Threaded Mode | Linear Mode

Super Sheep · 17/10/2008 05:11 PM

5.00 VSH Module Descrambler by Bubbletune & Davee

Readme Wrote:[5.00 VSH Module Descrambler by Bubbletune & Davee]

In 5.00 Sony took a different approach by no longer storing the floats in seperate words, but instead loading them using opcodes. This has made it harder to impossible for theme developers to find these floats, so wee've decided to develop a tool to take it apart, and put it back together.

In order to use this utility, you must descramble the PRX file, and a file containing only the floats in the PRX will be returned. Modify whatever you want there, and then use the application to rescramble it again. All should be pretty straightforward.

Usage (descramble): scramble -d [input module] [output scramble]
Usage (scramble): scramble -s [input scramble] [output/input module]

Enjoy, source is included :-)

Download here. :)

kevinsturf · 17/10/2008 05:20 PM

Hey thanks for this but how do you use it. more info would be nice

Super Sheep · 17/10/2008 05:23 PM

Quote:Usage (descramble): scramble -d [input module] [output scramble]
Usage (scramble): scramble -s [input scramble] [output/input module]

maxexcloo · 17/10/2008 05:57 PM

Thanks for the app :)

Will this help us make 5.00 Themes?

Super Sheep · 17/10/2008 06:03 PM

Yes, assuming you want all the values of vshmain, paf, etc

=P

vinrose67 · 17/10/2008 06:46 PM

how would wee use this?

XanderChaos · 17/10/2008 07:08 PM

-_- Command prompt.

ZiNgA BuRgA · 17/10/2008 07:15 PM

Hmm, so Sony decided to just split up the float into 2 16-bit chunks? Would like to see what they did to the compiler to achieve that :P

Anyways, nice work Super Sheep! :)

Super Sheep · 17/10/2008 07:15 PM

Get a decompressed VSH Module you want to get values out of. Copy it to the same directory of the executable.
Open up command prompt and go to the directory where the executable is.
Then you do this:
'scramble -d [input module] [output scramble]'

type it in without the ' and replace '[input module]' with the name of the module you copied and change '[output scramble]' to whatever you want. (I'd suggest something like "modulename_scramble.bin").

Then you have a file full of floats (32bit). You can hexx the fud out of these but you are constrained. For LUI's you are limited to 0xFFFF in size. For the ORI's you can have upto 0xFFFFFFFF size.

LUI's look like this: 0000hhhh (where 'h' is replaced with hexadecimal characters).

ORI's look like this: hhhhhhhh (where 'h' is replaced with hexadecimal characters).

When you are done hexxing, and want to test you will type:
scramble -s [input scramble] [output/input module]

replace [input scramble] [output/input module] with the scramble and module it came from respectively. The module is now modified with your values.

Super Sheep · 17/10/2008 07:23 PM

ZiNgA BuRgA Wrote:Hmm, so Sony decided to just split up the float into 2 16-bit chunks? Would like to see what they did to the compiler to achieve that :P

Anyways, nice work Super Sheep! :)

Not quite. They changed from storing in words (0xFFFFFFFF) to using opcodes.

for example:
lui 0xABCD

instead of:
0xABCD0000

Wee approached it much differently from theme developers. Wee read through assembly code of the vsh and Bubbletune found the floats.

As for splitting into 2 16-bit chuncks, yes, they did, sometimes.

lui 0xABCD
ori 0xEF12

that is the same as 0xABCDEF12

(lui = Load Upper Immediate, ORI = OR Immediate ( 0xABCD0000 | 0xEF12))

So those which are only lui's cannot pass 0xFFFF in size, or wee would need to add some voodoo haxx to add on ori into the equation.

Threaded Mode \| Linear Mode 5.00 VSH Module Descrambler.
Author	Message