Half Byte Loader R96 a.k.a. JJS rocks


We are constantly looking for guest bloggers at wololo.net. If you like to write, and have a strong interest in the console hacking scene, contact me either with a comment here, or in a PM on /talk!

116 Responses

  1. dub king says:

    wololo is it possible to rewrite all 6.10 files/nids as 6.20 like just have the hbl read 6.10 files as 6.20 because if da syscall thingy works on 6.10 and not much could have changed between 6.10 and 6.20 wouldnt it technically be able to function the same? plz reply

  2. JulzDiesel says:

    @dub king No. Syscalls cannot be estimated in 6.20 because there are some “Gaps” in between the numbers which didn’t exist in 6.10 and lower.

  3. Abe says:

    I’m having a problem with running roms on daedalus (psp go 6.20 rev96). Every time I use a rom for the first time, it runs quite well, but when I shut it off and start the rom again, it reverts back to pre 96 speed which I seem to be able to fix by deleting the file “missing_mux.txt” in the folder dump/*rom name*. however everytime I delete this and play the game, it autocreates another file so that the next time i play, I will once again encounter slow down. Even saving the missing_mux.txt file as a blank txt file will not prevent this. Can anyone help me with this problem???

  4. dub king says:

    @Abe try using a different verison of daedalus maybe a older or more recent version will work better just use google idk but i think there are 14revisions of daedalus

  5. dub king says:

    @JulzDiesel what if they programed the syscall thingy in for a few popular homebrews instead of estimating them? could that work alot better for the few homebrews they do it for, or is that not even possible? AND you said there was a “gap” in the numbers, so if that gap was identified could they have hbl read it as though the gap didnt exsist and just run like it does on other versions?

  6. jemina0514 says:

    If you dont have a pandora batt. Go to the philippines .. It cost only 3us dollars to downgrade your unit.. Plus a lot of games 🙂

  7. VV says:

    Great job. One question though ,for Java VM?is PSPKVM the one that you guys using?) How about it ? which version?

    Another question might out of topic, but anyone know that team has any plan to update their PSPKVM? They are way behind the roadmap.

  8. dub king says:

    @VV google pspkvm it should be the first link then when you get to the main pspkvm site you should see a link to sourceforge somewhere at the top of the page, at sorceforge you can download pspkvm v0.5.4 i have it n it works great.

    Something to keep in mind tho, when you start it up you get a black screen for 15secs then it switches to an hbl screen for 10secs then it starts up so dont get all jumpy to turn off ur psp thinking it froze (I have PSP-3004 thats how it works for me)

  9. carlos says:

    @Wolfdawg pokemon stadio2 en dedalux rev14 ok hbl 96

  10. grewolf says:

    so this is what JJS is talking about, well another breakthrough for team HBL again and again and again, nice work guys. just a question, wololo does 6.20 supports lua coz ive read in compatibility list that someone posted battle fantasy, Ive tried it and failed. Ive got . btw.

  11. grewolf says:

    I mean 5.51 sorry for double posting.

  12. JulzDiesel says:

    @dub king I’m not sure about programming syscalls to work for specific homebrews but I believe they have been doing that already since Wololo proposed a list of homebrew that they had to keep working with HBL (Daedalus, gpsp Kai, Wagic) in order to keep us users happy. Doing that of course breaks compatibility with other homebrews, even with a perfect syscall estimation I believe.
    As for the gap I mentioned. Unfortunately it CAN’T be predicted, it has a very “random” pattern (although they said the same for the Go, but JJS found a way to estimate it in the end) but the problem is that they can’t estimate the gap because they cannot make a kmemdump for the 2k or 3k as they did with the Go.
    Don’t take my word for granted, but I believe COYOTEBEAN himself helped the team with the kmemdump for the Go.
    God knows how much time it will take for 6.20 in 2k or 3k to get the kernel dump.

    • wololo says:

      @JulzDiesel : you’re basically right except the one who provided the trick for the kernel dump was freeplay, not coyotebean.
      Additionally, it is true that we try very hard to keep compatibility with a dozen selected homebrews (including popular emulators). It doesn’t mean doing that “breaks” other homebrews, but it means we don’t check all homebrews everytime we do a release. We can just guarantee those 10-12 homebrews. R96 made it more difficult because now we need to test it on a “non psp go” with firmware 6.20 as well…

  13. Roxaxis says:

    No, coyotobean is nothing to do with it.


    Read and learn.

  14. dub king says:

    so right now you guys dont have the kmemdump for psp 3000/2000/1000 6.20? but i thought that if you downloaded the eboot.pbp for ofw 6.20 its still the same code for either system, only when you install it is the code different depending on each system (oh i was reading your great tutorials on finding exploits, crafted images n other stuff wololo i just got one question (i hope im using the right terms) the 1000 has a 32mb MIPS chip and the 2000 and 3000 have the 64mb MIPS chip so what does the Go have?)

  15. JulzDiesel says:

    @dub king Someone asked something similar about having the same code in all models and here is what JJS said:

    “The syscalls on 6.20 on the GO work exactly the same as on every other model. The same method of obfuscating the syscalls is applied on all of them.

    There is just an oversight in a driver for the GO that allows read access to the kernel memory which allows the syscalls to be estimated again. For non-GO models the obfuscation works as intended and it is not easy to break. In fact I doubt that syscall estimation can be brought to the same level as on the other firmwares, but I see room for improvements.”

    Thanks for making things clearer Wololo. And, well, I think I have already talked to much in this thread so I’ll stop now. Sorry to have disturbed you. I do like HBL alot BTW.

  16. jemina0514 says:

    Great work..

  17. shadyblue says:

    hey wololo im just wondering why on ur psp go it starts the game really fast on r95 when on my psp 2000 with r95 it loads for 2-3 min then starts… Am i doing anything wrong?

  18. Death Fish says:

    Hii Wololo!! Your work is amazing! But I have a question.. What HBL could do in the end of your work? Do you think that HBL will ever run games from PSOne? thx 😎

  19. SgT_R4Z0r! says:

    lol 2-3 min mine 10s or 15 it starts fast maybe its time to reformat ur mem stick ?

  20. shadyblue says:

    i think i over exagerated when i counted it takes 35-45 sec but still not as fast as urs which takes seconds wololo

  21. JJS says:

    Looks like you are using the debug version. The release build is much faster.

  22. shadyblue says:

    no i downloaded the non debug version of r96 and it works the same as r95

  23. Dex says:

    @Death Fish

    Well you could give one or two games a try. A while back i had Driver 2 converted (from my own purchased copy of the game) to an EBOOT for my PSP 3000 and tried loading it in HBL. Didnt work of course but i’d say it could work at some point. For now, keep trying. I cant eight now as i seem to have misplaced my collection of PSone games 😛

  24. dub king says:

    what makes homebrew’s programming different from demos n other eboots? i mean what gives demos the ability to start up but homebrews cant?

  25. wololo says:

    @dub king: signature/encryption.

  26. pop says:

    @Jimjim i didn’t misread it -.-‘ my psp isn’t a psp GO its a 3000….AND now it’s on 6.20 :'(

  27. Wolfdawg says:


  28. dub king says:

    den cant we use sumthing like patapon 2 demo and while keeping same encryption and signiture just rewrite the contents?

  29. JJS says:

    @dub king: No, because:
    1. We are not (and never will be) able to encrypt an Eboot because we know neither the key nor the exact encryption method.
    2. If it would be easy (or at all possible) to find two files that produce the same signature, then what would be the point of having the signature in the first place?

  30. vandurol123 says:

    If it were that easy, it would have been done by now…

  31. BoNeZz says:

    plz wolol dont worry about 2000 and 1000 psp they have pandora work on our 6.20 problem plzzz….. much oblaged…i cant spell

  32. Monster says:

    Wol, I love your program! I bought a used PSP when I learned about your loader and I’ve been enjoying it ever since with the help of HBL. I think I’ve played an actual PSP game for a mere 30 m total. Keep up the great work.

  33. dick says:

    make a release compatible with Defense Station Portable

  34. titane2000 says:

    Hi Wololo! Can tell me why daedalus don’t work on my psp with the hblR97 and daedalusR13. I’ve a psp 3004 with OFW 5.55. Can you also make compatible de HBL with a popsloader to play my old PSONE game i’ve purchased and now if i want to play with it i’ve to pay another time to sony that’s not just.
    Thank for your answer

  35. Caio says:

    Is it still worth updating from 6.10 to 6.20 just to install HEN, even though I will lose perfect syscall estimation?