Look at TN's patching address.... Maybe I can do something with it and patch Davee's Version and Mac Address Spoofer...If that doesnt work I'll do what JJS told me.... Thanks you 2S!
Help patching this...
Forum rules
Forum rule Nº 15 is strictly enforced in this subforum.
Forum rule Nº 15 is strictly enforced in this subforum.
-
- Posts: 166
- Joined: Tue Jan 04, 2011 10:43 am
- Location: Flash0:/
Re: Help patching this...
I think Ill Do what NightStar said...
Look at TN's patching address.... Maybe I can do something with it and patch Davee's Version and Mac Address Spoofer...If that doesnt work I'll do what JJS told me.... Thanks you 2S!
Look at TN's patching address.... Maybe I can do something with it and patch Davee's Version and Mac Address Spoofer...If that doesnt work I'll do what JJS told me.... Thanks you 2S!
Advertising
Re: Help patching this...
Seems I found something after examining the sysconf_plugin.prx (extracted and decrypted with PSAR Dumper from the OFW update) of all these known OFW with a hex editor.
The old 0x15EE0 was changed to 0x15D74 in 5.5x OFW, according to the code of an unofficial Davee's spoofer v4 by Zer01ne.
I checked these addresses in these versions and found the clue is a hex string of "00 01 05 24 21 20" in sysconf_plugin.prx that begins from the address mentioned above. When searching that string in the sysconf of later OFW, there is only one matching address, and that is the sysconf address needed by the spoofer. The second address is calculated by using the address found minus "2D0".
The sysconf addresses are:
I didn't test the 6.20 address myself as I'm now on 6.35 PRO-A3. However, the version spoofing doesn't work on PRO-A3, while the MAC spoofing works.
Maybe the address for 6.35 will work on all 6.3x as the address didn't change in 6.37.
The old 0x15EE0 was changed to 0x15D74 in 5.5x OFW, according to the code of an unofficial Davee's spoofer v4 by Zer01ne.
I checked these addresses in these versions and found the clue is a hex string of "00 01 05 24 21 20" in sysconf_plugin.prx that begins from the address mentioned above. When searching that string in the sysconf of later OFW, there is only one matching address, and that is the sysconf address needed by the spoofer. The second address is calculated by using the address found minus "2D0".
The sysconf addresses are:
Code: Select all
//6.20, found, untested
{ PSP_FIRMWARE(0x620), 0x18920, 0x18650 },
//6.35, found
{ PSP_FIRMWARE(0x635), 0x18F3C, 0x18C6C },
//6.37, sysconf didn't change...
{ PSP_FIRMWARE(0x637), 0x18F3C, 0x18C6C },
Maybe the address for 6.35 will work on all 6.3x as the address didn't change in 6.37.
Advertising
Last edited by L5230742 on Tue Feb 15, 2011 3:29 pm, edited 2 times in total.
- L.S.S.
Re: Help patching this...
I found 6.20 a few weeks ago But canceled my project because we´ll get flamed with so many fake CFW´s & videos ! "Uhhh i programmed a new CFW"L5230742 wrote:[spoiler]Seems I found something after examining the sysconf_plugin.prx (extracted and decrypted with PSAR Dumper from the OFW update) of all these known OFW with a hex editor.
The old 0x15EE0 was changed to 0x15D74 in 5.5x OFW, according to the code of an unofficial Davee's spoofer v4 by Zer01ne.
I checked these addresses in these versions and found the clue is a hex string of "00 01 05 24 21 20" in sysconf_plugin.prx that begins from the address mentioned above. When searching that string in the sysconf of later OFW, there is only one matching address, and that is the sysconf address needed by the spoofer. The second address is calculated by using the address found minus "2D0".
The sysconf addresses are:
I didn't test the 6.20 address myself as I'm now on 6.35 PRO-A3. However, the version spoofing doesn't work on PRO-A3, while the MAC spoofing works.Code: Select all
//6.20, found, untested { PSP_FIRMWARE(0x620), 0x18920, 0x18650 }, //6.35, found { PSP_FIRMWARE(0x635), 0x18F3C, 0x18C6C }, //6.37, sysconf didn't change... { PSP_FIRMWARE(0x637), 0x18F3C, 0x18C6C },
Maybe the address for 6.35 will work on all 6.3x as the address didn't change in 6.37.[/spoiler]
btw:
//6.36
{ PSP_FIRMWARE(0x636), 0x18F3C, 0x18C6C },
same as 6.35 & 6.37 as usual
ps: i tried it the same way its the simplest way...
G-UploadZ.tk - Free PS3 & PSP Homebrews (Uploaded on Megaupload)
Re: Help patching this...
You're right. The spoofer is merely a tool enabling you to decorate the system information with things you want, not a tool to trick others.DaNS wrote: I found 6.20 a few weeks ago But canceled my project because we´ll get flamed with so many fake CFW´s & videos ! "Uhhh i programmed a new CFW"
I'd love to put a compiled version for testing, but now thinking about it would lead to this, I'd better not.
Anyway, the problem causing the version spoofing is not working on 6.35 PRO-Ax is yet to be found.
- L.S.S.
-
- Posts: 155
- Joined: Sat Dec 25, 2010 10:52 pm
- Location: Hidden, but only for users & admins, not for me
Re: Help patching this...
and now, can someone compile this
i can't compile this i get errors in "systemctrl.h" from the M33 SDK
also i get errors in the "main.cpp"
can someone compile this, i think many people want a unlimited version & mac address spoofer for 6.20 - 6.36
hope for a release soon
i can't compile this i get errors in "systemctrl.h" from the M33 SDK
also i get errors in the "main.cpp"
can someone compile this, i think many people want a unlimited version & mac address spoofer for 6.20 - 6.36
hope for a release soon
PlayStation® Portable
Model: PSP-2004 (Europe)
Mobo: TA-088v3 / 02g
Firmware: 6.20 TN-D Perma - TN-E don' work
PlayStation® Vita
Model: <coming soon>
Yes, i purchased a PSvita
Model: PSP-2004 (Europe)
Mobo: TA-088v3 / 02g
Firmware: 6.20 TN-D Perma - TN-E don' work
PlayStation® Vita
Model: <coming soon>
Yes, i purchased a PSvita
Re: Help patching this...
Hello guys,
here is a compiled version by cha0z...
btw: everybody can compile such a thing -.-"
anyway he discredited me here:
http://www.pspking.de/forum/showthread. ... #pid401102
btw: i´m fixit there xD
here is a compiled version by cha0z...
btw: everybody can compile such a thing -.-"
anyway he discredited me here:
http://www.pspking.de/forum/showthread. ... #pid401102
Code: Select all
#include <pspkernel.h>
#include <systemctrl.h>
#include <systemctrl_se.h>
#include <kubridge.h>
#include <string.h>
PSP_MODULE_INFO("SysconfPatcher", 0x1007, 1, 0);
#define MAKE_CALL(a, f) _sw(0x0C000000 | (((u32)(f) >> 2) & 0x03ffffff), a)
#define PSP_FIRMWARE(f) ((((f >> 8) & 0xF) << 24) | (((f >> 4) & 0xF) << 16) | ((f & 0xF) << 8) | 0x10)
STMOD_HANDLER previous = NULL;
char *ver_info = NULL;
char *mac_info = NULL;
typedef struct
{
u32 devkit;
u32 sysconf_ver;
u32 sysconf_mac;
} PatchesVersion;
PatchesVersion sysconfPatches[] =
{
{ PSP_FIRMWARE(0x500), 0x15EE0, 0x15C10 },
{ PSP_FIRMWARE(0x502), 0x15EE0, 0x15C10 },
{ PSP_FIRMWARE(0x503), 0x15EE0, 0x15C10 },
/* Thanks to: L5230742&DaNS */
{ PSP_FIRMWARE(0x550), 0x15D74, 0x15C10 }, //Zer01ne
{ PSP_FIRMWARE(0x620), 0x18920, 0x18650 }, // DaNS & L5230742
{ PSP_FIRMWARE(0x635), 0x18F3C, 0x18C6C }, //L5230742
{ PSP_FIRMWARE(0x636), 0x18F3C, 0x18C6C }, // DaNS
{ PSP_FIRMWARE(0x637), 0x18F3C, 0x18C6C }, /L5230741 & DaNS
};
#define PATCHES_N (sizeof(sysconfPatches) / sizeof(PatchesVersion))
int OnModuleStart(SceModule2 *mod)
{
int i;
u32 ver = sceKernelDevkitVersion();
if (strcmp(mod->modname, "sysconf_plugin_module") == 0)
{
for (i = 0; i < PATCHES_N; i++)
{
if (sysconfPatches[i].devkit == ver)
{
if (ver_info)
{
_sw(0x3C020000 | ((int)ver_info >> 16), mod->text_addr + sysconfPatches[i].sysconf_ver);
_sw(0x34420000 | ((int)ver_info & 0xFFFF), mod->text_addr + sysconfPatches[i].sysconf_ver + 4);
}
if (mac_info)
{
_sw(0x3C060000 | ((int)mac_info >> 16), mod->text_addr + sysconfPatches[i].sysconf_mac);
_sw(0x24C60000 | ((int)mac_info & 0xFFFF), mod->text_addr + sysconfPatches[i].sysconf_mac + 4);
}
sceKernelDcacheWritebackAll();
sceKernelIcacheClearAll();
}
}
}
if (!previous)
return 0;
return previous(mod);
}
int getSpoof(char *file, int mode)
{
int i;
char *global;
u16 isunicode = 0;
SceIoStat stat;
memset(&stat, 0, sizeof(SceIoStat));
if (sceIoGetstat(file, &stat) < 0)
return -1;
SceUID fd = sceIoOpen(file, PSP_O_RDONLY, 0777);
if (fd < 0)
return -1;
sceIoRead(fd, &isunicode, sizeof(u16));
if (isunicode != 0xFEFF)
{
isunicode = 0;
stat.st_size = (stat.st_size * 2) + 2;
sceIoLseek32(fd, 0, PSP_SEEK_SET);
}
SceUID block_id = sceKernelAllocPartitionMemory(2, "", PSP_SMEM_Low, stat.st_size, NULL);
if (block_id < 0)
return -1;
global = sceKernelGetBlockHeadAddr(block_id);
memset(global, 0, stat.st_size);
if (isunicode)
{
sceIoRead(fd, global, stat.st_size - 2);
}
else
{
for (i = 0; i < (stat.st_size / 2); i++)
{
sceIoRead(fd, global + (i * 2), 1);
}
}
if (!mode)
ver_info = global; //lazy
else
mac_info = global;
sceIoClose(fd);
return 0;
}
int module_start(SceSize args, void *argp)
{
int ret;
int pspmodel = sceKernelGetModel();
if (pspmodel >= 4)
{
ret = getSpoof("ef0:/seplugins/firmware.txt", 0);
ret += getSpoof("ef0:/seplugins/mac_adress.txt", 1);
if (ret < -1)
return ret;
previous = sctrlHENSetStartModuleHandler(OnModuleStart);
return 0;
}
else
ret = getSpoof("ms0:/seplugins/firmware.txt", 0);
ret += getSpoof("ms0:/seplugins/mac_adress.txt", 1);
if (ret < -1)
return ret;
previous = sctrlHENSetStartModuleHandler(OnModuleStart);
return 0;
}
btw: i´m fixit there xD
G-UploadZ.tk - Free PS3 & PSP Homebrews (Uploaded on Megaupload)
-
- Posts: 155
- Joined: Sat Dec 25, 2010 10:52 pm
- Location: Hidden, but only for users & admins, not for me
Re: Help patching this...
the mac address doesn't spoof correctly
i got Japanese symbols or so...
can you fix this ****, pls
here a screenshoot
EDIT: my mac_adress.txt
i got Japanese symbols or so...
can you fix this ****, pls
here a screenshoot
EDIT: my mac_adress.txt
Code: Select all
<ERROR>
Attempt to know [FAILED]
PlayStation® Portable
Model: PSP-2004 (Europe)
Mobo: TA-088v3 / 02g
Firmware: 6.20 TN-D Perma - TN-E don' work
PlayStation® Vita
Model: <coming soon>
Yes, i purchased a PSvita
Model: PSP-2004 (Europe)
Mobo: TA-088v3 / 02g
Firmware: 6.20 TN-D Perma - TN-E don' work
PlayStation® Vita
Model: <coming soon>
Yes, i purchased a PSvita
-
- Posts: 166
- Joined: Tue Jan 04, 2011 10:43 am
- Location: Flash0:/
Re: Help patching this...
that's because it's not suppose to be main.cpp and yet main.c... Thanks guys I just now checked pspking.de and found fixit98's topic on Version Spoofer for 6.xx...SoftHacker wrote:also i get errors in the "main.cpp"
-
- Posts: 155
- Joined: Sat Dec 25, 2010 10:52 pm
- Location: Hidden, but only for users & admins, not for me
Re: Help patching this...
and whats about the mac spoof error
i won't crappy symbols, i want the content of "mac_adress.txt"
here the screenshot again
EDIT: i tried turning off the "Hide Mac Address", it still doesn't wok
help pls!!!
i won't crappy symbols, i want the content of "mac_adress.txt"
here the screenshot again
EDIT: i tried turning off the "Hide Mac Address", it still doesn't wok
help pls!!!
PlayStation® Portable
Model: PSP-2004 (Europe)
Mobo: TA-088v3 / 02g
Firmware: 6.20 TN-D Perma - TN-E don' work
PlayStation® Vita
Model: <coming soon>
Yes, i purchased a PSvita
Model: PSP-2004 (Europe)
Mobo: TA-088v3 / 02g
Firmware: 6.20 TN-D Perma - TN-E don' work
PlayStation® Vita
Model: <coming soon>
Yes, i purchased a PSvita
-
- Posts: 166
- Joined: Tue Jan 04, 2011 10:43 am
- Location: Flash0:/
Re: Help patching this...
What about it?SoftHacker wrote:and whats about the mac spoof error
i won't crappy symbols, i want the content of "mac_adress.txt"
here the screenshot again