pspdev/sdk "sio" sample from 1.50 kernel to 3.xx k
yes i've read them, and thanks to them! i have an atrac player on 1.50 which
works well but i hope to have a compatibility with 3.xx kernel ...
maybe could i have an answer to load a module from flash without linkink issues :
i don't use snprintf direcly : it's a call in the fonction startModukeswithargs
works well but i hope to have a compatibility with 3.xx kernel ...
maybe could i have an answer to load a module from flash without linkink issues :
i don't use snprintf direcly : it's a call in the fonction startModukeswithargs
it seems a little late to reply this post :(
but I have met a problem of bright set program of sakya.
with this code
I always get "Brightness level 0 ", it seems the function getBrightness didn't take effect. I don't know why....
I'm using psp2000 with 3.71m33-4.
but I have met a problem of bright set program of sakya.
with this code
Code: Select all
pspDebugScreenPrintf("Brightness level %i\n", getBrightness()); I'm using psp2000 with 3.71m33-4.
It probably uses a kernel NID that changed for 3.71. To keep working with 3.71, you probably need to find the new NID. The other option is to move on to 3.80+ and rely on the NID resolver.ldqmoon wrote:it seems a little late to reply this post :(
but I have met a problem of bright set program of sakya.
with this codeI always get "Brightness level 0 ", it seems the function getBrightness didn't take effect. I don't know why....Code: Select all
pspDebugScreenPrintf("Brightness level %i\n", getBrightness());
I'm using psp2000 with 3.71m33-4.
Hi J.F
thanks for your reply so quick.
you mean I need to find out a NID which can used for 3.71?
For I don't know much about NID, I don't know how to use it. When I got the NID, need i change the .s file which generated by psp-build-exports?
just like the red character in the follow code?
STUB_START "myLib",0x40090000,0x00020005
STUB_FUNC 0x19F94895,getBrightness
STUB_FUNC 0xB6551455,setBrightness
STUB_END
or do something else?
thanks for your reply so quick.
you mean I need to find out a NID which can used for 3.71?
For I don't know much about NID, I don't know how to use it. When I got the NID, need i change the .s file which generated by psp-build-exports?
just like the red character in the follow code?
STUB_START "myLib",0x40090000,0x00020005
STUB_FUNC 0x19F94895,getBrightness
STUB_FUNC 0xB6551455,setBrightness
STUB_END
or do something else?
No, the sce functions those functions call. For example, in my MediaEngine.prx, I check the fw version and call either sceSysregMeResetEnable or sceSysregMeResetEnable371, where sceSysregMeResetEnable is the "normal" sce function to enable the reset of the ME defined by the SDK. The 371 version I defined myself in a .S file that is included in the prx project and looks like
Finding the correct 3.71 NID for the sce functions is a big pain, which is one reason why D_A started including the NID resolver in 3.80. With the NID resolver, you just use the 3.52 or earlier NID and it'll convert it to the proper 3.80+ NID.
So if you really WANT it to work for 3.71, be prepared for some tough work (or find someone to do it for you :D ). Otherwise just require folks to use the newer firmware.
Code: Select all
.set noreorder
#include "pspimport.s"
IMPORT_START "sceSysreg_driver",0x00040000
IMPORT_FUNC "sceSysreg_driver",0xA9997109,sceSysregMeResetEnable371
IMPORT_FUNC "sceSysreg_driver",0x76220E94,sceSysregMeResetDisable371
IMPORT_FUNC "sceSysreg_driver",0x3199CF1C,sceSysregMeBusClockEnable371
IMPORT_FUNC "sceSysreg_driver",0x07881A0B,sceSysregMeBusClockDisable371
So if you really WANT it to work for 3.71, be prepared for some tough work (or find someone to do it for you :D ). Otherwise just require folks to use the newer firmware.
It's a bad news for me :(
I found a code for NID finding.
I have used it in 3.71 m33 to find out the NID of sceDisplayGetBrightness. call this function like this:
libsNameToNid("sceDisplayGetBrightness");
but no effect too.
Now I think I need to update FW of my psp :(
I found a code for NID finding.
Code: Select all
u32 libsNameToNid(const char *name)
{
u8 digest[20];
u32 nid;
if(sceKernelUtilsSha1Digest((u8 *) name, strlen(name), digest) >= 0)
{
nid = digest[0] | (digest[1] << 8) | (digest[2] << 16) | (digest[3] << 24);
return nid;
}
return 0;
}
libsNameToNid("sceDisplayGetBrightness");
but no effect too.
Now I think I need to update FW of my psp :(
You can't find NIDs that way in 3.71+ as Sony started doing random numbers for the NIDs. You have to disassemble the library, then try to find similar sections of code (the idea being that whatever the function was, it won't have changed much for the newer firmware), then look for the NID referring to that section of code. Like I said, a big pain. There's a few threads here where a couple folks posted some of the 3.71 NIDs. Check if the one(s) you need are there.
Before I start trying to make the wlanscan_elf work on 5.00M33-4 on psp slim, has anyone done it yet
EDIT: these is what I got up to now:
makefile
netlib.c (the prx):
netlib.exp:
makefile
EDIT: these is what I got up to now:
makefile
Code: Select all
TARGET = AirCrack-PSP
OBJS =main.o netlib.o aircrack-ptw-lib.o
#USE_PSPSDK_LIBC = 1
BUILD_PRX = 1
PSP_FW_VERSION = 500
INCDIR =
CFLAGS = -O2 -G0 -Wall
CXXFLAGS = $(CFLAGS) -fno-exceptions -fno-rtti
ASFLAGS = $(CFLAGS)
LIBDIR =
LDFLAGS =
LIBS = -lpng -lz -lpspaudio -lpsppower -lpspgum -lpspgu -lpsppower -lpsprtc -lpspwlan -lpspnet -lm
EXTRA_TARGETS = EBOOT.PBP
PSP_EBOOT_TITLE = AirCrack-PSP
PSP_EBOOT_ICON =
#PSP_EBOOT_ICON1 =
#PSP_EBOOT_PIC1 =
PSPSDK=$(shell psp-config --pspsdk-path)
include $(PSPSDK)/lib/build.mak
netlib.c (the prx):
Code: Select all
#include <pspsdk.h>
#include <pspkernel.h>
#include <pspdebug.h>
PSP_MODULE_INFO("netlib", 0x1006, 1, 1);
PSP_MAIN_THREAD_ATTR(0);
int sceNetConfigUpInterface(const char *name);
int sceNet_lib_7BA3ED91(const char *name, void *type, u32 *size, void *buf, u32 *unk);
int sceNetConfigDownInterface(const char *name);
int module_start(SceSize args, void *argp)
{
return 0;
}
int module_stop()
{
return 0;
}
netlib.exp:
Code: Select all
# Define the exports for the prx
PSP_BEGIN_EXPORTS
# These four lines are mandatory (although you can add other functions like module_stop)
# syslib is a psynonym for the single mandatory export.
PSP_EXPORT_START(syslib, 0, 0x8000)
PSP_EXPORT_FUNC_HASH(module_start)
PSP_EXPORT_VAR_HASH(module_info)
PSP_EXPORT_END
# Export our function
PSP_EXPORT_START(netlib, 0, 0x0009)
PSP_EXPORT_FUNC(sceNetConfigUpInterface)
PSP_EXPORT_FUNC(sceNet_lib_7BA3ED91)
PSP_EXPORT_FUNC(sceNetConfigDownInterface)
PSP_EXPORT_END
PSP_END_EXPORTS
makefile
Code: Select all
TARGET = netlib
OBJS = netlib.o
INCDIR =
CFLAGS = -O2 -G0 -Wall
CXXFLAGS = $(CFLAGS) -fno-exceptions -fno-rtti
ASFLAGS = $(CFLAGS)
BUILD_PRX = 1
PRX_EXPORTS = netlib.exp
USE_KERNEL_LIBC=1
USE_KERNEL_LIBS=1
LIBDIR =
LDFLAGS = -mno-crt0 -nostartfiles
LIBS = -lpspkernel -lpspdebug -lpspsdk -lpspdisplay_driver -lpspwlan -lpspnet
PSPSDK=$(shell psp-config --pspsdk-path)
include $(PSPSDK)/lib/build.mak
main.c:
Code: Select all
#include <pspdisplay.h>
#include <pspkernel.h>
#include <pspdebug.h>
#include <pspctrl.h>
#include <psppower.h>
#include <pspwlan.h>
#include <pspnet.h>
#include <pspiofilemgr_kernel.h>
#include <pspsdk.h>
#include <pspgu.h>
#include <png.h>
#define printf pspDebugScreenPrintf
#define cls pspDebugScreenClear
SceCtrlData pad;
#include "aircrack.h"
PSP_MODULE_INFO("AirCrack-PSP", 0, 1, 0);
PSP_MAIN_THREAD_ATTR(THREAD_ATTR_USER);
PSP_HEAP_SIZE_MAX();
/* Exit callback */
int exit_callback(int arg1, int arg2, void *common)
{
sceWlanDevDetach();
sceNetTerm();
sceKernelExitGame();
return 0;
}
/* Callback thread */
int CallbackThread(SceSize args, void *argp)
{
int cbid;
cbid = sceKernelCreateCallback("Exit Callback", exit_callback, NULL);
sceKernelRegisterExitCallback(cbid);
sceKernelSleepThreadCB();
return 0;
}
/* Sets up the callback thread and returns its thread id */
int SetupCallbacks(void)
{
int thid = 0;
thid = sceKernelCreateThread("update_thread", CallbackThread, 0x11, 0xFA0, 0, 0);
if(thid >= 0)
{
sceKernelStartThread(thid, 0, 0);
}
return thid;
}
/* Init the scan */
int sceNetConfigUpInterface(const char *name);
/* Do the scan */
int sceNet_lib_7BA3ED91(const char *name, void *type, u32 *size, void *buf, u32 *unk);
/* Terminate the scan */
int sceNetConfigDownInterface(const char *name);
#define InitScan sceNetConfigUpInterface
#define ScanAPs sceNet_lib_7BA3ED91
#define TermScan sceNetConfigDownInterface
unsigned char scan_data[0xA80];
char buffer[55];
/* Returned data */
struct ScanData
{
struct ScanHead *pNext;
unsigned char bssid[6];
char channel;
unsigned char namesize;
char name[32];
unsigned int bsstype;
unsigned int beaconperiod;
unsigned int dtimperiod;
unsigned int timestamp;
unsigned int localtime;
unsigned short atim;
unsigned short capabilities;
unsigned char rate[8];
unsigned short rssi;
unsigned char sizepad[6];
} __attribute__((packed));
/* Capability flags */
const char *caps[8] = {
"ESS, ",
"IBSS, ",
"CF Pollable, ",
"CF Pollreq, ",
"Privacy (WEP), ",
"Short Preamble, ",
"PBCC, ",
"Channel Agility, "
};
/* Print the scan summary data to stdout */
void print_apsum(struct ScanData *pData)
{
char name[33];
strncpy(name, pData->name, 32);
name[32] = 0;
printf("SSID: %s",name);
if (pData->capabilities == 0) {
printf("SECURITY: NONE");
}
else if (pData->capabilities == 1) {
printf("SECURITY: WEP");
}
else if (pData->capabilities == 2) {
printf("SECURITY: WPA1");
}
else if (pData->capabilities == 3) {
printf("SECURITY: WPA2");
}
printf(" SIG: %d%%", pData->rssi);
printf("/n");
}
struct ScanData *do_scan(int *count){
unsigned char type[0x4C];
u32 size, unk;
int i;
int ret;
if((ret = InitScan("wlan")) >= 0) {
memset(type, 0, sizeof(type));
/* Set the channels we want to scan */
for(i = 1; i < 0xF; i++) {
type[0x9+i] = i;
}
type[0x3C] = 1;
*((u32*) (type + 0x44)) = 1; //6/* Minimum strength */
*((u32*) (type + 0x48)) = 100; /* Maximum strength */
size = sizeof(scan_data);
unk = 0;
memset(scan_data, 0, sizeof(scan_data));
ret = ScanAPs("wlan", type, &size, scan_data, &unk);
if(ret < 0) {
printf("Error, could not perform scan err = %08X\n", ret);
}
else {
*count = size / sizeof(struct ScanData);
return (struct ScanData *) scan_data;
}
}
else {
printf("Error, cannot initialise scan\n");
}
TermScan("wlan");
return NULL;
}
int main() {
pspDebugScreenInit();
pspDebugScreenClear();
SetupCallbacks();
SceUID modid = pspSdkLoadStartModule("netlib.prx", PSP_MEMORY_PARTITION_KERNEL);
if (modid < 0){
pspDebugScreenPrintf("Error 0x%08X loading/starting netlib.prx\n", modid);
do { sceCtrlReadBufferPositive(&pad, 1);
} while (pad.Buttons == 0);
sceKernelExitGame();
}
printf("AirCrack-PSP by Gaby_64\nTest 0.43\nPress any key to start scanning\n\n");
do { sceCtrlReadBufferPositive(&pad, 1);
} while (pad.Buttons == 0);
if(pspSdkLoadInetModules() < 0)
{
printf("Error, could not load inet modules\n");
do { sceCtrlReadBufferPositive(&pad, 1);
} while (pad.Buttons == 0);
sceKernelExitGame();
}
int ret, count, x, y, scan;
struct ScanData *pScan = NULL;
ret = sceNetInit(0x20000, 0x20, 0x1000, 0x20, 0x1000);
if(ret < 0)
{
printf("Error initialising network lib %08X\n", ret);
do { sceCtrlReadBufferPositive(&pad, 1);
} while (pad.Buttons == 0);
sceKernelExitGame();
}
while(sceWlanGetSwitchState() == 0) {
printf("Please set wlan switch to on\n");
while(sceWlanGetSwitchState() == 0) {
}
}
ret = -1;
while(ret < 0)
{
ret = sceWlanDevAttach();
if(ret == 0x80410D0E)
{
sceKernelDelayThread(1000000);
}
else if(ret < 0)
{
printf("Error attaching to wlan device %08X\n", ret);
do { sceCtrlReadBufferPositive(&pad, 1);
} while (pad.Buttons == 0);
sceKernelExitGame();
}
}
while(scan){
sceCtrlReadBufferPositive(&pad, 1);
pScan = do_scan(&count);
for (x=0;x<count;x++) {
print_apsum(&pScan[x]);
y = y + 30;
}
y = 56;
if(pad.Buttons & PSP_CTRL_CROSS) {
scan = 0;
}
}
const char Capf[20] = "./ptw.cap";
FILE *CapFile = fopen(Capf, "rb");
CheckCapFile(CapFile);
sceKernelDelayThread(100000);
ParsePackets(CapFile);
sceKernelDelayThread(100000);
RecoverWepKEY();
sceKernelDelayThread(100000);
do { sceCtrlReadBufferPositive(&pad, 1);
} while (pad.Buttons == 0);
sceKernelExitGame();
return 0;
}
Your main PRX tries to import the exports of netlib, which it itself will load, so it won't even boot. There are a few ways to work around this, search around the forums.
Oh, and by the way, forget it, there is no way to capture raw packets on the PSP :) And even less possibility to inject anything.
Oh, and by the way, forget it, there is no way to capture raw packets on the PSP :) And even less possibility to inject anything.
Ive manged to make the scanner work
If you want to try it here: http://psp.wijou.com/forum/index.php?showtopic=815
Its part of the aircrack im working on (nothing eccept that scanner in it for now, but it does have a wep crack function but it doesnt work)
If you want to try it here: http://psp.wijou.com/forum/index.php?showtopic=815
Its part of the aircrack im working on (nothing eccept that scanner in it for now, but it does have a wep crack function but it doesnt work)