From 478787c9acc95fae6ab18538b7c935539c4b8617 Mon Sep 17 00:00:00 2001 From: CTurt Date: Sun, 19 Jul 2020 15:23:20 +0100 Subject: [PATCH] Move payloads to same place --- PAYLOADS/3.03/build.sh | 20 --- PAYLOADS/3.03/crt0.S | 54 ------- PAYLOADS/3.03/fullpayload.bin | Bin 120 -> 0 bytes PAYLOADS/3.03/payload.bin | Bin 952 -> 0 bytes PAYLOADS/3.03/payload.c | 141 ------------------ PAYLOADS/3.03/payload.elf | Bin 5382 -> 0 bytes PAYLOADS/3.04/build.sh | 21 --- PAYLOADS/3.04/crt0.S | 62 -------- PAYLOADS/3.04/fullpayload.bin | Bin 684 -> 0 bytes PAYLOADS/3.04/fullpayload.elf | Bin 3319 -> 0 bytes PAYLOADS/3.04/payload.bin | Bin 952 -> 0 bytes PAYLOADS/3.04/payload.c | 141 ------------------ PAYLOADS/3.04/payload.elf | Bin 5382 -> 0 bytes .../All PS2 slims (3.10 + 3.11)/payload.bin | Bin 1208 -> 0 bytes .../All PS2 slims (3.10 + 3.11)/payload.elf | Bin 5988 -> 0 bytes .../build.sh | 14 ++ .../{All PS2 slims (3.10 + 3.11) => }/crt0.S | 0 PAYLOADS/crt0_3.03.bin | Bin 0 -> 112 bytes .../{3.03/fullpayload.elf => crt0_3.03.elf} | Bin 6219 -> 6211 bytes .../crt0_3.04J.bin | Bin .../crt0_3.04J.elf | Bin PAYLOADS/crt0_3.04M.bin | Bin 0 -> 112 bytes PAYLOADS/crt0_3.04M.elf | Bin 0 -> 2703 bytes .../crt0_3.10.bin | Bin .../crt0_3.10.elf | Bin .../crt0_3.11.bin | Bin .../crt0_3.11.elf | Bin .../{All PS2 slims (3.10 + 3.11) => }/jump.S | 0 .../jump.bin | Bin .../jump.elf | Bin PAYLOADS/payload.bin | Bin 0 -> 1160 bytes .../payload.c | 14 +- PAYLOADS/payload.elf | Bin 0 -> 5940 bytes 33 files changed, 27 insertions(+), 440 deletions(-) delete mode 100644 PAYLOADS/3.03/build.sh delete mode 100644 PAYLOADS/3.03/crt0.S delete mode 100644 PAYLOADS/3.03/fullpayload.bin delete mode 100644 PAYLOADS/3.03/payload.bin delete mode 100644 PAYLOADS/3.03/payload.c delete mode 100644 PAYLOADS/3.03/payload.elf delete mode 100644 PAYLOADS/3.04/build.sh delete mode 100644 PAYLOADS/3.04/crt0.S delete mode 100644 PAYLOADS/3.04/fullpayload.bin delete mode 100644 PAYLOADS/3.04/fullpayload.elf delete mode 100644 PAYLOADS/3.04/payload.bin delete mode 100644 PAYLOADS/3.04/payload.c delete mode 100644 PAYLOADS/3.04/payload.elf delete mode 100644 PAYLOADS/All PS2 slims (3.10 + 3.11)/payload.bin delete mode 100644 PAYLOADS/All PS2 slims (3.10 + 3.11)/payload.elf rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/build.sh (71%) rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/crt0.S (100%) create mode 100644 PAYLOADS/crt0_3.03.bin rename PAYLOADS/{3.03/fullpayload.elf => crt0_3.03.elf} (61%) rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/crt0_3.04J.bin (100%) rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/crt0_3.04J.elf (100%) create mode 100644 PAYLOADS/crt0_3.04M.bin create mode 100644 PAYLOADS/crt0_3.04M.elf rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/crt0_3.10.bin (100%) rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/crt0_3.10.elf (100%) rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/crt0_3.11.bin (100%) rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/crt0_3.11.elf (100%) rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/jump.S (100%) rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/jump.bin (100%) rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/jump.elf (100%) create mode 100644 PAYLOADS/payload.bin rename PAYLOADS/{All PS2 slims (3.10 + 3.11) => }/payload.c (92%) create mode 100644 PAYLOADS/payload.elf diff --git a/PAYLOADS/3.03/build.sh b/PAYLOADS/3.03/build.sh deleted file mode 100644 index 2e49dcc..0000000 --- a/PAYLOADS/3.03/build.sh +++ /dev/null @@ -1,20 +0,0 @@ -echo "Building payload" - -ee-gcc -Ttext=0x01FFF800 payload.c -o payload.elf -nostartfiles -nostdlib -ffreestanding -Os -Wl,-z,max-page-size=0x1 # 2048 -ee-objcopy -O binary payload.elf payload.bin -Wl,-z,max-page-size=0x1 - -ENTRY=`ee-objdump -t payload.elf | grep " _start"` -echo $ENTRY - -# Doesn't seem to work on MinGW toolchain, so set manually if you're using that: -#ENTRY=0x`grep -o "^\S*" <<< $ENTRY` -ENTRY=0x01fff9a8 - -echo $ENTRY -echo "Building crt0" - -ee-gcc -Ttext=0x015FFF34 -DENTRY=$ENTRY crt0.S -o fullpayload.elf -nostartfiles -nostdlib -ffreestanding -Wl,-z,max-page-size=0x1 -ee-objcopy -O binary fullpayload.elf fullpayload.bin -Wl,-z,max-page-size=0x1 - -# todo make all this hex editing automatic -echo "Done. fullpayload.bin at 0x0e8c, and payload.bin at 0x3000" diff --git a/PAYLOADS/3.03/crt0.S b/PAYLOADS/3.03/crt0.S deleted file mode 100644 index b6f159b..0000000 --- a/PAYLOADS/3.03/crt0.S +++ /dev/null @@ -1,54 +0,0 @@ -.set noreorder # If we're writing assembly, why would we want this? - -.section .text.startup - -.equ getBufferInternal, 0x262360 -.equ payload, (0x2000000 - 0x800) # End of RAM - -.global _start -_start: - #la $a0, 0x7f - #la $v1, 0x01 - #syscall 0x01 # ResetEE - - #la $a0, relo - la $a0, load - la $a1, 0 - la $a2, 0 - la $a3, 0 - -.global ExecPS2 -ExecPS2: - la $v1, 7 - syscall 7 # ExecPS2 - -load: - la $a0, 0 - la $a1, 0 # 0 = VIDEO_TS.IFO, 1 = VTS_01_0.IFO - la $a2, 0x3000 / 0x800 # lba offset in file - la $a3, payload # Destination - la $t0, 0x800 / 0x800 # Count - la $t1, 0 - la $v0, getBufferInternal - jalr $v0 - nop - -#relo: - # Relocate payload to end of RAM -# la $a0, (0x2000000 - 1024) -# la $a1, payload -# la $a2, 2048 -# la $v0, memcpy -# jalr $v0 - -boot: - la $v1, 0x64; la $a0, 0; syscall 0x64 # FlushCache data writeback - la $v1, 0x64; la $a0, 2; syscall 0x64 # FlushCache instruction invalidate - - # Point stack to end of scratchpad RAM - la $sp, 0x70004000 - - # Execute from relocated place - la $v0, ENTRY - j $v0 - nop diff --git a/PAYLOADS/3.03/fullpayload.bin b/PAYLOADS/3.03/fullpayload.bin deleted file mode 100644 index 63e78268dbc9a3094c80ad6bbcfda222848cf7b8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 120 zcmYdbWU&eO-=f06zzW1{K+LYf&cLj4hLHgXSis_JK=J>K>^2NPo|`Z-Z~(>^GHJ2Oi(sMfvgRK!(Q|Mj7&Bwema?OFhJA;04l5!EdT%j diff --git a/PAYLOADS/3.03/payload.bin b/PAYLOADS/3.03/payload.bin deleted file mode 100644 index 179afd102c65b66576c42b4998370ef987e02264..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 952 zcmd5)J#Q015Pi4jk4;Fiu_Ba+g1z`;8=RF6%Y}tf95_J~QE-HiC@7*px*%l!09FzS zS58ue@A8PwdPSD4S8VARZ#D=Z-Nlr<86Nq zIBnWMUNwamtcby;0M|lZp7UyZBEeG4ppr@OGYFLlAw0D*%n?6xoI*3ly}5Q!5h%c! zU(I{fvF|#m^YorDrN~YFd@zv@nu4^%q&X&yG0hQ^#+dZS?8U0=75}VfkNP=n z&x(I@Mz;i{@V!#k&8r5=)7LSsZVR4~`Aj>+5!LdH+V+Yj0N&xi3Z(o#URhHDx*(6f zMs9?z^-23tWvHFKp)Nk()vBYrQr``6Sga!BpW*&gzkxUVxA1x=oXjBq<+01$Nlr)Z z1_t}%7Ydv|uVw}BgN7>Hp - -// Pick one -#define LOAD_FROM_VTS_02_0_IFO -//#define LOAD_FROM_SECTOR_RELATIVE_TO_VIDEO_TS_IFO (151 - 138 - 7) - -#define min(a, b) (((a) < (b)) ? (a) : (b)) - -#define pointToIFO ((void (*)(unsigned int index, unsigned int lba, unsigned int offset))0x2432c8) -#define getDiscData ((void (*)(unsigned int s, void *d))0x243438) - -#define SifIopReset ((int (*)(char *, int))0x291fb8) -#define SifIopSync ((int (*)(void))0x292138) -#define SifInitRpc ((void (*)(int))0x2082a0) -#define SifExitRpc ((void (*)(void))0x208440) - -#define getBufferInternal ((int (*)(void *filename, int type, int currentSector, void *dest, unsigned int sectorsRemaining, int curReadPos))0x262360) - -#define ELF_PT_LOAD 1 - -typedef unsigned char u8; -typedef unsigned short u16; -typedef unsigned int u32; - -typedef struct { - u8 ident[16]; - u16 type; - u16 machine; - u32 version; - u32 entry; - u32 phoff; - u32 shoff; - u32 flags; - u16 ehsize; - u16 phentsize; - u16 phnum; - u16 shentsize; - u16 shnum; - u16 shstrndx; -} elf_header_t; - -typedef struct { - u32 type; - u32 offset; - void *vaddr; - u32 paddr; - u32 filesz; - u32 memsz; - u32 flags; - u32 align; -} elf_pheader_t; - -__attribute__((noreturn)) void ExecPS2(void *entry, void *gp, int argc, char **argv) { - asm volatile("la $v1, 7; syscall 7"); - //__builtin_unreachable(); -} - -void *memcpy_(void *dest, void *src, size_t n) { - int i; - for(i = 0; i < n; i++) ((unsigned char *)dest)[i] = ((unsigned char *)src)[i]; - return dest; -} - -void *memset(void *dest, int c, size_t n) { - int i; - for(i = 0; i < n; i++) ((unsigned char *)dest)[i] = c; - return dest; -} - -static void readData(void *dest, unsigned int offset, size_t n) { - unsigned char buffer[0x800]; - - unsigned int copied = 0; - #define remaining (n - copied) - - if(offset % 0x800) { - getBufferInternal("", 1, offset / 0x800, buffer, 1, 0); - memcpy_(dest, buffer + offset % 0x800, min(0x800 - (offset % 0x800), n)); - copied += min(0x800 - (offset % 0x800), n); - } - - if(remaining >= 0x800) { - getBufferInternal("", 1, (offset + copied) / 0x800, dest + copied, remaining / 0x800, 0); - copied += (remaining / 0x800) * 0x800; - } - - if(remaining > 0) { - getBufferInternal("", 1, (offset + copied) / 0x800, buffer, 1, 0); - memcpy_(dest + copied, buffer, remaining); - } -} - -__attribute__((noreturn)) void _start(void) { - //Exit(0); - //asm volatile("la $v1, 0x04; la $a0, 0; syscall 0x04"); - - int i; - - #ifdef LOAD_FROM_VTS_02_0_IFO - // point to VTS_02_0.IFO - pointToIFO(2, 0, 0); - - // Force a read from VTS_02_0.IFO - char head[64]; - getDiscData(64, &head); - - #define RELATIVE_SECTOR 0 - #else - #define RELATIVE_SECTOR LOAD_FROM_SECTOR_RELATIVE_TO_VIDEO_TS_IFO - #endif - - // Based on https://github.com/AKuHAK/uLaunchELF/blob/master/loader/loader.c - elf_header_t eh; - readData(&eh, RELATIVE_SECTOR * 0x800, sizeof(elf_header_t)); - - elf_pheader_t eph[eh.phnum]; - readData(&eph, RELATIVE_SECTOR * 0x800 + eh.phoff, sizeof(elf_pheader_t) * eh.phnum); - - for (i = 0; i < eh.phnum; i++) { - if (eph[i].type != ELF_PT_LOAD) - continue; - - readData(eph[i].vaddr, RELATIVE_SECTOR * 0x800 + eph[i].offset, eph[i].filesz); - if(eph[i].memsz > eph[i].filesz) memset(eph[i].vaddr + eph[i].filesz, 0, eph[i].memsz - eph[i].filesz); - } - - asm volatile("la $v1, 0x64; la $a0, 0; syscall 0x64"); // FlushCache data writeback - asm volatile("la $v1, 0x64; la $a0, 2; syscall 0x64"); // FlushCache instruction invalidate - - //while(!SifIopReset("", 0)); - //while(!SifIopSync()); - - //while(!SifIopReset("rom0:UDNL rom0:EELOADCNF", 0)); - SifIopReset("rom0:UDNL rom0:EELOADCNF", 0); - while(!SifIopSync()); - - SifInitRpc(0); - SifExitRpc(); - - ExecPS2((void *)eh.entry, 0, 0, 0); -} diff --git a/PAYLOADS/3.03/payload.elf b/PAYLOADS/3.03/payload.elf deleted file mode 100644 index e7881054b9a5ea95ead17408e7629995c8cd8b15..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5382 zcmeHLO>9(E6h8Cbw4Fl5N38}zv~TEy4wN?zr6HBnWNN2nkXnmK0?{~3J5#LbAMKbx zSTF)nR;9SX<;0CF$DaioWYSc_f`v;H7bV81%MznPNO*qVyYF_U0~%eJu;@wOJLkLS zoO{nb_q==W^j!boKp+qhO@@So=-PcZ&;?$$L;{JA?Jlv=9+ge9(bIeOD{esWT;C|d zr-6;IU#Im9tY=_71M3-B&%k;Hp6m=Xh#9$!13x5pOh)P?3et#E-{}?!Tc1hTZh*FL zAt1j*I;@{zaiMtMO|;OKK8_`U25rCPBis$NU9R|Gja@;Cf8JQn-gmUBrner1aooWVgt3 z&LxpH>y#0WA2t@x8$w?Ry|O#peZ}x>;j`FT@7Zsagykf}2wR7h4&!r-jdH4)ebaZb z(~un!=sD3A?rOYedwya2is3|yX7J&;rndMg1F&Et5e0!+@O~T+q%2_wrJT*$WnWk)JL|lfA~+x zw^!emZ!RY`*Gt>4pPC%o)7eFHLKd%XK;AeHr%*(FnDYTKB3os|3do)v)bFyk8>|Og ztQ}d@l3>iHts;~eCuQcAW9>vN*IQLA7S@osJFGCrK)rZl;pOq5)XiH`KhJnV5`=8d zw}>&{7Vnb|Yebe|&wi=f44bfhL4H8K7#D7yloNU#Kp>3%;hmzy39HkKNpN) zc6u_t|7db((DtPM{=wIKlYK)2)ICvjps#Pg9X&8~bf>*H)*0K2;2xT-cWPrSo)x2U zrnXh#IvAXRK*5YdHEig_y6D~kp=K>aBKu}%jee9BHRR8z)94(AP+p|^}Mut zdTql6=7yv3V_c-xCkZ3Q{9k+~V9(zr%BQuk0s(N9PK4xfdNdCGUuAY>lw;yk1Lt^O+nrUo@D#5l2Ou>f&P!~3Y8>w|Fo|Vp5SyJ=e9mVhb8`~o zD?R45q)*OBI(dAk_qBt4>A{0ThoJEK^1Du_VeHHP=sKu$PW6zR%EF0#>M#)y@}%eA z$vJ^o*N>9QhMv3jS!?Il2>MK7@mUG=Flc(<1}^@tF#GoK9||`Em#Fvcw*XtfOTQ_- z?dy|1ZU??jdmlSKUh@4p2ln@Yk6!}jx7>SI_4hI`N#jEVh_~0X7kL9v*9hZ34$SeC zy+{sN*BnHg10eXbW@*nguGqWo*&19}gGD|B*0n9Mxigdb%m{dXR`GYWq{>DY$={Sp zY;<~ZGB<_Fn$4XYpBkH%*km?0^8QK9W4X-8_&$C=|CacTajm(IoF@(qY0@7Enu2Tx zh4Ii1w+V0kEEI|jSrgnm+KD&q*ag?AqzlT^Djmfa@%VO@w$pu3ujPHdjQ%X}GV* zpwo75`SxHQz3J7HMwOU0qp2$WLc8}WW~;GtY_5f-6-=UpMjlr@dN?kJ;GS09U$I4G z3~ie9d^KLfSq~u7AC=#&!fIr$o5E^@3RVf=Iw-x`TPoPAHmW=_S9f5I_3CS^cV>+@ zD8YZ5l^xq_F>7`>6Io#(JTrJ!7(nbn$BX-uFz?()*nuT?-DfHIMBGN%&j+sdvI~&= z2+x>i;61>4ezfO4#C;?RPJI%b{#+B{LGWsO)=@P+R)gOG=03u2oBmZt&;NLS`~`PH Bn2P`a diff --git a/PAYLOADS/3.04/build.sh b/PAYLOADS/3.04/build.sh deleted file mode 100644 index a0c0843..0000000 --- a/PAYLOADS/3.04/build.sh +++ /dev/null @@ -1,21 +0,0 @@ -echo "Building payload" - -ee-gcc -Ttext=0x01FFF800 payload.c -o payload.elf -nostartfiles -nostdlib -ffreestanding -Os -Wl,-z,max-page-size=0x1 # 2048 -ee-objcopy -O binary payload.elf payload.bin -Wl,-z,max-page-size=0x1 - -ENTRY=`ee-objdump -t payload.elf | grep " _start"` -echo $ENTRY - -# Doesn't seem to work on MinGW toolchain, so set manually if you're using that: -#ENTRY=0x`grep -o "^\S*" <<< $ENTRY` -ENTRY=0x01fff9a8 - -echo $ENTRY -echo "Building crt0" - -ee-gcc -Ttext=0x01800180 -DENTRY=$ENTRY crt0.S -o fullpayload.elf -nostartfiles -nostdlib -ffreestanding -Wl,-z,max-page-size=0x1 -ee-objcopy -O binary fullpayload.elf fullpayload.bin -Wl,-z,max-page-size=0x1 - -# todo make all this hex editing automatic -#echo "Done. Insert fullpayload.bin into VIDEO_TS.IFO at offset 0x2954" -echo "Done. fullpayload.bin at 0x2d00, and payload.bin at 0x3000" diff --git a/PAYLOADS/3.04/crt0.S b/PAYLOADS/3.04/crt0.S deleted file mode 100644 index 5fc0964..0000000 --- a/PAYLOADS/3.04/crt0.S +++ /dev/null @@ -1,62 +0,0 @@ -.set noreorder # If we're writing assembly, why would we want this? - -.section .text.startup - -.equ getBufferInternal, 0x261548 -.equ payload, (0x2000000 - 0x800) # End of RAM - -.global _start -_start: - #la $a0, 0x7f - #la $v1, 0x01 - #syscall 0x01 # ResetEE - - #la $a0, relo - la $a0, load - la $a1, 0 - la $a2, 0 - la $a3, 0 - -.global ExecPS2 -ExecPS2: - la $v1, 7 - syscall 7 # ExecPS2 - -load: - la $a0, 0 - la $a1, 0 # 0 = VIDEO_TS.IFO, 1 = VTS_01_0.IFO - la $a2, 0x3000 / 0x800 # lba offset in file - la $a3, payload # Destination - la $t0, 0x800 / 0x800 # Count - la $t1, 0 - la $v0, getBufferInternal - jalr $v0 - nop - -#relo: - # Relocate payload to end of RAM -# la $a0, (0x2000000 - 1024) -# la $a1, payload -# la $a2, 2048 -# la $v0, memcpy -# jalr $v0 - -boot: - la $v1, 0x64; la $a0, 0; syscall 0x64 # FlushCache data writeback - la $v1, 0x64; la $a0, 2; syscall 0x64 # FlushCache instruction invalidate - - # Point stack to end of scratchpad RAM - la $sp, 0x70004000 - - # Execute from relocated place - la $v0, ENTRY - j $v0 - nop - -.space (_start + 0x2faa - 0x2d00) - . -fpIndex: - .byte 0x96 - .byte 0x08 - -#.space (_start + 0x3000 - 0x2d00) - . -#.incbin "payload.bin" diff --git a/PAYLOADS/3.04/fullpayload.bin b/PAYLOADS/3.04/fullpayload.bin deleted file mode 100644 index 3d5aba16383a7e4f6ed3c9701df67ee0a9c1c5b4..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 684 zcmZo*WU-mU*rLL~zzW1{K+LYf&cLj4hLHgXSis_JK=J>K>^2NPo|`Z-Z~(>^GHJ2Oi(sMfvgRK!(Q|Mj7&Bwema?OFhJCUHH{LZAwYBp HOyd9mT3Qkl diff --git a/PAYLOADS/3.04/fullpayload.elf b/PAYLOADS/3.04/fullpayload.elf deleted file mode 100644 index 345fc1b3d42ef24da67267ae5ab9cdcf23836a75..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 3319 zcmeHJ&udgy6h3#}m`Nniu_9JVVU(##sSl9>DIGP5Q6|I&Q4|DWn900}1DQ9&%nKx| zJ|&xi3n^_W=)$FoEL?QajnG9FE?l_u4-mR-@COlu=l9+F?##<8N)W+K4!nELcg}au zJNL)C_x*hC!g-~XSjot!5QQpKCFr-KB5LB-LP-knAC=vb({aNOK@HVfR)kNE&b*22 zwA-73P-V;a)M`;=7oHJ3xnfS7;uF0jS?wQzKT^4}Z2ntPG78^V@vvmdm3>pCvCRqn zq6YeiWQ*emL}+JXTe{zrW#ZAvNM*_o-b|H7#qhUR-41JK2J8&{fs^3#%3DVsrYpF= z8mh5w+Pf8h0a)BM^f@q}0bhiE4jn?5MnvfUE7rGhn0*QSC$#<)Vb9(XoQ_7OHloP- zY43%*vhT3a{+5)@NYOq9^Kmv*xBiQw6R=;#_DR@RbH;D;RN%AuXOD}V0j4mI^;b}X z^^;@!l4Jdqe{{EDGv5o2yO*V0UurD|$6EerS@43XrDoIX&G>=W^J|OJt*tC}Y7Nm% zz0(P#*`4tl-m;YEJMDJOZxj|=zIPf~-N0K8#BKR4v`r{+8?~S&Zm(l>KUVdAUtBiT zruI}9x>B9KHaGdx%-QONnYmd6bgpVYsPzJ=RzZ&KbIacR#mgt8>Y1*d-vFD*^xb5~ zZO1$|9PR%s%jNneg?F5t*Es~3Bh9gV=1Ar#*Z?&1*gBYJ9MAjmWDt8_9)xs^9FZtu z%iPo0JH*(U@_jZ`tFH{^do+G+F!$>k<1zoM7_YxD@j{HJV|>K&W6ZtE{_Amn?pNZQ zG5!IV-`gbi8tXX)OtE+tHtU_#e345rw*9XGGoRs$c)-7bZ{zJP@hA#XcqNJ5{z^Nj z)y3@xJ)>_}%WTi|9&~%&Ld$P<#BDdc`qBcDZBxDmk88&H=lDW^HM2-MLsqvU2cgO1 z+H;)zCrS!q6wW*M9eDW<@wgr_?}PccPN=O5rG@Y1+FM~6eD{xdaNG@e>j=C|Y*fqJ z175-{f1`-A@L93rpiWGK+}@3%?bc&*G#uv(0)8i}S^} z6Tf+gO~pgZw-3eP$P?n|)f_q;^Y=P%ID?bexEzckS!Y%@24^xE#QO)m4Nmh9A6ckYiT@W&V04s@v zD<`Q!d7_~;AFYXH1(bq<5{cq~0x0PKMPivb2L<>ATyZzM^Jdy-w% zG?eqy=vrj!od}`x+`#D?9kpPxjVeTHCUBk^3yv?HCq_T)qv7luJrC-g_H_`Vd$i?G z0cUj^@MKfC!IBtk2yiW&D^qT5S0q@f8B{X~zJO5b5WU` znfWvB^vHLW)VXR`=yGJIe%>GRf~FuXF=>uTV@z|zq%kJ_F?+G%^h$r$vq$}$#76_^ zwkO5EIjvd(j_}=b*Y;!sm5J*ZmA3@X$b7mT;*e^2MrC>>9RP2zZv;|)A1{n916`0u zUn4t0*LbA;Fdk}WZ>WpUceM}4cjdkv;-EB*jDL>%Q~f$#?cK!7?QlE;@5>{bxs#lV z>~#$GM#(pxL$@N@54&SQ_yw#=3m1!=zaS?C?}LIYuF)=mIL8VA$E=fM_LjNMla}Sv zLoJg2A)nvohiB%XeMz|Jm3&i3cO)_$*5e>WvE9i-biAOBid;oZc<#%&al*K26Yt0` z)}^TT%Es~B3g9!gPPo|1WgKktp5xdH)^P9co#4`q*~JBwM00Zs*DlZ27q4>ee|mla DGakHu diff --git a/PAYLOADS/3.04/payload.c b/PAYLOADS/3.04/payload.c deleted file mode 100644 index 3a88fb9..0000000 --- a/PAYLOADS/3.04/payload.c +++ /dev/null @@ -1,141 +0,0 @@ -#include - -// Pick one -#define LOAD_FROM_VTS_02_0_IFO -//#define LOAD_FROM_SECTOR_RELATIVE_TO_VIDEO_TS_IFO (151 - 138 - 7) - -#define min(a, b) (((a) < (b)) ? (a) : (b)) - -#define pointToIFO ((void (*)(unsigned int index, unsigned int lba, unsigned int offset))0x23dfc8) -#define getDiscData ((void (*)(unsigned int s, void *d))0x23e138) - -#define SifIopReset ((int (*)(char *, int))0x291358) -#define SifIopSync ((int (*)(void))0x2914d8) -#define SifInitRpc ((void (*)(int))0x208260) -#define SifExitRpc ((void (*)(void))0x208400) - -#define getBufferInternal ((int (*)(void *filename, int type, int currentSector, void *dest, unsigned int sectorsRemaining, int curReadPos))0x261548) - -#define ELF_PT_LOAD 1 - -typedef unsigned char u8; -typedef unsigned short u16; -typedef unsigned int u32; - -typedef struct { - u8 ident[16]; - u16 type; - u16 machine; - u32 version; - u32 entry; - u32 phoff; - u32 shoff; - u32 flags; - u16 ehsize; - u16 phentsize; - u16 phnum; - u16 shentsize; - u16 shnum; - u16 shstrndx; -} elf_header_t; - -typedef struct { - u32 type; - u32 offset; - void *vaddr; - u32 paddr; - u32 filesz; - u32 memsz; - u32 flags; - u32 align; -} elf_pheader_t; - -__attribute__((noreturn)) void ExecPS2(void *entry, void *gp, int argc, char **argv) { - asm volatile("la $v1, 7; syscall 7"); - //__builtin_unreachable(); -} - -void *memcpy_(void *dest, void *src, size_t n) { - int i; - for(i = 0; i < n; i++) ((unsigned char *)dest)[i] = ((unsigned char *)src)[i]; - return dest; -} - -void *memset(void *dest, int c, size_t n) { - int i; - for(i = 0; i < n; i++) ((unsigned char *)dest)[i] = c; - return dest; -} - -static void readData(void *dest, unsigned int offset, size_t n) { - unsigned char buffer[0x800]; - - unsigned int copied = 0; - #define remaining (n - copied) - - if(offset % 0x800) { - getBufferInternal("", 1, offset / 0x800, buffer, 1, 0); - memcpy_(dest, buffer + offset % 0x800, min(0x800 - (offset % 0x800), n)); - copied += min(0x800 - (offset % 0x800), n); - } - - if(remaining >= 0x800) { - getBufferInternal("", 1, (offset + copied) / 0x800, dest + copied, remaining / 0x800, 0); - copied += (remaining / 0x800) * 0x800; - } - - if(remaining > 0) { - getBufferInternal("", 1, (offset + copied) / 0x800, buffer, 1, 0); - memcpy_(dest + copied, buffer, remaining); - } -} - -__attribute__((noreturn)) void _start(void) { - //Exit(0); - //asm volatile("la $v1, 0x04; la $a0, 0; syscall 0x04"); - - int i; - - #ifdef LOAD_FROM_VTS_02_0_IFO - // point to VTS_02_0.IFO - pointToIFO(2, 0, 0); - - // Force a read from VTS_02_0.IFO - char head[64]; - getDiscData(64, &head); - - #define RELATIVE_SECTOR 0 - #else - #define RELATIVE_SECTOR LOAD_FROM_SECTOR_RELATIVE_TO_VIDEO_TS_IFO - #endif - - // Based on https://github.com/AKuHAK/uLaunchELF/blob/master/loader/loader.c - elf_header_t eh; - readData(&eh, RELATIVE_SECTOR * 0x800, sizeof(elf_header_t)); - - elf_pheader_t eph[eh.phnum]; - readData(&eph, RELATIVE_SECTOR * 0x800 + eh.phoff, sizeof(elf_pheader_t) * eh.phnum); - - for (i = 0; i < eh.phnum; i++) { - if (eph[i].type != ELF_PT_LOAD) - continue; - - readData(eph[i].vaddr, RELATIVE_SECTOR * 0x800 + eph[i].offset, eph[i].filesz); - if(eph[i].memsz > eph[i].filesz) memset(eph[i].vaddr + eph[i].filesz, 0, eph[i].memsz - eph[i].filesz); - } - - asm volatile("la $v1, 0x64; la $a0, 0; syscall 0x64"); // FlushCache data writeback - asm volatile("la $v1, 0x64; la $a0, 2; syscall 0x64"); // FlushCache instruction invalidate - - //while(!SifIopReset("", 0)); - //while(!SifIopSync()); - - //while(!SifIopReset("rom0:UDNL rom0:EELOADCNF", 0)); - SifIopReset("rom0:UDNL rom0:EELOADCNF", 0); - while(!SifIopSync()); - - SifInitRpc(0); - SifExitRpc(); - - ExecPS2((void *)eh.entry, 0, 0, 0); -} diff --git a/PAYLOADS/3.04/payload.elf b/PAYLOADS/3.04/payload.elf deleted file mode 100644 index fab2abb4f7af3d54c624cea2bf572a0a46d62787..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5382 zcmeHLO>9(E6h8Cbw4Fl5M=1tElsD~!7Rnok(vV7OGPTn(NUcRAfoL42?G$S|ZE42@ z!h#A!S(V}jmlHR#9Df#UkV#Vw3l=U(TnrkcE=!CGA>sLb@4nla4rp{?!lEaA@0{k6=lXgP zK6Pw_{Ti)hU@Ze{8Cc7}S_alK@N{ROPRz({9QYx*Ycf(NJ}31!^_?z}u=SaQ?K)_C z7XtE2q}}=%78mjl+;|gh>El=usMGdaKEmBV+hy_(SJ}-;{?8k&i;Xp6hrV!~uDt0i zZ%9T*Tb@FrK)(v%t5$ukIzQn~M6tO~|yUr&?84BHWoh0rdQWJ4vaVb2!7}+iI zoO4N}#X4n#V~35!^M=q@La*!&cU>_&Tlg$?)Oz+?C2l!!F~ZhirNj6fW4)YeWZ(2% z>@Z}91iF)(!=3f_ZO<=kUoo7vycv9SuAwD%%0Mh7#9Ts*CCsCQ7)yx1#9W*R-Ds`! zXO4=Emi*|76~5GLRO=jj4%aOs5^gJ)E!L2aan5Zl-kHP_7DFF z`S$AD^3CP=##(9l^;45$dpbLBPRQcbb;uj%;mqYxALe{OjL23QwgR$e2lczGW`p%$ zi?w4EwImp`VXFvb#z~pEo<#3pKXp$P9q8@dZ?_#7Ji61~8|{ehMR1SI?RTqV%%2sb ze!99<;To_+g9!d4`ApdcS9!Su%=>?EgUAAS7dSQox#e@~SrKjmP2eQzT#yHz@Ooah zdwOld1?GmM@e^F6+9v@c#{6G=CScFsCCX>}+%g2f6*>`;$Huva$<)I_`IyCOpS#e# zP&FUUpLD1w_=NcIr0;ZQWavnT zWHZ^3=`$(v*-TDmGU?GoI+vEzY%V>MgG)4*Ih~W}_~ba=V_*^;r9pINO7U5r4bRR> zl&{p7*OEFpEvdxu!JgL+_NE374jzKS>&x#tm4dM^`=jfiQW@1lW^xox>{Ew{fRHCW z{|?Rx#JYZ*R5tY7wa;ohzedn!0*lW|sD(kpLpN~ocZJ!vhyPHx5x79TZ@&fD0$%z} z>1|)1@Np~fb=v#b@$r)H&pEKa4}AO*Fu&!Vd#b;efk_%4B0#)7p1sH$fVxH)|8ZcB zr|d;Cz`Euj;v4|MpEXN+u5sDkbQ>&%sc;| zQc3KC)QyKe9QU8>dZ5=n5WWA;utqg$-K%IoPOz&ex{YyJyPB96+8)7!FK5N>C)iEv zq(P_c-tz6iJbKfsCymN6ZA4Q=`h|AymCaUS=h$2eP0N@>0gXJac=T{w4#7RGvcG(j z$Qar*>G^8BinAU-ravmbTZPrgTsMW)2xY7iz;#f1wYQY9S8Y^zWUlPM8tc{9Sntdl zuTz5mHp@G<*J4)fa3-?CKzL^GtT2GsgN_&XCt=>XkFWzv?zx*O_(a@7+0O^A_Oc6* z`v}jNM&LcbdVaL$KE!>b4V?M}IQ_XM!~@`!_N=2ye5?w;1I&Gd-!}a#j-LPV{P+vO CtC<)8 diff --git a/PAYLOADS/All PS2 slims (3.10 + 3.11)/payload.bin b/PAYLOADS/All PS2 slims (3.10 + 3.11)/payload.bin deleted file mode 100644 index a4598378a5e571b735569f17ebcd3fef17b585a8..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 1208 zcmd5)L2naB6#jPBv4@Dm5CsSVsk?ZI4auM-8lD@CR5C z0}-SSoZ!&Isw%2_vS};zlww(wwrUSOazQo{BETt}01>ggXD2G{FJPrv&Aj)$?|tu^ z$-wshwg8E?4f=E#VFMaUj{>gx9yDS z`g4z7%=R&NbEI4EN0$~iyzcgJotr}EV>|Wk;>N5$D@aF+^tMP}i)Lt%z7}b3u@9%^ zQf|GLy=n9*JV~J3`JLj!IHd5hss!ysVrXCrZoY2!s@fX$cTq;@04O$}j z2frrmUkav;dr1R#lRE0jSFnTNoASae&M3VS+a=2mW*~ymPYMhDD4SC#s$FzGz_ITN z3&pkb0L`a;vI;4W=hS(+bMkSR;-p|L*04j|&l#k>?W~C~=kVaxG=5tQH>Ht%_N~o& zJ2@w|&!Ks%m;B|qbrjP(va1$^x0SS6*f+@eJ!+@mcjG_}o~1Vj>a}qjz5oM+Hf>i z^P@^_M|8R7L|1BFbhVa`=4(F?FKb-qmBcHFR}!xz-sq2lS^2YU;wu%?p15PwB=H_x zHZQ1773Kac-BXq{4U(q+*S1>)Q+ixBF9~~kbH#XTo@fWif8Y;<2u|YuqFOC@5q{6{ z>=xZ2X!Z!r8tc1o{!9PU<6}pUIGx@2_>qZ&W5uI~ILBZ4Y$rZ_;_%q`#LTg&=@ZAM SX8e&EfA8T#6J5wh@qZ6ndlJh4 diff --git a/PAYLOADS/All PS2 slims (3.10 + 3.11)/payload.elf b/PAYLOADS/All PS2 slims (3.10 + 3.11)/payload.elf deleted file mode 100644 index 01537c890cb83a89682486c285d3aa59d03ac3b7..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5988 zcmeHLU2Ggz6+S!TpGg|Z#DrqhKxX4@ylFDa;!Z15E$VuA?bYRRH>WBG!_Iq<)smd)K%38c(MZs@<6C%nNma~^3aFAAiGjU0OesL1hh)j;rnLh z+FMg3c*}#2G;_{(?z!ild+xdS&h87{2YN!GkSNl`5TeT;xFHApSc^y~`9sSQ3;L)$ zC=Yn;o_);?37%`)MBc{JOr`0yY`!)#u$h6)3~Xj#GXt9$xQ{c?EPCVyE__2)b%tpt zE3!ovO}kShZ2nlnRx?`D7ejI@vd{c8EY4LwaFaV|%RaU#p=M>@dLG{f%C1e`nUC2PFl z+P(M=k;aG}Ps+l*>ByrZ57{#!ZRRO096zKjy{HNMijmqM?tEGEY|&?_qsg;xm85AW zMGKpU{5FiwF}BL77W!W5@cYLrFV1aw-yb7vy{y^Ms^0M73)|Y_r!>T|f_PUD-wNii zg7{Vt`wH`L!noe9`Z70*EvCHZiW#2St<~$r&?0SSR&1-H?Q0#7aCAZ6Y8Euki{scc zN%;f%abBi-y?sweOWc&-xU0WPIji!9yC_%P1zB)Qq9+oU3l~nwplR2tdN!mda-tvF6C*e&`WFpj*_FvfS=SQ{-XB z1e;NL^OfWB+qvZSCTaW2YdYig+N`QRDod|yMSeMNyHZ6R>9ZlxBA-EQA^GASwm)j_ z)>t=|n0tm$bAqw9eO81rW1-CT+sXJa9%HNBosL++deHYh*B|4l;48C18fQ&unq?e@ zG(gs8cZfFI7EjAQb5P!eJ$VfjQqHCC z7o6JRY3H3=SDa&iebcG@;Fe>}8IL1(^ZP63=Hr#=`JI*T&Rdn2<|CE!^U=!8{7>PR zF)F_X{2K6Uz^?(nmA6t(?e_(z`qH$sdhm*49)jPlTh8Cm&rBPSw_%;y5YrySw6X8% zO3KN;TX62c_Qa>Bok)-q+Y*V^wFfM~@8T;vKnotgq*wZ*qUUpH8Qr zw4zVoyNSdA=f}WVvd6(mY;!>#_?Xw{WS7^jY}kzluEHPFMK<=yz=$#bKYd1F&);Q! zpIwz21i&>qVaR`sa~YG_0t>&7zPPbZ4Q-#_FdxpJ^vt5*7b56=H`IekQs!KH@%j{H z==4F3ei%GMeb$#zw$clEH~1*^6TTeBAia?HLC@c(Jr{jBi=(?2vWlS>?IiC) z182@i-tSXz&W+^7Nns*?W^_D16e~#g>0%)}&>>^RvBJce9QjnSER)6jP$pl_OKz&1 zpDd$GtXw=@me@#X1n*%mi4D;pHaYI|selbmO-YQe+_0y~ot%(d=Ii}kU+qih4)pau zBNO8zrSg$+?yrH7;lA;S!$ppn8}^0>M$F~lBanTofitD`c&S1thbId3(S6z%PZrCW zk*Pw)i@fL$Un~s?^r`2Dhl`VarE+nylpn=l43UI-iHo3jFIe?7D+A#(cUweT&@T0>Pd~;1*MYNPCM4T zBGvX4D3BADlSemT$GxD4?i0HDSrxogtHz%dXO=m13vag=DPXV zA7LH)tHSm2+x>)aU3~0S8%2-wwVOdwEFZiGTW#60IXU(S3xDuU-4&n<=f zXdC1cKiMP;$a9N#XAAJxfK|TeuK>(*OZ6`Svp?gc{dd55ZmIUOz&y7Uz5vW~OW{kv d_5NQ4R_np>UI)HeXaCC$_W%7xzW=Y)e*;5XaBKho diff --git a/PAYLOADS/All PS2 slims (3.10 + 3.11)/build.sh b/PAYLOADS/build.sh similarity index 71% rename from PAYLOADS/All PS2 slims (3.10 + 3.11)/build.sh rename to PAYLOADS/build.sh index 238f677..d6afdad 100644 --- a/PAYLOADS/All PS2 slims (3.10 + 3.11)/build.sh +++ b/PAYLOADS/build.sh @@ -12,6 +12,14 @@ ENTRY=0x01fff99c echo $ENTRY +echo "Building crt0 (3.03)" +ee-gcc -Ttext=0x015FFF34 -DENTRY=$ENTRY -DGETBUFFERINTERNAL=0x262360 crt0.S -o crt0_3.03.elf -nostartfiles -nostdlib -ffreestanding -Wl,-z,max-page-size=0x1 +ee-objcopy -O binary crt0_3.03.elf crt0_3.03.bin -Wl,-z,max-page-size=0x1 + +echo "Building crt0 (3.04M)" +ee-gcc -Ttext=0x01800180 -DENTRY=$ENTRY -DGETBUFFERINTERNAL=0x261548 crt0.S -o crt0_3.04M.elf -nostartfiles -nostdlib -ffreestanding -Wl,-z,max-page-size=0x1 +ee-objcopy -O binary crt0_3.04M.elf crt0_3.04M.bin -Wl,-z,max-page-size=0x1 + echo "Building jump for 3.04J" ee-gcc -Ttext=0x012811E4 -DJUMP=0x01281340 jump.S -o jump.elf -nostartfiles -nostdlib -ffreestanding -Wl,-z,max-page-size=0x1 ee-objcopy -O binary jump.elf jump.bin -Wl,-z,max-page-size=0x1 @@ -29,8 +37,14 @@ ee-gcc -Ttext=0x01500014 -DENTRY=$ENTRY -DGETBUFFERINTERNAL=0x2952f0 crt0.S -o c ee-objcopy -O binary crt0_3.11.elf crt0_3.11.bin -Wl,-z,max-page-size=0x1 echo "Done." + +echo "For the All Slims image:" +echo "Insert crt0_3.03.bin into VIDEO_TS.IFO at offset 0x0e8c" echo "Insert jump.bin into VIDEO_TS.IFO at offset 0x2724" echo "Insert crt0_3.04J.bin into VIDEO_TS.IFO at offset 0x2880" echo "Insert crt0_3.10.bin into VIDEO_TS.IFO at offset 0x2bb4" echo "Insert crt0_3.11.bin into VIDEO_TS.IFO at offset 0x2954" echo "Insert payload.bin into VIDEO_TS.IFO at offset 0x3000" + +echo "For 3.04M only image:" +echo "Insert fullpayload.bin at 0x2d00, and payload.bin at 0x3000" diff --git a/PAYLOADS/All PS2 slims (3.10 + 3.11)/crt0.S b/PAYLOADS/crt0.S similarity index 100% rename from PAYLOADS/All PS2 slims (3.10 + 3.11)/crt0.S rename to PAYLOADS/crt0.S diff --git a/PAYLOADS/crt0_3.03.bin b/PAYLOADS/crt0_3.03.bin new file mode 100644 index 0000000000000000000000000000000000000000..b597d33219f6feb9bccc67dc5a573a3a51a5bf1e GIT binary patch literal 112 zcmYdbWU&eO-=f06zzW1{K+LYf&cLj4hLHgXSis_JK=J>K>^2NPo|`Z-aHyy;Fxez1 vJDG6)Z~&^|R7nA<2dU+eWMBZXnV@Wj0$H2?j7&Cjema?OFaXs$>@^1fzBLjd literal 0 HcmV?d00001 diff --git a/PAYLOADS/3.03/fullpayload.elf b/PAYLOADS/crt0_3.03.elf similarity index 61% rename from PAYLOADS/3.03/fullpayload.elf rename to PAYLOADS/crt0_3.03.elf index 7382ed2f13a3cb7b7318afcc1303f1b7b901839a..6747ad11af551bf7a9c71f6c8975df81f8d59bed 100644 GIT binary patch delta 526 zcmX?YaM)mi0%O8NMP=C~{0s~r%*p@+0t^g{KuQHjt1u)ms%%VT=NC|8V6sV2b~54o z;Q*B5RGD1EFC*}uk;!JxPbU)&2B4tBUh|2K4U=^QY^>%0wZZ^1kl`Z8z~BL-1Aue` zke&ggLE;iZ5c&g<1|o((LX#H>IPp3FZEgDS|GyDXC}ZM@AgLHx%+5*%9l9zz;k9>yk6`*_9?I8+sfX$ZSqn0+5z4n@V3<5x z*pX3X@?BwhMUaf+M~KNKP?a!#C5S&+R-~P=VDeHCc~)@nP5vk%KKX$N51gkAXNgZX z5ETHL>nN(uXfrtzNXkr}2qZsD-U%c(OnxY84Ym(xEHJ#7Kor t0K*3)3W_>6APIDZxIfV3TycntK{5giAOClNu0RZLEitGRY delta 524 zcmX?XaN1yk0%OKRMP=DF{0s~r%*p@+0t^g{KuQNl>o6oR>TFD8=NDmM;8am#V6sV2 zb~54o;Q&&{Fu8(XhM&Px^=+D!Fp{>L-6eEt8Q zf#Lsu9-uIo{|&+i=>)m81*ioiF9GEr`3&JJK>03EzB)`jl&=d@57iH{7Gz!{ly3?2 z>||j_MxDu5h2<4NGL9c1CYL}}!uXXS{$x>+cE*ayb4BD?!67*LpolV@B|b@%2g(r? zRR8$(=y*$K;Jba>wMGqSj!mfF=TiiU~x49R;G9!GQ;|%2e#UU=1*6 qK%$_Ca|4n<2Z;LvO->buI2I%$!0_>Z2S^U+co@GI#GkxWd>#PfOo#>m diff --git a/PAYLOADS/All PS2 slims (3.10 + 3.11)/crt0_3.04J.bin b/PAYLOADS/crt0_3.04J.bin similarity index 100% rename from PAYLOADS/All PS2 slims (3.10 + 3.11)/crt0_3.04J.bin rename to PAYLOADS/crt0_3.04J.bin diff --git a/PAYLOADS/All PS2 slims (3.10 + 3.11)/crt0_3.04J.elf b/PAYLOADS/crt0_3.04J.elf similarity index 100% rename from PAYLOADS/All PS2 slims (3.10 + 3.11)/crt0_3.04J.elf rename to PAYLOADS/crt0_3.04J.elf diff --git a/PAYLOADS/crt0_3.04M.bin b/PAYLOADS/crt0_3.04M.bin new file mode 100644 index 0000000000000000000000000000000000000000..54756579afd06244d0e4b6d38116d043fd8a1181 GIT binary patch literal 112 zcmZo*WU-mU*rLL~zzW1{K+LYf&cLj4hLHgXSis_JK=J>K>^2NPo|`Z-aHyy;FxhyB vI+<|(Z~&^|R7nA<2dU+eWMBZXnV@Wj0$H2?j7&Cjema?OFaXs$>@^1fdD#(Z literal 0 HcmV?d00001 diff --git a/PAYLOADS/crt0_3.04M.elf b/PAYLOADS/crt0_3.04M.elf new file mode 100644 index 0000000000000000000000000000000000000000..0ae906fe74702892873a90ed12eddeb115295b3d GIT binary patch literal 2703 zcmeHJ&ubf35T4a4mYs&8w3xPpfLc_imnq;gd{%sw2`cpBCviSt-(HJ z6MV>_h0^5cKOu)4at-9*WB-UA3dzx;w76i{eBZtuX}!h4h4$8geKX(8_h#RZ+4uI* z&0EWsWr<2oriCc9LaPG(VoJoC|G89=68zuDSt-PE!w*3Xt$t2~Pl3*&iTvN5ZUsUs z@9tT76Sw-rmK%X5-*tFw!hnZtR!WTxBzUnE~X z_k{@UTw+WAq8nK`cki#o%Cvwx|N7h0jq1N+9oh0SoBhF)(3p z3#}&yQFImdtHjp69E0Xuy&|HE%)aWch7&(I+Ls*VSFLtCeEN|^e|EN;ZPhlUNiQ1t-g3m>vtAzuiWr%t=w5fAkO6tgW4bv&jUHJZ*Kb= zch|0p=bNs6w*fYj#b=4mSLdqhg5mv5l*_$L3(q9&w~PSoEJyjwk6UP|y% zf-fmQ!K_R6-%t9pHi;i6_&Z>JTMMW$j^`RMMe!#gBq)Aq=1px!4F-- zzqohezy5=Z5dX1}YYgNSN0an6Nnev@Xp+7rX>V#D z=J`f$r&fDY9}sw&K-kNN+3q+vbF!igX+>;wXa;tE-Ru`3({t%Qa@og2s?&3cWFz;s z!Mq>wUE;3=s)f5r9e0v-tS2AC^qlMA$`za!aw|563HKhwyidZF);ED#pm-L{D;uUa zN8jS1U}X@YI){=tLjSMn*k{2?srNrbb4!;jM9R_g%RJo$@^_5lq^uXKn?CO46w=O1 zS}S2LV)NE4zF+nCrIG#RQ&Z2;$yu>^5sh2@b3U(p!Zsf-s^KcsP$1lt<9(Nw|eKKxwn&Uk2io$uN3;K0_m#O!I7f9 zSsetcX5A7-#d$m-yynumeT1>CB|Ik2wVos7;RsTmg+5woS{Yj0%YPWC+aHB$>&=S# zxxJ>&{<^86>uqJN@^SL6HWn?_+^AAJ7=2K)qN_D0x>n0a%e60vS8Lqi<;2U0mlH21 z-snM~wtfgze6^xlQ)^006YsIM`i<&DiH~PV&oJrve_g8?sPdCg{Z6>~7b?o3^K^RH z5$Z9rOZ$UDpo%I~^Vy2}_RyLt+M6m~Y^$HB*01n!r{|@#fc!3B!I*az_g3e(11G}$ zoc7G1vj=$=p;6OwU3&jr_tm#1PMx$myUEFuQ^zJsr;h8Ke!>f#`0SYz6O&VOr)Or* ToSvC;3v=$vCyq~bA)WU>o8l$j literal 0 HcmV?d00001 diff --git a/PAYLOADS/All PS2 slims (3.10 + 3.11)/payload.c b/PAYLOADS/payload.c similarity index 92% rename from PAYLOADS/All PS2 slims (3.10 + 3.11)/payload.c rename to PAYLOADS/payload.c index cd6b7a3..80fa60a 100644 --- a/PAYLOADS/All PS2 slims (3.10 + 3.11)/payload.c +++ b/PAYLOADS/payload.c @@ -95,7 +95,19 @@ __attribute__((noreturn)) void _start(void) { int i; // Identify version based on jump target location - if((*(void **)0x6D9C3C) == (void *)0x126b7e0) { + if((*(void **)0x928D24) == (void *)0x15ea540) { + // 3.03 + pointToIFO = (void *)0x2432c8; + getDiscData = (void *)0x243438; + + getBufferInternal = (void *)0x262360; + + SifIopReset = (void *)0x291fb8; + SifIopSync = (void *)0x292138; + SifInitRpc = (void *)0x2082a0; + SifExitRpc = (void *)0x208440; + } + else if((*(void **)0x6D9C3C) == (void *)0x126b7e0) { // 3.04J pointToIFO = (void *)0x23dfe0; getDiscData = (void *)0x23e150; diff --git a/PAYLOADS/payload.elf b/PAYLOADS/payload.elf new file mode 100644 index 0000000000000000000000000000000000000000..1fdf9ad979d9c61e64ffb54dd7d3f94bf31b6980 GIT binary patch literal 5940 zcmeHLUu+y_5ue-jpG_Ld#+YK%fcN5Sd~UMG;chBZ9pZdGyLOv8PMn4y0%!Yt4o3Fb zv9BnRDs_{X#sb$)0jUwP)DwyYJUM|1`aq~y=#do}jgE3ww5=noRl>F89lQ zzTUUr^df?5cAv-%T(uOMzGnBfTY=pQ>{ej60=pI1t-$-Z0=1&YeuWplA?rHRw9~Ha zkrmT!6N#GNm8ewjRf}c(z_Z)Rx_zxIY2y`7jGLZacEzjhYZa|3l{9{c4+|q^8n-GLeQsY<^1OyT){yTS@>|0i){x&C za$jQ|28`RyYA$QDQfJB^JTarQ2enGM7+S2!>=WB^wZjel5{=)~_nLW)>tY;xHZ8xz zJg&?1Za051qNRQ#KlRc}8E0Ky^H$`RcT;Y9-xNI+dm%q}Nrp^&v#cM2T@kX>Vt#J@ z#~J55DKSjLF@X&dSdg()(+q=}+I$xei}vmGv=MeQ7W1&U)Bx8U3Zt zM?{N#1i3}zlZU8(*gUAQpDZyC4WkzYvG#pbggkR0&wV|>{1A`1rLq53xKH$b&kJHa z6@GnIN%g!bHS^5FkSg%{e7$J%P00>9Y!1nru%|ET_QNJ>U6J3T=FI0I)UZXWQkGQX zs=-x@%Sgq)mT|6sJ@0IuoN?aRSaQz%`L5%>u;Ew>#!=L6`G|XEIqA+UA8^0AY`M=b z$K0#Sad&q4`|!&gm0tsX4fr+S*MML5^^CLmi@Z~Qe#TipzT}uE;J1Cl`3vTm9mdfn z7H!o@!YBYv!_q>=aQ|tWTL0*cwiFTAMfaR%!)tW z`*e%-NTN0I2&C`ojhmGwB=1m)L4Y{M`z49tfiUNFS3%p`JtoPU8WpFl9Sw=bS7InDhTLXAJiIofXV! zbT`BJ5cxD1j#umK*UUxpR|}%YLr6{i&Xg+_9eC zCuMSCv{*Vd!T#bPEO|Oqw_+*o-35H zqtp4UpLrn&UnmX>u2Op%0ot2(y&g5dcG*@_{ks;Z%yQ(*u$ zd>-I4izXtjfi!i`i_H8zzm+MXmy?XM^klu5VT7zYTo70xtnCZeh>61q;BtliuPf~n z(-+4}gF}*-E=>jFmlPMYvufV3cf(<;g%kOS@$o_t9Y0k#H(DH-ki__KVd$B2YD^Rc zhejXebN#;(pMCZY`+{}BOIA`<1OX{F3P?LV>V7|@(Ku=FiZIQm7TjsaXP^7-vcW2d zI?^X_g?6U0Q$DCy{G%Zcekm-|7xN>Xv#Ayho|v}4aJQo1J~ zKuy?AJ}ttI&w?VxrENbhJc(O&ufWbw2Of0F?(?BN2A_ViUva^x;!>>6O=@WO<-o+h zD?5(d3q@z@MJx#LIu-h0ToV`1+Dd;H9)M5C6e)iSzh`7Wfb_6pY1B2qL1gY*fP)Cz zIM@~LSD+6H!hH#_-)&@l(zo6W3ai~$SiLb6-WxFCUEh9__!8a!qS!XkQ56Q}yN}O? z21Jj1=fy+JTJc@ScO3QnwovQA_o!IFJhw2Qu5WoUG9eN3oa1`A^8M%to@+d}6z-vI zSWo-}lRiM6TV;5x1O6