Page 1 of 1

[Solved] Patching module offsets...

PostPosted: Fri Aug 12, 2011 6:49 pm
by frostegater
Hello,
Could you help me, please? I need to patch an offset in one module, for example SysconfPlugin offset..

IF FW = 401 offset = 0x00007708,
If FW = 620 offset = 0x0002BDB4,
if FW = 635 offset = 0x0002C724,
... etc...

Also..
patching sceIOFileManager Module...

example (from cxmb)..

Code: Select all   tSceModule * pMod = ( tSceModule * )sceKernelFindModuleByName( "sceIOFileManager" );
   unsigned int addr = 0;
   if ( !pMod )
      return 0;
   if ( fw_version == FW_371 )
      addr = pMod->text_addr + 0x00002844;
   else if (  fw_version == FW_380
         || fw_version == FW_390 )
      addr = pMod->text_addr + 0x00002808;
   else if ( fw_version == FW_401 )
      addr = pMod->text_addr + 0x000027EC;

   return addr;


P.S. I don't ask you to do it yourself, but help me to find the way to do this.

Re: Patching module offsets...

PostPosted: Fri Aug 12, 2011 7:15 pm
by RNB_PSP
I don't have any knowledge about that but maybe [url=code.google.com/p/holdpsp]hold+'s source[/url] might help you. I saw it's source and it's patching some functions.

Re: Patching module offsets...

PostPosted: Sat Aug 13, 2011 5:52 am
by frostegater
RNB_PSP wrote:I don't have any knowledge about that but maybe [url=code.google.com/p/holdpsp]hold+'s source[/url] might help you. I saw it's source and it's patching some functions.

No. It does not help.

Re: Patching module offsets...

PostPosted: Sat Aug 13, 2011 6:11 am
by JJS
What exactly is your question? I mean the code snippet you posted already gives you the memory address where you need to apply your patch. So all you need to do now is write whatever you want there.

Basically if you want to set it to 0 you would write:
Code: Select all*(unsigned int*)addr = 0;

or
Code: Select all_sw(0, addr);

Re: Patching module offsets...

PostPosted: Sat Aug 13, 2011 7:33 am
by frostegater
JJS wrote:What exactly is your question? I mean the code snippet you posted already gives you the memory address where you need to apply your patch. So all you need to do now is write whatever you want there.

Basically if you want to set it to 0 you would write:
Code: Select all*(unsigned int*)addr = 0;

or
Code: Select all_sw(0, addr);

I know it ...but...
How can I find the right memory address?

Re: Patching module offsets...

PostPosted: Sat Aug 13, 2011 11:12 pm
by m0skit0
Do a memory dump and search for the values you want to subsitute.

Re: Patching module offsets...

PostPosted: Sat Aug 13, 2011 11:56 pm
by some1
Well, all you have to do is dump the files for the OFW that you already know the offset, and the target OFW(using psardumper), and then compare the one you already know, and try finding the exact same instruction/function/section in the new OFW. This will require atleast minimal knowledge of mips btw.

I checked a 401 dump and it seems

Code: Select alladdr = pMod->text_addr + 0x000027EC;


is a function, the address for 635 will probably be 0x00002A38 (I did this quickly, so double check this).

Re: Patching module offsets...

PostPosted: Sun Aug 14, 2011 6:32 am
by frostegater
some1 wrote:Well, all you have to do is dump the files for the OFW that you already know the offset, and the target OFW(using psardumper), and then compare the one you already know, and try finding the exact same instruction/function/section in the new OFW. This will require atleast minimal knowledge of mips btw.

I checked a 401 dump and it seems

Code: Select alladdr = pMod->text_addr + 0x000027EC;


is a function, the address for 635 will probably be 0x00002A38 (I did this quickly, so double check this).


0x00002A44. Thanks! I understand how it is.

6.60 offset: 0x00002A4C

Attach: cxmb 3.71 - 6.60(I checked. It works. Source code included.)...

Re: [Solved] Patching module offsets...

PostPosted: Sun Aug 14, 2011 11:03 am
by m0skit0
Meh some1, let him do it himself ;)