Advertising (This ad goes away for registered users. You can Login or Register)

Reverse of CFWe for ChickHen

Forum rules
Forum rule Nº 15 is strictly enforced in this subforum.
m0skit0
Guru
Posts: 3817
Joined: Mon Sep 27, 2010 6:01 pm

Reverse of CFWe for ChickHen

Post by m0skit0 »

This was initially posted on advancedpsp.tk by m0skit0.
retrieved by wololo


And here the EBOOT.PBP C-pseudo code as decompiled by Davee:

Code: Select all

/*
    Eboot.pbp
    Relative pseudo C
*/

int Exit(char *message)
{
    printf("%s", message); //genius work, really
    sceKernelDelayThread(0x3D0900);
    sceKernelExitGame();
}

int WriteFile(const char *file, void *buffer, SceSize size) //Awesome error handling ;)
{
    SceUID fd = sceIoOpen(file, PSP_O_CREAT | PSP_O_TRUNC | PSP_O_WRONLY, 511);
    int ret = sceIoWrite(fd, buffer, size);
   
    sceIoClose(fd);
    return ret;
}

void FlashFiles() //bet you had fun writing this ;)
{
    if (WriteFile("flash0:/kd/vshctrl.prx", vshctrl, size_vshctrl) != size_vshctrl)
    {
      Exit("Error writting vshctrl.");
    }
   
    if (WriteFile("flash0:/kd/galaxy.prx", galaxy, size_galaxy) != size_galaxy)
    {
        Exit("Error writting galaxy.");
    }
   
    if (WriteFile("flash0:/kd/march33.prx", march33, size_march33) != size_march33)
    {
        Exit("Error writting march33.");
    }
       
    if (WriteFile("flash0:/kd/popcorn.prx", popcorn, size_popcorn) != size_popcorn)
    {
        Exit("Error writting popcorn.");
    }
       
    if (WriteFile("flash0:/kd/idcanager.prx", idcanager, size_idcanager) != size_idcanager)
    {
        Exit("Error writting idcanager.");
    }
       
    if (WriteFile("flash0:/kd/usbdevice.prx", usbdevice, size_usbdevice) != size_usbdevice)
    {
        Exit("Error writting usbdevice.");
    }
       
    if (WriteFile("flash0:/vsh/module/satelite.prx", satelite, size_satelite) != size_satelite)
    {
        Exit("Error writting satelite.");
    }
       
    if (WriteFile("flash0:/kd/systemctrl_02g.prx", systemctrl_02g, size_systemctrl_02g) != size_systemctrl_02g)
    {
        Exit("Error writting systemctrl.");
    }
       
    if (WriteFile("flash0:/kd/pspbtlnf_02g.bin", pspbtlnf_02g, size_pspbtlnf_02g) != size_pspbtlnf_02g)
    {
        Exit("Error writting pspbtlnf.");
    }
       
    if (WriteFile("flash0:/kd/pspbtlnf_02g.bin", pspbtdnf_02g, size_pspbtdnf_02g) != size_pspbtdnf_02g)
    {
        Exit("Error writting pspbtdnf.");
    }
       
    if (WriteFile("flash0:/kd/pspbtjnf_02g.bin", pspbtjnf_02g, size_pspbtjnf_02g) != size_pspbtjnf_02g)
    {
        Exit("Error writting pspbtjnf.");
    }
       
    if (WriteFile("flash0:/kd/pspbtknf_02g.bin", pspbtknf_02g, size_pspbtknf_02g) != size_pspbtknf_02g)
    {
        Exit("Error writting pspbtknf.");
    }
}

int main() //why store strings in vars?
{
    SceIoStat stat;
    SceCtrlData pad;
   
    int model; //initalize?
    pspDebugScreenInit();
       
    printf("Hen de los huevos, como falla el cabron. Custom Firmware Enabler 1.0\nBy Xenogears and Becus25\n\n");
    printf("Press O to flash M33 custom firmware files into the flash.\nPress X to run the custom firmware.\nPress R to exit.\n");
       
    while (1)
    {
        sceCtrlReadBufferPositive(&pad, 1);
       
        if (pad.Buttons & PSP_CTRL_CROSS)
        {
            pspDebugScreenClear();
            printf("\nLoading henctrl.prx...");
               
            SceUID modid = sceKernelLoadModule("henctrl.prx", 0, NULL);
           
            if (modid < 0)
            {
                Exit(" Error loading henctrl.prx");
            }
               
            printf("\nStarting henctrl.prx...");
            sceKernelStartModule(modid, strlen("henctrl.prx") + 1, "henctrl.prx", NULL, NULL, NULL);
               
            printf("Wait 5 seconds...")'
            sceKernelDelayThread(0x4C4B40);
            sceKernelExitGame();
        }
           
        else if (pad.Buttons & PSP_CTRL_CIRCLE)
        {
            if (sceIoUnassign("flash0:") < 0)
            {
                Exit("Error unassigning flash0:");
            }
               
            if (sceIoAssign("flash0:", "lflash0:0,0", "flashfat0:", IOASSIGN_RDWR, NULL, 0) < 0)
            {
                Exit("Error assigning flash0:");
            }
               
            if (!sceIoGetstat("flash0:/kd/loadexec_01g.prx", &stat)) //hello? sceKernelGetModel? >.>
                model = 0;
               
            if ((ret = sceIoGetstat("flash0:/kd/loadexec_02g.prx", &stat)) < 0 && model != ret) //model isn't even predefined...
            {
                Exit("Your PSP is not 2000. Exiting...");
            }
            else
                model = 1;
               
            printf("\nFlashing...");
            FlashFiles();
               
            printf("Done.\n\nPress X to run the custom firmware.");
        }
           
        else if (pad.Buttons & PSP_CTRL_RTRIGGER)
        {
            Exit("Exiting...");
        }
    }
   
    return 0; //nice program flow control
}
Here's the henctrl.prx decompile too:

Code: Select all

/*
   ohai nubcakes
*/

/* CFW Enabler's main code */
/* Xenogears & Becus25 */
/* http://www.dark-alex.org/forum/viewtopic.php?f=24&t=14641 */

/* Noob comments by m0skit0 */
/* http://advancedpsp.freeforums.org/ */

#include <pspkernel.h>
#include <pspsysmem_kernel.h>

/* Missing this! */
#include "rebootex.h"

PSP_MODULE_INFO("HENControl_module", 0x1000, 0, 1);

/* The macro that makes a call

   MAKE_CALL(address, function)
   where address is the address to be patched
   and function is the new function to call
   
   How it works:
   _sw is a function that corresponds to the sw assembler instruction,
   Store Word. Writes 32 bits (one word) at a memory direction
   0x0C000000 is the opcode for jal, Jump and Link
   "f" is the function direction, shifted left 2 positions
   and masked with zeroes for the higher 6 bits (which correspond to opcode)
   
   Then MAKE_CALL stores a jal instruction to the function passed at the
   address passed */
#define MAKE_CALL(a, f) _sw(0x0C000000 | (((u32)(f) >> 2)  & 0x03ffffff), a)

/* To C noobs, this is a function pointer */
int (* DecompressReboot)(u32 addr, u32 size, void *unk, void *unk2, void *unk3) = NULL;

/* Write back data cache to main memory and invalidate all entries from both caches*/
void ClearCaches()
{
   sceKernelIcacheInvalidateAll();
   sceKernelDcacheWritebackInvalidateAll();
}

/* This is the new function that substitutes the instruction at sceLoadExec offset 0x27DC */
int DecompressRebootPatched(u32 addr, u32 size, void *unk, void *unk2, void *unk3)
{   
   /* Decompress "rebootex" in address 0x88FC0000 */
   /* "rebootex" likely to be referenced by rebootex.h file */
   sceKernelGzipDecompress((void *)0x88FC0000, size_rebootex, rebootex, NULL);
   /* Call DecompressReboot, which is sceLoadExec text entry as we see below */
   return DecompressReboot(addr, size, unk, unk2, unk3);
}

/* Modify sceLoadExecModule */
int PatchLoadExec()
{
   /* Get module sceLoadExec */
   SceModule *mod = sceKernelFindModuleByName("sceLoadExec");
   /* text_addr points to actual code from sceLoadExec module */
   u32 text_addr = mod->text_addr;
   
   /* Here comes the tricky part: */
   
   /* Change instruction at offset 0x27dc of sceLoadExec code
     with a call to function DecompressRebootPatched() */
   MAKE_CALL(text_addr + 0x27DC, DecompressRebootPatched);
   
   /* Stores the value 0x3C0188FC at offset 0x2820
      likely to be an instruction if stored in text segment :)
    
     In binary: 0011 1100 0000 0001 1000 1000 1111 1100
    
     Opcode: 001111 -> lui, Load Upper Immediate, loads a register's
     higher half-word with an immediate operand
     00000 00001 1000100011111100
     Then always come 5 zeroes: 00000
     Then the register to load in (5 bits): 00001 -> register 1
     Finally the half word immediate: 0x88FC
     After excuting this instruction $1 = 0x88FC0000 */
   _sw(0x3C0188FC,  text_addr + 0x2820);
   
   /* You can disassemble sysmem.prx (aka sceLoadExec) to check that sub_00002778
      (the subroutine patched above) is referenced a few times by other functions xD */
   
   /* Assigning scePafModule text entry section as DecompressReboot() */
   DecompressReboot = (void *)text_addr;
   
   ClearCaches();
}

/* Module entry point, as you should already know :) */
int module_start(SceSize args, void *argp)
{   
   PatchLoadExec();
   return 0;
}
A bit arrogant on comments, but anyway, he's 15 years old...

And finally rebootvalidslim disassembly:

Código: Seleccionar todo

Code: Select all

   00000000:    0a3f01b9   j   0x8fc06e4      #
   00000004:    00000000   nop      
   00000008:    00000000   nop
   
   0000000c:    18c00007   blez   $a2,0x2c      
   00000010:    00000000   nop            
   00000014:    80830000   lb   $v1,0($a0)      
   00000018:    80a20000   lb   $v0,0($a1)      
   0000001c:    10620005   beq   $v1,$v0,0x34      
   00000020:    00431023   subu   $v0,$v0,$v1      
   00000024:    03e00008   jr   $ra         
   00000028:    00000000   nop
   
   0000002c:    03e00008   jr   $ra         
   00000030:    00001021   addu   $v0,$zero,$zero      
   
   00000034:    00003821   addu   $a3,$zero,$zero      
   00000038:    24e70001   addiu   $a3,$a3,1      
   0000003c:    00871021   addu   $v0,$a0,$a3      
   00000040:    10c7fffa   beq   $a2,$a3,0x2c      
   00000044:    00e54021   addu   $t0,$a3,$a1      
   00000048:    80430000   lb   $v1,0($v0)      
   0000004c:    81020000   lb   $v0,0($t0)      
   00000050:    1062fffa   beq   $v1,$v0,0x3c      
   00000054:    24e70001   addiu   $a3,$a3,1      
   00000058:    03e00008   jr   $ra         
   0000005c:    00431023   subu   $v0,$v0,$v1      
   
   00000060:    18c00006   blez   $a2,0x7c      
   00000064:    30a500ff   andi   $a1,$a1,0xff      
   00000068:    00001821   addu   $v1,$zero,$zero      
   0000006c:    00831021   addu   $v0,$a0,$v1      
   00000070:    24630001   addiu   $v1,$v1,1      
   00000074:    14c3fffd   bne   $a2,$v1,0x6c      
   00000078:    a0450000   sb   $a1,0($v0)      
   0000007c:    03e00008   jr   $ra         
   00000080:    00000000   nop            
   
   00000084:    18c00008   blez   $a2,0xa8      
   00000088:    00804021   addu   $t0,$a0,$zero      
   0000008c:    00003821   addu   $a3,$zero,$zero      
   00000090:    00a71021   addu   $v0,$a1,$a3      
   00000094:    90440000   lbu   $a0,0($v0)      
   00000098:    01071821   addu   $v1,$t0,$a3      
   0000009c:    24e70001   addiu   $a3,$a3,1      
   000000a0:    14c7fffb   bne   $a2,$a3,0x90      
   000000a4:    a0640000   sb   $a0,0($v1)      
   000000a8:    03e00008   jr   $ra         
   000000ac:    00000000   nop            
   
   000000b0:    24c2ffff   addiu   $v0,$a2,-1=0xffff   
   000000b4:    04400009   bltz   $v0,0xdc      
   000000b8:    00822021   addu   $a0,$a0,$v0      
   000000bc:    00a22821   addu   $a1,$a1,$v0      
   000000c0:    00001821   addu   $v1,$zero,$zero      
   000000c4:    90a20000   lbu   $v0,0($a1)      
   000000c8:    24630001   addiu   $v1,$v1,1      
   000000cc:    24a5ffff   addiu   $a1,$a1,-1=0xffff   
   000000d0:    a0820000   sb   $v0,0($a0)      
   000000d4:    1466fffb   bne   $v1,$a2,0xc4      
   000000d8:    2484ffff   addiu   $a0,$a0,-1=0xffff   
   000000dc:    03e00008   jr   $ra         
   000000e0:    00000000   nop            
   
   000000e4:    0a3f003d   j   0x8fc00f4      #
   000000e8:    00004021   addu   $t0,$zero,$zero      
   
   000000ec:    10600016   beq   $v1,$zero,0x148      
   000000f0:    00000000   nop            
   000000f4:    00881021   addu   $v0,$a0,$t0      
   000000f8:    80460000   lb   $a2,0($v0)      
   000000fc:    01051821   addu   $v1,$t0,$a1      
   00000100:    80630000   lb   $v1,0($v1)      
   00000104:    24c2ff9f   addiu   $v0,$a2,-97=0xff9f   
   00000108:    304200ff   andi   $v0,$v0,0xff      
   0000010c:    2c42001a   sltiu   $v0,$v0,26=0x001a   
   00000110:    25080001   addiu   $t0,$t0,1      
   00000114:    10400002   beq   $v0,$zero,0x120      
   00000118:    24c7ffe0   addiu   $a3,$a2,-32=0xffe0   
   0000011c:    7c073420   const   0x7c073420      
   00000120:    2462ff9f   addiu   $v0,$v1,-97=0xff9f   
   00000124:    304200ff   andi   $v0,$v0,0xff      
   00000128:    2c42001a   sltiu   $v0,$v0,26=0x001a   
   0000012c:    10400002   beq   $v0,$zero,0x138      
   00000130:    2467ffe0   addiu   $a3,$v1,-32=0xffe0   
   00000134:    7c071c20   const   0x7c071c20      
   00000138:    1066ffec   beq   $v1,$a2,0xec      
   0000013c:    00661023   subu   $v0,$v1,$a2      
   00000140:    03e00008   jr   $ra         
   00000144:    00000000   nop            
   
   00000148:    03e00008   jr   $ra         
   0000014c:    00001021   addu   $v0,$zero,$zero      
   
   00000150:    27bdfff8   addiu   $sp,$sp,-8      
   00000154:    afbf0000   sw   $ra,0($sp)      
   00000158:    3c0388fc   lui   $v1,0x88fc      
   0000015c:    8c620920   lw   $v0,2336($v1)      
   00000160:    0040f809   jalr   $ra,$v0         
   00000164:    00000000   nop            
   
   00000168:    3c0388fc   lui   $v1,0x88fc      
   0000016c:    8c79091c   lw   $t9,2332($v1)      
   00000170:    8fbf0000   lw   $ra,0($sp)      
   00000174:    03200008   jr   $t9         
   00000178:    27bd0008   addiu   $sp,$sp,8      
   
   0000017c:    27bdffb8   addiu   $sp,$sp,-72      
   00000180:    afb20028   sw   $s2,40($sp)      
   00000184:    afb10024   sw   $s1,36($sp)      
   00000188:    afbf0040   sw   $ra,64($sp)      
   0000018c:    afb7003c   sw   $s7,60($sp)      
   00000190:    afb60038   sw   $s6,56($sp)      
   00000194:    afb50034   sw   $s5,52($sp)      
   00000198:    afb40030   sw   $s4,48($sp)      
   0000019c:    afb3002c   sw   $s3,44($sp)      
   000001a0:    afb00020   sw   $s0,32($sp)      
   000001a4:    3c0288fc   lui   $v0,0x88fc      
   000001a8:    8c430934   lw   $v1,2356($v0)      
   000001ac:    00808821   addu   $s1,$a0,$zero      
   000001b0:    1060001a   beq   $v1,$zero,0x21c      
   000001b4:    00a09021   addu   $s2,$a1,$zero      
   000001b8:    3c1188fc   lui   $s1,0x88fc      
   000001bc:    8e220940   lw   $v0,2368($s1)      
   000001c0:    3c1088fc   lui   $s0,0x88fc      
   000001c4:    8e050984   lw   $a1,2436($s0)      
   000001c8:    0242902d   daddu   $s2,$s2,$v0      
   000001cc:    0e3f0021   jal   0x8fc0084      #
   000001d0:    02403021   addu   $a2,$s2,$zero      
   
   000001d4:    8e020984   lw   $v0,2436($s0)      
   000001d8:    8e230940   lw   $v1,2368($s1)      
   000001dc:    00521021   addu   $v0,$v0,$s2      
   000001e0:    00721823   subu   $v1,$v1,$s2      
   000001e4:    ae020984   sw   $v0,2436($s0)      
   000001e8:    ae230940   sw   $v1,2368($s1)      
   000001ec:    02401021   addu   $v0,$s2,$zero      
   000001f0:    8fbf0040   lw   $ra,64($sp)      
   000001f4:    8fb7003c   lw   $s7,60($sp)      
   000001f8:    8fb60038   lw   $s6,56($sp)      
   000001fc:    8fb50034   lw   $s5,52($sp)      
   00000200:    8fb40030   lw   $s4,48($sp)      
   00000204:    8fb3002c   lw   $s3,44($sp)      
   00000208:    8fb20028   lw   $s2,40($sp)      
   0000020c:    8fb10024   lw   $s1,36($sp)      
   00000210:    8fb00020   lw   $s0,32($sp)      
   00000214:    03e00008   jr   $ra         
   00000218:    27bd0048   addiu   $sp,$sp,72      
   
   0000021c:    3c0388fc   lui   $v1,0x88fc      
   00000220:    8c620928   lw   $v0,2344($v1)      
   00000224:    0040f809   jalr   $ra,$v0         
   00000228:    00000000   nop            
   
   0000022c:    3c0388fc   lui   $v1,0x88fc      
   00000230:    00409021   addu   $s2,$v0,$zero      
   00000234:    8c620938   lw   $v0,2360($v1)      
   00000238:    1040ffed   beq   $v0,$zero,0x1f0      
   0000023c:    02401021   addu   $v0,$s2,$zero      
   00000240:    ac600938   sw   $zero,2360($v1)      
   00000244:    8a240037   lwl   $a0,55($s1)      
   00000248:    8a220033   lwl   $v0,51($s1)      
   0000024c:    8a230023   lwl   $v1,35($s1)      
   00000250:    9a240034   lwr   $a0,52($s1)      
   00000254:    9a220030   lwr   $v0,48($s1)      
   00000258:    9a230020   lwr   $v1,32($s1)      
   0000025c:    3c0588fc   lui   $a1,0x88fc      
   00000260:    00912021   addu   $a0,$a0,$s1      
   00000264:    24a508bc   addiu   $a1,$a1,2236=0x08bc   
   00000268:    24060009   addiu   $a2,$zero,9      
   0000026c:    0222a021   addu   $s4,$s1,$v0      
   00000270:    0e3f0021   jal   0x8fc0084      #
   00000274:    0071b821   addu   $s7,$v1,$s1      
   
   00000278:    8a230037   lwl   $v1,55($s1)      
   0000027c:    9a230034   lwr   $v1,52($s1)      
   00000280:    24630009   addiu   $v1,$v1,9      
   00000284:    aa230037   swl   $v1,55($s1)      
   00000288:    ba230034   swr   $v1,52($s1)      
   0000028c:    8a220027   lwl   $v0,39($s1)      
   00000290:    9a220024   lwr   $v0,36($s1)      
   00000294:    1c40004f   bgtz   $v0,0x3d4      
   00000298:    26560009   addiu   $s6,$s2,9      
   0000029c:    00009821   addu   $s3,$zero,$zero      
   000002a0:    8a220027   lwl   $v0,39($s1)      
   000002a4:    9a220024   lwr   $v0,36($s1)      
   000002a8:    12620048   beq   $s3,$v0,0x3cc      
   000002ac:    03a02021   addu   $a0,$sp,$zero      
   000002b0:    00002821   addu   $a1,$zero,$zero      
   000002b4:    0e3f0018   jal   0x8fc0060      #
   000002b8:    24060020   addiu   $a2,$zero,32=0x0020   
   
   000002bc:    8a230037   lwl   $v1,55($s1)      
   000002c0:    8a240033   lwl   $a0,51($s1)      
   000002c4:    8a260037   lwl   $a2,55($s1)      
   000002c8:    9a230034   lwr   $v1,52($s1)      
   000002cc:    9a240030   lwr   $a0,48($s1)      
   000002d0:    9a260034   lwr   $a2,52($s1)      
   000002d4:    3c0288fc   lui   $v0,0x88fc      
   000002d8:    8c47098c   lw   $a3,2444($v0)      
   000002dc:    00641823   subu   $v1,$v1,$a0      
   000002e0:    00138140   sll   $s0,$s3,5      
   000002e4:    02f08021   addu   $s0,$s7,$s0      
   000002e8:    2463fff7   addiu   $v1,$v1,-9=0xfff7   
   000002ec:    00d13021   addu   $a2,$a2,$s1      
   000002f0:    2402ff80   addiu   $v0,$zero,-128=0xff80   
   000002f4:    00d03023   subu   $a2,$a2,$s0      
   000002f8:    26040020   addiu   $a0,$s0,32=0x0020   
   000002fc:    02002821   addu   $a1,$s0,$zero      
   00000300:    afa30000   sw   $v1,0($sp)      
   00000304:    24030001   addiu   $v1,$zero,1      
   00000308:    a3a2000b   sb   $v0,11($sp)      
   0000030c:    a3a3000a   sb   $v1,10($sp)      
   00000310:    0e3f002c   jal   0x8fc00b0      #
   00000314:    a7a70008   sh   $a3,8($sp)      
   
   00000318:    02002021   addu   $a0,$s0,$zero      
   0000031c:    03a02821   addu   $a1,$sp,$zero      
   00000320:    0e3f0021   jal   0x8fc0084      #
   00000324:    24060020   addiu   $a2,$zero,32=0x0020   
   
   00000328:    8a230027   lwl   $v1,39($s1)      
   0000032c:    26520029   addiu   $s2,$s2,41=0x0029   
   00000330:    9a230024   lwr   $v1,36($s1)      
   00000334:    24630001   addiu   $v1,$v1,1      
   00000338:    aa230027   swl   $v1,39($s1)      
   0000033c:    ba230024   swr   $v1,36($s1)      
   00000340:    8a220033   lwl   $v0,51($s1)      
   00000344:    9a220030   lwr   $v0,48($s1)      
   00000348:    24420020   addiu   $v0,$v0,32=0x0020   
   0000034c:    aa220033   swl   $v0,51($s1)      
   00000350:    ba220030   swr   $v0,48($s1)      
   00000354:    8a230037   lwl   $v1,55($s1)      
   00000358:    9a230034   lwr   $v1,52($s1)      
   0000035c:    24630020   addiu   $v1,$v1,32=0x0020   
   00000360:    aa230037   swl   $v1,55($s1)      
   00000364:    ba230034   swr   $v1,52($s1)      
   00000368:    8a220013   lwl   $v0,19($s1)      
   0000036c:    8a230017   lwl   $v1,23($s1)      
   00000370:    9a220010   lwr   $v0,16($s1)      
   00000374:    9a230014   lwr   $v1,20($s1)      
   00000378:    1860ff9c   blez   $v1,0x1ec      
   0000037c:    02221021   addu   $v0,$s1,$v0      
   00000380:    00402021   addu   $a0,$v0,$zero      
   00000384:    00002821   addu   $a1,$zero,$zero      
   00000388:    90820001   lbu   $v0,1($a0)      
   0000038c:    90830000   lbu   $v1,0($a0)      
   00000390:    24a50001   addiu   $a1,$a1,1      
   00000394:    00021200   sll   $v0,$v0,8      
   00000398:    00431025   or   $v0,$v0,$v1      
   0000039c:    24420001   addiu   $v0,$v0,1      
   000003a0:    3042ffff   andi   $v0,$v0,0xffff      
   000003a4:    00021a02   srl   $v1,$v0,8      
   000003a8:    a0830001   sb   $v1,1($a0)      
   000003ac:    a0820000   sb   $v0,0($a0)      
   000003b0:    8a230017   lwl   $v1,23($s1)      
   000003b4:    9a230014   lwr   $v1,20($s1)      
   000003b8:    00a3182a   slt   $v1,$a1,$v1      
   000003bc:    1460fff2   bne   $v1,$zero,0x388      
   000003c0:    24840020   addiu   $a0,$a0,32=0x0020   
   000003c4:    0a3f007c   j   0x8fc01f0      #
   000003c8:    02401021   addu   $v0,$s2,$zero      
   
   000003cc:    0a3f007b   j   0x8fc01ec      #
   000003d0:    02c09021   addu   $s2,$s6,$zero      
   
   000003d4:    02e08021   addu   $s0,$s7,$zero      
   000003d8:    00009821   addu   $s3,$zero,$zero      
   000003dc:    3c1588fc   lui   $s5,0x88fc      
   000003e0:    8a040003   lwl   $a0,3($s0)      
   000003e4:    8ea5093c   lw   $a1,2364($s5)      
   000003e8:    9a040000   lwr   $a0,0($s0)      
   000003ec:    26100020   addiu   $s0,$s0,32=0x0020   
   000003f0:    0e3f0039   jal   0x8fc00e4      #
   000003f4:    02842021   addu   $a0,$s4,$a0      
   
   000003f8:    1040ffaa   beq   $v0,$zero,0x2a4      
   000003fc:    8a220027   lwl   $v0,39($s1)      
   00000400:    26730001   addiu   $s3,$s3,1      
   00000404:    9a220024   lwr   $v0,36($s1)      
   00000408:    0262102a   slt   $v0,$s3,$v0      
   0000040c:    5440fff5   bnel   $v0,$zero,0x3e4      
   00000410:    8a040003   lwl   $a0,3($s0)      
   00000414:    0a3f00a9   j   0x8fc02a4      #
   00000418:    8a220027   lwl   $v0,39($s1)      
   
   0000041c:    3c0488fc   lui   $a0,0x88fc      
   00000420:    8c830934   lw   $v1,2356($a0)      
   00000424:    10600003   beq   $v1,$zero,0x434      
   00000428:    00001021   addu   $v0,$zero,$zero      
   0000042c:    03e00008   jr   $ra         
   00000430:    ac800934   sw   $zero,2356($a0)      
   
   00000434:    3c0288fc   lui   $v0,0x88fc      
   00000438:    8c590924   lw   $t9,2340($v0)      
   0000043c:    03200008   jr   $t9         
   00000440:    00000000   nop            
   
   00000444:    27bdfff0   addiu   $sp,$sp,-16      
   00000448:    afbf0008   sw   $ra,8($sp)      
   0000044c:    8c870130   lw   $a3,304($a0)      
   00000450:    3c02b301   lui   $v0,0xb301      
   00000454:    3442aeba   ori   $v0,$v0,0xaeba      
   00000458:    00805021   addu   $t2,$a0,$zero      
   0000045c:    10e2001f   beq   $a3,$v0,0x4dc      
   00000460:    00c05821   addu   $t3,$a2,$zero      
   00000464:    3c08bc10   lui   $t0,0xbc10      
   00000468:    35020094   ori   $v0,$t0,0x94      
   0000046c:    8c430000   lw   $v1,0($v0)      
   00000470:    10e30007   beq   $a3,$v1,0x490      
   00000474:    3c0388fc   lui   $v1,0x88fc      
   00000478:    8c620990   lw   $v0,2448($v1)      
   0000047c:    0040f809   jalr   $ra,$v0         
   00000480:    00000000   nop            
   
   00000484:    8fbf0008   lw   $ra,8($sp)      
   00000488:    03e00008   jr   $ra         
   0000048c:    27bd0010   addiu   $sp,$sp,16      
   
   00000490:    35020090   ori   $v0,$t0,0x90      
   00000494:    8c430000   lw   $v1,0($v0)      
   00000498:    03a04021   addu   $t0,$sp,$zero      
   0000049c:    00803021   addu   $a2,$a0,$zero      
   000004a0:    afa30000   sw   $v1,0($sp)      
   000004a4:    24890040   addiu   $t1,$a0,64=0x0040   
   000004a8:    24070004   addiu   $a3,$zero,4      
   000004ac:    90c50150   lbu   $a1,336($a2)      
   000004b0:    00002021   addu   $a0,$zero,$zero      
   000004b4:    01041021   addu   $v0,$t0,$a0      
   000004b8:    90430000   lbu   $v1,0($v0)      
   000004bc:    24840001   addiu   $a0,$a0,1      
   000004c0:    00a31026   xor   $v0,$a1,$v1      
   000004c4:    1487fffb   bne   $a0,$a3,0x4b4      
   000004c8:    00402821   addu   $a1,$v0,$zero      
   000004cc:    a0c20150   sb   $v0,336($a2)      
   000004d0:    24c60001   addiu   $a2,$a2,1      
   000004d4:    5526fff6   bnel   $t1,$a2,0x4b0      
   000004d8:    90c50150   lbu   $a1,336($a2)      
   000004dc:    8d4600b0   lw   $a2,176($t2)      
   000004e0:    01402021   addu   $a0,$t2,$zero      
   000004e4:    25450150   addiu   $a1,$t2,336=0x0150   
   000004e8:    0e3f0021   jal   0x8fc0084      #
   000004ec:    ad660000   sw   $a2,0($t3)      
   
   000004f0:    8fbf0008   lw   $ra,8($sp)      
   000004f4:    00001021   addu   $v0,$zero,$zero      
   000004f8:    03e00008   jr   $ra         
   000004fc:    27bd0010   addiu   $sp,$sp,16      
   
   00000500:    00003021   addu   $a2,$zero,$zero      
   00000504:    0a3f0145   j   0x8fc0514      #
   00000508:    24070058   addiu   $a3,$zero,88=0x0058   
   
   0000050c:    10c70009   beq   $a2,$a3,0x534      
   00000510:    00000000   nop            
   00000514:    00c41021   addu   $v0,$a2,$a0      
   00000518:    904300d4   lbu   $v1,212($v0)      
   0000051c:    1060fffb   beq   $v1,$zero,0x50c      
   00000520:    24c60001   addiu   $a2,$a2,1      
   00000524:    3c0288fc   lui   $v0,0x88fc      
   00000528:    8c590988   lw   $t9,2440($v0)      
   0000052c:    03200008   jr   $t9         
   00000530:    00000000   nop            
   
   00000534:    03e00008   jr   $ra         
   00000538:    00001021   addu   $v0,$zero,$zero      

   0000053c:    3c0288fc   lui   $v0,0x88fc      
   00000540:    3c0388fc   lui   $v1,0x88fc      
   00000544:    3c0803ff   lui   $t0,0x3ff      
   00000548:    24420444   addiu   $v0,$v0,1092=0x0444   
   0000054c:    24630500   addiu   $v1,$v1,1280=0x0500   
   00000550:    3508ffff   ori   $t0,$t0,0xffff      
   00000554:    00021082   srl   $v0,$v0,2      
   00000558:    00031882   srl   $v1,$v1,2      
   0000055c:    3c090c00   lui   $t1,0xc00      
   00000560:    00681824   and   $v1,$v1,$t0      
   00000564:    00481024   and   $v0,$v0,$t0      
   00000568:    27bdffe8   addiu   $sp,$sp,-24      
   0000056c:    00691825   or   $v1,$v1,$t1      
   00000570:    00491025   or   $v0,$v0,$t1      
   00000574:    afbf0010   sw   $ra,16($sp)      
   00000578:    afb4000c   sw   $s4,12($sp)      
   0000057c:    afb30008   sw   $s3,8($sp)      
   00000580:    afb20004   sw   $s2,4($sp)      
   00000584:    afb10000   sw   $s1,0($sp)      
   00000588:    0080a021   addu   $s4,$a0,$zero      
   0000058c:    ace2355c   sw   $v0,13660($a3)      
   00000590:    00e08821   addu   $s1,$a3,$zero      
   00000594:    ace25c84   sw   $v0,23684($a3)      
   00000598:    00a09821   addu   $s3,$a1,$zero      
   0000059c:    ace35ca8   sw   $v1,23720($a3)      
   000005a0:    00c09021   addu   $s2,$a2,$zero      
   000005a4:    ace35cd8   sw   $v1,23768($a3)      
   000005a8:    24e4757c   addiu   $a0,$a3,30076=0x757c   
   000005ac:    24e5755c   addiu   $a1,$a3,30044=0x755c   
   000005b0:    ace35d70   sw   $v1,23920($a3)      
   000005b4:    3c0288fc   lui   $v0,0x88fc      
   000005b8:    3c0388fc   lui   $v1,0x88fc      
   000005bc:    ac440990   sw   $a0,2448($v0)      
   000005c0:    0e3f0054   jal   0x8fc0150      #
   000005c4:    ac650988   sw   $a1,2440($v1)      
   
   000005c8:    02802021   addu   $a0,$s4,$zero      
   000005cc:    02602821   addu   $a1,$s3,$zero      
   000005d0:    02403021   addu   $a2,$s2,$zero      
   000005d4:    0220c821   addu   $t9,$s1,$zero      
   000005d8:    8fbf0010   lw   $ra,16($sp)      
   000005dc:    8fb4000c   lw   $s4,12($sp)      
   000005e0:    8fb30008   lw   $s3,8($sp)      
   000005e4:    8fb20004   lw   $s2,4($sp)      
   000005e8:    8fb10000   lw   $s1,0($sp)      
   000005ec:    03200008   jr   $t9         
   000005f0:    27bd0018   addiu   $sp,$sp,24      
   
   000005f4:    27bdfff8   addiu   $sp,$sp,-8      
   000005f8:    afb00000   sw   $s0,0($sp)      
   000005fc:    3c1088fc   lui   $s0,0x88fc      
   00000600:    00802821   addu   $a1,$a0,$zero      
   00000604:    24060040   addiu   $a2,$zero,64=0x0040   
   00000608:    afbf0004   sw   $ra,4($sp)      
   0000060c:    0e3f0021   jal   0x8fc0084      #
   00000610:    26040944   addiu   $a0,$s0,2372=0x0944   

   00000614:    3c0488fc   lui   $a0,0x88fc      
   00000618:    3c0588fc   lui   $a1,0x88fc      
   0000061c:    24840948   addiu   $a0,$a0,2376=0x0948   
   00000620:    24a508c8   addiu   $a1,$a1,2248=0x08c8   
   00000624:    0e3f0003   jal   0x8fc000c      #
   00000628:    24060010   addiu   $a2,$zero,16=0x0010   
   
   0000062c:    1440001c   bne   $v0,$zero,0x6a0      
   00000630:    3c0288fb   lui   $v0,0x88fb      
   00000634:    344400c0   ori   $a0,$v0,0xc0      
   00000638:    8c830000   lw   $v1,0($a0)      
   0000063c:    24020001   addiu   $v0,$zero,1      
   00000640:    10620014   beq   $v1,$v0,0x694      
   00000644:    26030944   addiu   $v1,$s0,2372=0x0944   
   00000648:    8c830000   lw   $v1,0($a0)      
   0000064c:    24020002   addiu   $v0,$zero,2      
   00000650:    10620021   beq   $v1,$v0,0x6d8      
   00000654:    26030944   addiu   $v1,$s0,2372=0x0944   
   00000658:    2402006a   addiu   $v0,$zero,106=0x006a   
   0000065c:    a0620009   sb   $v0,9($v1)      
   00000660:    3c0288fc   lui   $v0,0x88fc      
   00000664:    8c43093c   lw   $v1,2364($v0)      
   00000668:    10600003   beq   $v1,$zero,0x678      
   0000066c:    24030001   addiu   $v1,$zero,1      
   00000670:    3c0288fc   lui   $v0,0x88fc      
   00000674:    ac430938   sw   $v1,2360($v0)      
   00000678:    3c0288fc   lui   $v0,0x88fc      
   0000067c:    8c59092c   lw   $t9,2348($v0)      
   00000680:    26040944   addiu   $a0,$s0,2372=0x0944   
   00000684:    8fbf0004   lw   $ra,4($sp)      
   00000688:    8fb00000   lw   $s0,0($sp)      
   0000068c:    03200008   jr   $t9         
   00000690:    27bd0008   addiu   $sp,$sp,8      
   
   00000694:    2402006b   addiu   $v0,$zero,107=0x006b   
   00000698:    0a3f0198   j   0x8fc0660      #
   0000069c:    a0620009   sb   $v0,9($v1)      
   
   000006a0:    3c0588fc   lui   $a1,0x88fc      
   000006a4:    24a508bc   addiu   $a1,$a1,2236=0x08bc   
   000006a8:    26040944   addiu   $a0,$s0,2372=0x0944   
   000006ac:    0e3f0003   jal   0x8fc000c      #
   000006b0:    24060009   addiu   $a2,$zero,9      
   
   000006b4:    5440fff1   bnel   $v0,$zero,0x67c      
   000006b8:    3c0288fc   lui   $v0,0x88fc      
   000006bc:    24040001   addiu   $a0,$zero,1      
   000006c0:    3c0388fc   lui   $v1,0x88fc      
   000006c4:    ac640934   sw   $a0,2356($v1)      
   000006c8:    8fbf0004   lw   $ra,4($sp)      
   000006cc:    8fb00000   lw   $s0,0($sp)      
   000006d0:    03e00008   jr   $ra         
   000006d4:    27bd0008   addiu   $sp,$sp,8      
   
   000006d8:    2402006c   addiu   $v0,$zero,108=0x006c   
   000006dc:    0a3f0198   j   0x8fc0660      #
   000006e0:    a0620009   sb   $v0,9($v1)      
   
   000006e4:    3c0c88fc   lui   $t4,0x88fc
   000006e8:    3c020fff   lui   $v0,0xfff      
   000006ec:    3c0b88fc   lui   $t3,0x88fc      
   000006f0:    3c0a88fc   lui   $t2,0x88fc      
   000006f4:    3c0988fc   lui   $t1,0x88fc      
   000006f8:    3442fffc   ori   $v0,$v0,0xfffc      
   000006fc:    258c053c   addiu   $t4,$t4,1340=0x053c   
   00000700:    3c0303ff   lui   $v1,0x3ff      
   00000704:    256b05f4   addiu   $t3,$t3,1524=0x05f4   
   00000708:    254a017c   addiu   $t2,$t2,380=0x017c   
   0000070c:    2529041c   addiu   $t1,$t1,1052=0x041c   
   00000710:    3463ffff   ori   $v1,$v1,0xffff      
   00000714:    01826024   and   $t4,$t4,$v0      
   00000718:    000b5882   srl   $t3,$t3,2      
   0000071c:    000a5082   srl   $t2,$t2,2      
   00000720:    00094882   srl   $t1,$t1,2      
   00000724:    3c088860   lui   $t0,0x8860      
   00000728:    01234824   and   $t1,$t1,$v1      
   0000072c:    01635824   and   $t3,$t3,$v1      
   00000730:    01435024   and   $t2,$t2,$v1      
   00000734:    3c020800   lui   $v0,0x800      
   00000738:    3c030c00   lui   $v1,0xc00      
   0000073c:    000c6082   srl   $t4,$t4,2      
   00000740:    27bdffd8   addiu   $sp,$sp,-40      
   00000744:    01826025   or   $t4,$t4,$v0      
   00000748:    01635825   or   $t3,$t3,$v1      
   0000074c:    35022020   ori   $v0,$t0,0x2020      
   00000750:    afbf0020   sw   $ra,32($sp)      
   00000754:    afb7001c   sw   $s7,28($sp)      
   00000758:    afb60018   sw   $s6,24($sp)      
   0000075c:    afb50014   sw   $s5,20($sp)      
   00000760:    afb40010   sw   $s4,16($sp)      
   00000764:    afb3000c   sw   $s3,12($sp)      
   00000768:    afb20008   sw   $s2,8($sp)      
   0000076c:    afb10004   sw   $s1,4($sp)      
   00000770:    afb00000   sw   $s0,0($sp)      
   00000774:    01234825   or   $t1,$t1,$v1      
   00000778:    ac4b0000   sw   $t3,0($v0)      
   0000077c:    01435025   or   $t2,$t2,$v1      
   00000780:    350e20bc   ori   $t6,$t0,0x20bc      
   00000784:    35032090   ori   $v1,$t0,0x2090      
   00000788:    350f5030   ori   $t7,$t0,0x5030      
   0000078c:    3c02afa5   lui   $v0,0xafa5      
   00000790:    ac6a0000   sw   $t2,0($v1)      
   00000794:    adc90000   sw   $t1,0($t6)      
   00000798:    ade20000   sw   $v0,0($t7)      
   0000079c:    3c0203e0   lui   $v0,0x3e0      
   000007a0:    35105034   ori   $s0,$t0,0x5034      
   000007a4:    351130e0   ori   $s1,$t0,0x30e0      
   000007a8:    3c0320a3   lui   $v1,0x20a3      
   000007ac:    34420008   ori   $v0,$v0,0x8      
   000007b0:    ae030000   sw   $v1,0($s0)      
   000007b4:    ae220000   sw   $v0,0($s1)      
   000007b8:    3c032402   lui   $v1,0x2402      
   000007bc:    3c020011   lui   $v0,0x11      
   000007c0:    351230e4   ori   $s2,$t0,0x30e4      
   000007c4:    35132018   ori   $s3,$t0,0x2018      
   000007c8:    3514206c   ori   $s4,$t0,0x206c      
   000007cc:    35152084   ori   $s5,$t0,0x2084      
   000007d0:    35164ef0   ori   $s6,$t0,0x4ef0      
   000007d4:    34630001   ori   $v1,$v1,0x1      
   000007d8:    34423821   ori   $v0,$v0,0x3821      
   000007dc:    ae430000   sw   $v1,0($s2)      
   000007e0:    ae600000   sw   $zero,0($s3)      
   000007e4:    ae800000   sw   $zero,0($s4)      
   000007e8:    aea00000   sw   $zero,0($s5)      
   000007ec:    aec20000   sw   $v0,0($s6)      
   000007f0:    3c0202a0   lui   $v0,0x2a0      
   000007f4:    3c0d88fb   lui   $t5,0x88fb      
   000007f8:    35186d38   ori   $t8,$t0,0x6d38      
   000007fc:    35174ef4   ori   $s7,$t0,0x4ef4      
   00000800:    3442e821   ori   $v0,$v0,0xe821      
   00000804:    35084ef8   ori   $t0,$t0,0x4ef8      
   00000808:    aeec0000   sw   $t4,0($s7)      
   0000080c:    35a300d4   ori   $v1,$t5,0xd4      
   00000810:    ad020000   sw   $v0,0($t0)      
   00000814:    af000000   sw   $zero,0($t8)      
   00000818:    35a200d0   ori   $v0,$t5,0xd0      
   0000081c:    8c480000   lw   $t0,0($v0)      
   00000820:    35aa00dc   ori   $t2,$t5,0xdc      
   00000824:    8c690000   lw   $t1,0($v1)      
   00000828:    35ad00d8   ori   $t5,$t5,0xd8      
   0000082c:    8dab0000   lw   $t3,0($t5)      
   00000830:    8d4c0000   lw   $t4,0($t2)      
   00000834:    3c0288fc   lui   $v0,0x88fc      
   00000838:    3c0388fc   lui   $v1,0x88fc      
   0000083c:    ac48093c   sw   $t0,2364($v0)      
   00000840:    ac690984   sw   $t1,2436($v1)      
   00000844:    3c0288fc   lui   $v0,0x88fc      
   00000848:    3c0388fc   lui   $v1,0x88fc      
   0000084c:    ac4b0940   sw   $t3,2368($v0)      
   00000850:    ac6c098c   sw   $t4,2444($v1)      
   00000854:    3c0288fc   lui   $v0,0x88fc      
   00000858:    3c0388fc   lui   $v1,0x88fc      
   0000085c:    00808021   addu   $s0,$a0,$zero      
   00000860:    00a08821   addu   $s1,$a1,$zero      
   00000864:    00c09021   addu   $s2,$a2,$zero      
   00000868:    00e09821   addu   $s3,$a3,$zero      
   0000086c:    ac400938   sw   $zero,2360($v0)      
   00000870:    0e3f0054   jal   0x8fc0150      #
   00000874:    ac600934   sw   $zero,2356($v1)      
   
   00000878:    3c0288fc   lui   $v0,0x88fc      
   0000087c:    8c590930   lw   $t9,2352($v0)      
   00000880:    02002021   addu   $a0,$s0,$zero      
   00000884:    02202821   addu   $a1,$s1,$zero      
   00000888:    02403021   addu   $a2,$s2,$zero      
   0000088c:    02603821   addu   $a3,$s3,$zero      
   00000890:    8fbf0020   lw   $ra,32($sp)      
   00000894:    8fb7001c   lw   $s7,28($sp)      
   00000898:    8fb60018   lw   $s6,24($sp)      
   0000089c:    8fb50014   lw   $s5,20($sp)      
   000008a0:    8fb40010   lw   $s4,16($sp)      
   000008a4:    8fb3000c   lw   $s3,12($sp)      
   000008a8:    8fb20008   lw   $s2,8($sp)      
   000008ac:    8fb10004   lw   $s1,4($sp)      
   000008b0:    8fb00000   lw   $s0,0($sp)      
   000008b4:    03200008   jr   $t9         
   000008b8:    27bd0028   addiu   $sp,$sp,40      
   
   000008bc:    6d74722f   ldr   $s4,29231($t3)      
   000008c0:    7872702e   const   0x7872702e      
   000008c4:    00000000   nop            
   000008c8:    62707370   daddi   $s0,$s3,29552=0x7370   
   000008cc:    666e6374   daddiu   $t6,$s3,25460=0x6374   
   000008d0:    6732305f   daddiu   $s2,$t9,12383=0x305f   
   000008d4:    6e69622e   ldr   $t1,25134($s3)      
   000008d8:    00000000   nop            
   000008dc:    00000000   nop            
   000008e0:    00000000   nop            
   000008e4:    00000000   nop            
   000008e8:    00000000   nop            
   000008ec:    00000000   nop            
   000008f0:    00000000   nop            
   000008f4:    00000000   nop            
   000008f8:    00000000   nop            
   000008fc:    00000000   nop            
   00000900:    00000000   nop            
   00000904:    00000000   nop            
   00000908:    00000000   nop            
   0000090c:    00000000   nop            
   00000910:    00000000   nop            
   00000914:    00000000   nop            
   00000918:    00000000   nop            
   0000091c:    8860022c   lwl   $zero,556($v1)      
   00000920:    886007c0   lwl   $zero,1984($v1)      
   00000924:    88607cf8   lwl   $zero,31992($v1)   
   00000928:    88607d54   lwl   $zero,32084($v1)   
   0000092c:    88607be0   lwl   $zero,31712($v1)   
   00000930:    88600000   lwl   $zero,0($v1)
Advertising
I wanna lots of mov al,0xb
Image
"just not into this RA stuffz"
Xaikiri
Posts: 179
Joined: Tue Sep 28, 2010 10:25 am

Re: Reverse of CFWe for ChickHen

Post by Xaikiri »

Who is 15 y/o? davee?
Advertising
Image
wololo
Site Admin
Posts: 3621
Joined: Wed Oct 15, 2008 12:42 am
Location: Japan

Re: Reverse of CFWe for ChickHen

Post by wololo »

yes, I think so.
If you need US PSN Codes, this technique is what I recommend.

Looking for guest bloggers and news hunters here at wololo.net, PM me!
m0skit0
Guru
Posts: 3817
Joined: Mon Sep 27, 2010 6:01 pm

Re: Reverse of CFWe for ChickHen

Post by m0skit0 »

Yes, he claims so.
I wanna lots of mov al,0xb
Image
"just not into this RA stuffz"
Xaikiri
Posts: 179
Joined: Tue Sep 28, 2010 10:25 am

Re: Reverse of CFWe for ChickHen

Post by Xaikiri »

Wow.
Image
Xian Nox
Retired Mod
Posts: 2744
Joined: Fri Nov 05, 2010 5:27 pm
Location: Over the hills and far away

Re: Reverse of CFWe for ChickHen

Post by Xian Nox »

I can't get the henctrl recompile to work, but I guess I make some sort of mistake. Anyway, the address in the comment at the beginning caught my attention (http://www.dark-alex.org/forum/viewtopi ... 24&t=14641), but all I get is a Cannot find server mistake. (No wonder actually, DAX shut down all his servers.) Anyway, does anybody know what the topic is about/have a cached copy. I suppose it contains some info on how the how stuff got made/works or anything like that, so a cached copy would be nice.
Thanks in advance for your replies!
m0skit0
Guru
Posts: 3817
Joined: Mon Sep 27, 2010 6:01 pm

Re: Reverse of CFWe for ChickHen

Post by m0skit0 »

Xian Nox wrote:the address in the comment at the beginning caught my attention
IIRC, that's where team MHU posted the CFWE for first time. Not big deal.
I wanna lots of mov al,0xb
Image
"just not into this RA stuffz"
Co$m0
Posts: 5
Joined: Thu Nov 11, 2010 3:47 pm

Re: Reverse of CFWe for ChickHen

Post by Co$m0 »

Guy, you can not recompile henctrl -> the rebootex.h are not there -> you must code the assembly to c then you have the rebootex.h :)

/* Missing this! */
#include "rebootex.h"


;)
I can't get the henctrl recompile to work, but I guess I make some sort of mistake. Anyway, the address in the comment at the beginning caught my attention (http://www.dark-alex.org/forum/viewtopi ... 24&t=14641), but all I get is a Cannot find server mistake. (No wonder actually, DAX shut down all his servers.) Anyway, does anybody know what the topic is about/have a cached copy. I suppose it contains some info on how the how stuff got made/works or anything like that, so a cached copy would be nice.
Thanks in advance for your replies!
:D

@FreDdy and m0skit0: :D
Last edited by Co$m0 on Fri Nov 19, 2010 3:18 pm, edited 1 time in total.
FrEdDy
HBL Collaborator
Posts: 243
Joined: Mon Sep 27, 2010 7:08 pm
Contact:

Re: Reverse of CFWe for ChickHen

Post by FrEdDy »

Co$m0 wrote:/* Missing this! */
#include "rebootex.h"

;)
What...?
https://github.com/freddy-156
<@n00b81> FREDDY CUTTIES
m0skit0
Guru
Posts: 3817
Joined: Mon Sep 27, 2010 6:01 pm

Re: Reverse of CFWe for ChickHen

Post by m0skit0 »

He's trying to look interesting, FrEdDy. Not much luck, though.
I wanna lots of mov al,0xb
Image
"just not into this RA stuffz"
Locked

Return to “Programming and Security”