Post Reply 
5.00 VSH Module Descrambler.
Author Message
Maxime
Able One

Posts: 65.1106
Threads: 3
Joined: 13th Apr 2007
Reputation: 0.76198
E-Pigs: 2.0199
Offline
Post: #11
RE: 5.00 VSH Module Descrambler.
Here's a ZIP with BAT files ;)


Attached File(s)
.zip  scramble.zip (Size: 126.03 KB / Downloads: 1432)
17/10/2008 07:25 PM
Find all posts by this user Quote this message in a reply
ZiNgA BuRgA
Smart Alternative

Posts: 17,022.2988
Threads: 1,174
Joined: 19th Jan 2007
Reputation: -1.71391
E-Pigs: 446.1294
Offline
Post: #12
RE: 5.00 VSH Module Descrambler.
Super Sheep Wrote:
ZiNgA BuRgA Wrote:Hmm, so Sony decided to just split up the float into 2 16-bit chunks?  Would like to see what they did to the compiler to achieve that :P

Anyways, nice work Super Sheep! :)

Not quite. They changed from storing in words (0xFFFFFFFF) to using opcodes.

for example:
lui 0xABCD

instead of:
0xABCD0000

Wee approached it much differently from theme developers. Wee read through assembly code of the vsh and Bubbletune found the floats.

As for splitting into 2 16-bit chuncks, yes, they did, sometimes.

lui 0xABCD
ori 0xEF12

that is the same as 0xABCDEF12

(lui = Load Upper Immediate, ORI = OR Immediate ( 0xABCD0000 | 0xEF12))

So those which are only lui's cannot pass 0xFFFF in size, or wee would need to add some voodoo haxx to add on ori into the equation.
Oh okay - I only just took a quick look at your source.
The problem with loading upper immediates would be that you can't really determine if something's been loaded before that.  Checking immediates gets hard coded values, but with code execution, anything could really happen...

Probably impossible to get the lower 16 bits without writing some hell complex algorithm (which probably still won't work most of the time).  Only real way would be to disassemble in each case.
But still, nice work you guys did :)
17/10/2008 07:34 PM
Visit this user's website Find all posts by this user Quote this message in a reply
vinrose67
GAS

Posts: 1,183.3075
Threads: 97
Joined: 16th Jul 2007
Reputation: -2.06849
E-Pigs: 54.2375
Offline
Post: #13
RE: 5.00 VSH Module Descrambler.
Super Sheep Wrote:Get a decompressed VSH Module you want to get values out of. Copy it to the same directory of the executable.
Open up command prompt and go to the directory where the executable is.
Then you do this:
'scramble -d [input module] [output scramble]'

type it in without the ' and replace '[input module]' with the name of the module you copied and change '[output scramble]' to whatever you want. (I'd suggest something like "modulename_scramble.bin").

Then you have a file full of floats (32bit). You can hexx the fud out of these but you are constrained. For LUI's you are limited to 0xFFFF in size. For the ORI's you can have upto 0xFFFFFFFF size.

LUI's look like this: 0000hhhh (where 'h' is replaced with hexadecimal characters).

ORI's look like this: hhhhhhhh (where 'h' is replaced with hexadecimal characters).

When you are done hexxing, and want to test you will type:
scramble -s [input scramble] [output/input module]

replace [input scramble] [output/input module] with the scramble and module it came from respectively. The module is now modified with your values.
nice I'll try! hope for a nicer gui for this.

vinrose67 Signature

[Image: PSPAddictSignature.png]
(This post was last modified: 17/10/2008 07:47 PM by vinrose67.)
17/10/2008 07:46 PM
Visit this user's website Find all posts by this user Quote this message in a reply
xopher
Able One

Posts: 123.3687
Threads: 14
Joined: 29th Sep 2007
Reputation: 4.14684
E-Pigs: 15.1556
Offline
Post: #14
RE: 5.00 VSH Module Descrambler.
Is there any benefit to this change of method/format or is it just a new attempt at obscurity? Do they have an office pool after implementing these things to see how long it takes to get dissected? Also, thanks for the app.
17/10/2008 07:49 PM
Find all posts by this user Quote this message in a reply
ZiNgA BuRgA
Smart Alternative

Posts: 17,022.2988
Threads: 1,174
Joined: 19th Jan 2007
Reputation: -1.71391
E-Pigs: 446.1294
Offline
Post: #15
RE: 5.00 VSH Module Descrambler.
xopher Wrote:Is there any benefit to this change of method/format or is it just a new attempt at obscurity? Do they have an office pool after implementing these things to see how long it takes to get dissected? Also, thanks for the app.
I don't know the MIPS architecture, but it's most likely just obscurity.  In fact, it means two operations need to be performed to load a float (I think, previously, was just one operation, but again, I don't know the MIPS architecture).
17/10/2008 07:53 PM
Visit this user's website Find all posts by this user Quote this message in a reply
SchmilK
Noob

Posts: 4,698.2833
Threads: 359
Joined: 16th Apr 2007
Reputation: 0.38918
E-Pigs: 82.0546
Offline
Post: #16
RE: 5.00 VSH Module Descrambler.
You guys rocked the house on this one :)  

Thank you!

limneosgreen Wrote:Take my advice, don't try to install custom themes ... it's possible to brick ur psp.. why just don't change wallpaper
17/10/2008 07:57 PM
Find all posts by this user Quote this message in a reply
XanderChaos
Paradigmatic Entity

Posts: 203.2001
Threads: 18
Joined: 15th Sep 2007
Reputation: 1.88741
E-Pigs: 17.3934
Offline
Post: #17
RE: 5.00 VSH Module Descrambler.
I'm working on a GUI for this.

17/10/2008 08:19 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Jomann
Chibi :3

Posts: 558.1177
Threads: 103
Joined: 15th Jul 2007
Reputation: 1.88741
E-Pigs: 25.8968
Offline
Post: #18
RE: 5.00 VSH Module Descrambler.
OMG OMG OMG PSP 5.00!






buy a laptop, get a hobby, DO SOMETHING WITH YOUR LIFE.








no but really, this is awesome. ;)

[Image: Endless_paradigm_01.png]
17/10/2008 10:08 PM
Find all posts by this user Quote this message in a reply
XanderChaos
Paradigmatic Entity

Posts: 203.2001
Threads: 18
Joined: 15th Sep 2007
Reputation: 1.88741
E-Pigs: 17.3934
Offline
Post: #19
RE: 5.00 VSH Module Descrambler.
I threw together a very simple GUI for descrambling the PRXs. You can download it here.

17/10/2008 10:44 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Mc Cabe
Storm Trooper

Posts: 1,218.1771
Threads: 177
Joined: 14th Aug 2007
Reputation: 1.43435
E-Pigs: 38.5281
Offline
Post: #20
RE: 5.00 VSH Module Descrambler.
wow!!!!!11111 just tried this! awesome work! :D

umm?
17/10/2008 11:40 PM
Visit this user's website Find all posts by this user Quote this message in a reply
Post Reply 


Forum Jump:


User(s) browsing this thread: 2 Guest(s)

 Quick Theme: