[HELP] Hooking sctrlSEGetVersion

Zer01ne · Post by **Zer01ne** » Tue Jun 16, 2009 3:59 am

Hello i have a problem with hooking the function sctrlSEGetVersion
This is part of the hooking code :

int sctrlSEGetVersionPatched&#40;int version&#41;
&#123;
	return version;
&#125;

u32 orgaddr&#91;2&#93;;
void &#40;* PatchSyscall&#41;&#40;u32 funcaddr, void *newfunc&#41;;

PatchSyscall = &#40;void *&#41;sctrlHENFindFunction&#40;"SystemControl", "SystemCtrlForKernel", 0x826668E9&#41;;

			if &#40;!PatchSyscall&#41;
			&#123;
				PatchSyscall = &#40;void *&#41;sctrlHENFindFunction&#40;"SystemControl", "SystemCtrlForKernel", 0x02BFCB5F&#41;;

				if &#40;!PatchSyscall&#41;&#123;
					asm&#40;"breakn"&#41;;
					return 1;
				&#125;
			&#125;

			//Get sctrlSEGetVersion
			orgaddr&#91;0&#93;=sctrlHENFindFunction&#40;"SystemControl", "SystemCtrlForKernel", 0xB47C9D77&#41;;
			//Get sctrlSEGetVersion
			orgaddr&#91;1&#93;=sctrlHENFindFunction&#40;"SystemControl", "SystemCtrlForUser", 0xB47C9D77&#41;;

			//Patch sctrlSEGetVersion
			PatchSyscall&#40;orgaddr&#91;0&#93;, sctrlSEGetVersionPatched&#41;;
			//Patch sctrlSEGetVersion
			PatchSyscall&#40;orgaddr&#91;1&#93;, sctrlSEGetVersionPatched&#41;;

			sceKernelDcacheWritebackAll&#40;&#41;;
			sceKernelIcacheClearAll&#40;&#41;;

The probleme is the hook is not exist do you have a solution ?

Sorry for my english

Torch · Post by **Torch** » Tue Jun 16, 2009 11:43 pm

Its not a syscall, it can't be hooked like that. You need to manually patch the original function to jump to your hook function.

Zer01ne · Post by **Zer01ne** » Fri Jun 19, 2009 6:40 am

Torch you have a exemple ? i have tested all code finded on this forum but MAKE_JUMP patchJump and other nothing work !!!

cory1492 · Post by **cory1492** » Fri Jun 19, 2009 9:38 am

Use search?
http://forums.ps2dev.org/viewtopic.php?t=11894

Zer01ne · Post by **Zer01ne** » Fri Jun 19, 2009 10:39 am

I have used search but this is dont work if possible sctrlSEGetVersion i cant be hooked ?

kralyk · Post by **kralyk** » Fri Jun 19, 2009 4:31 pm

I dont think so, I think more likely you made some error.
Does your module export the pathced function? It has to be exported...

cory1492 · Post by **cory1492** » Sat Jun 20, 2009 10:23 am

Anything can be hooked, so long as you have permission for the memory region, you can find the function in memory, and are willing to deal with a little assembly/disassembly when pre-made methods don't work as expected. It's not like the PSP has a secure hypervisor clobbering executeable memory modifications... especially once you get HEN in there.