gDrive you can decrypt multiman all day though if you like.
Just curious, comparably, multiman eboot is 2-3 mb and ME3 is 28mb, have you tried a smaller eboot from a different game to see if this would perform efficiently with a smaller eboot ? Once you get back to the starting point that is. I've had similar ideas that have been mentioned in this thread but didn't want to come across like I knew something. OK, who am I kidding, I didn't want to sound stupid if someone didn't agree.
I admire your determination and appreciate this discussion.
Just curious, comparably, multiman eboot is 2-3 mb and ME3 is 28mb, have you tried a smaller eboot from a different game to see if this would perform efficiently with a smaller eboot ? Once you get back to the starting point that is. I've had similar ideas that have been mentioned in this thread but didn't want to come across like I knew something. OK, who am I kidding, I didn't want to sound stupid if someone didn't agree.
I admire your determination and appreciate this discussion.
Yeah I thought about it, but now my problem is dev_blind will only let me write to it like 10% of the time. It seems to only let me write to it after i've just reinstalled my CFW.
Originally Posted by Brenza
You should'n have released it... now they'll fix the exploit! >.>
Who sony? Well they cant fix an exploit on 3.55 its an old firmware. The only thing they can do is somehow have all 3rd party game company dev's somehow make the eboot have protection from being dumped in the ram, which would be quite difficult I believe if they plan on having the games boot, which is the whole point.
PS3 Slim w/ Rebug Rex 4.30.2, 500GB Internal, 1TB/3TB External; PS2 Fat McBoot w/ Hard Drive; Windows 7 x64 Ultimate
Last game finished: Crysis 3 | Currently Playing: Dead Space 3
Well my prediction was correct well i wont say too much but Hopefully someone know how to patch newer games or all of this would of been a waste. If newer games dont surface by 2weeks my 2nd prediction will be true.
// Author: Shadoxi
// Modified: :)
// Backup the original /dev_flash/sys/external/libsysutil_np_trophy.sprx to /dev_hdd0
// Replace /dev_blind/sys/external/libsysutil_np_trophy.sprx by this sprx
#include <stdio.h>
#include <stdlib.h>
#include <cell/error.h>
#include <cell/cell_fs.h>
#include <sys/process.h>
#include <sys/paths.h>
#include <sys/prx.h>
#include <sys/tty.h>
SYS_MODULE_INFO (sceNpTrophyhook, 0, 1, 0 );
SYS_MODULE_START( _start );
SYS_MODULE_STOP ( _stop );
SYS_LIB_DECLARE( sceNpTrophyhook, SYS_LIB_AUTO_EXPORT | SYS_LIB_WEAK_IMPORT );
SYS_LIB_EXPORT ( loader_sprx, sceNpTrophyhook );
int _start(void);
int _stop(void);
void DumpELF_Payload(void);
void loader_sprx(const char* PATH_PRX);
static void write_message (char const * message)
{
unsigned int write_length;
char const * end;
for (end = message; *end != '\0'; ++end);
sys_tty_write(SYS_TTYP_PPU_STDERR, message,end - message, &write_length);
}
void DumpELF_Payload(void)
{
write_message("Dumping ELF from RAM...\n");
int fd;
uint64_t nread;
uint64_t ptr= 0x00010000ULL; //ELF offset in RAM;
uint64_t sizeelf = 35*1024*1024; //Need a way to get size of ELF
char dump_path[30]="/dev_hdd0/RAMDUMP-00.BIN";
for(uint8_t i=0; i<100; i++)
{
dump_path[18]=0x30+i/10;
dump_path[19]=0x30+i%10;
if (cellFsOpen(dump_path, CELL_FS_O_RDONLY, &fd, NULL, 0) != CELL_FS_SUCCEEDED)
{
cellFsOpen(dump_path, CELL_FS_O_CREAT|CELL_FS_O_RDWR|CELL_FS_O_TRUNC, &fd, NULL, 0);
cellFsWrite(fd, (void*)ptr, sizeelf, &nread);
cellFsClose(fd);
return;
}
else
cellFsClose(fd);
}
return;
}
void loader_sprx(const char* PATH_PRX)
{
sys_prx_id_t prx_id ;
write_message ("Loading original prx... ");
prx_id = sys_prx_load_module(PATH_PRX, 0, NULL);
if (prx_id <= CELL_OK)
{
write_message ("Failed!\n");
return;
}
else
write_message ("Done!\n\nStarting module... ");
int modres;
if(sys_prx_start_module( prx_id, 0, NULL, &modres, 0, NULL) != CELL_OK)
write_message ("Failed!\n");
}
int _start(void)
{
write_message ("By shadoxi\n");
DumpELF_Payload();
// place here original libsysutil_np_trophy.sprx
loader_sprx("/dev_hdd0/libsysutil_np_trophy.sprx");
return SYS_PRX_RESIDENT;
}
int _stop(void)
{
return SYS_PRX_STOP_OK;
}
Changed:
* Doesn't stop dumping when it reaches embedded ELF
* Dumps 35MB of RAM in one write call (so it takes ~1 second)
* Dumps are saved in /dev_hdd0/RAMDUMP-##.BIN where ## is from 00 to 99 for 100 sequential dumps
* Doesn't really require the original sprx, since loading never succeeds anyway
* Tested: dumps mM, Beyond Good&Evil HD PSN...
* Rebuilding the original 'elf' takes few minutes if you know what you're doing
Still it's not possible to dump those elfs on 4.20 DEX. Blackscreen, some hdd blinking but no files whatsoever, be it on real disc games or hdd emulated games.
Originally Posted by PatrickBatman
OK, who am I kidding, I didn't want to sound stupid if someone didn't agree.
Reply With Quote
