, 2011 5:31 am
Forum: General
Topic: 6.60 PSARDumper By Proxima
Replies: 20
Views: 21560

Re: 6.60 PSARDumper By Proxima

ok 2 fixes in popsdeco 0.13... if ((memcmp(g_dataOut2, "~PSP", 4) == 0) && (mode == MODE_DECRYPT)) { //memset(g_dataOut2+0x104,0,0x28); //seems not required; breaks 6.35/6.39 expand int cbDecrypted = pspDecryptPRX(g_dataOut2, g_dataOut, cbExpanded); Actually what is this memset's role? That is the ...
by coyotebean
Mon Jul 18, 2011 3:42 pm
Forum: General
Topic: Need PSP 3000s (03g/04g/07g/09g)
Replies: 24
Views: 4723

Re: Need PSP 3000s (03g/04g/07g/09g)

I don't know why I keep on think about HBN (HomeBrew Network like PSN) from XMB. hahaha
by coyotebean
Mon Jul 18, 2011 3:34 pm
Forum: Programming and Security
Topic: [Released] JigKick for PSP-2000 (TA-088v3 supported)
Replies: 111
Views: 67829

Re: [Released] JigKick for PSP-2000 (TA-088v3 supported)

#define CMD_READ_DATA 0x20 #define CMD_WRITE_DATA 0x21 #define CMD_READ_INFO 0x22 #define CMD_WRITE_INFO 0x23 #define CMD_READ_ATRB 0x24 #define CMD_STOP 0x25 #define CMD_ERASE 0x26 #define CMD_CHG_CLASS 0x27 The MSID normally is read with command CMD_READ_ATRB. Is there some other way to read/writ...

Go to advanced search