sceNet functions hook

Discuss the development of new homebrew software, tools and libraries.

Moderators: cheriff, TyRaNiD

Post Reply
Ruj89
Posts: 12
Joined: Tue Jun 12, 2007 7:12 am

sceNet functions hook

Post by Ruj89 »

I modified rdriver.prx source from D_A sdk to hook the sceNetInit function, but it's not working... This is my source:

Code: Select all

#include <pspsdk.h>
#include <pspkernel.h>
#include <pspsysmem_kernel.h>
#include <psploadexec_kernel.h>
#include <pspreg.h>
#include <pspctrl.h>
#include <psprtc.h>
#include <pspusb.h>
#include <pspusbstor.h>
#include <psppower.h>
#include <pspnet.h>
#include <pspdisplay.h>
#include <psputility.h>
#include <systemctrl.h>
#include <systemctrl_se.h>
#include <stdio.h>
#include <string.h>

PSP_MODULE_INFO&#40;"rdriver", 0x1007, 1, 0&#41;;

u32 orig_funcs&#91;7&#93;;

int sceNetInitPatched&#40;int unk1,int unk2,int unk3,int unk4,int unk5&#41;&#123;
	SceUID FileToWrite,res;
	int k1 = pspSdkSetK1&#40;0&#41;;

	FileToWrite = sceIoOpen&#40;"ms0&#58;/log.txt", PSP_O_WRONLY | PSP_O_CREAT | PSP_O_APPEND, 0777&#41;;
	sceIoWrite&#40;FileToWrite,"&#91;*&#93; sceNetInit hooked!\n",23&#41;;
   sceIoClose&#40;FileToWrite&#41;;

	sctrlHENPatchSyscall&#40;&#40;u32&#41;sceNetInitPatched,&#40;void *&#41;orig_funcs&#91;6&#93;&#41;;
	res=sceNetInit&#40;unk1,unk2,unk3,unk4,unk5&#41;;
	sctrlHENPatchSyscall&#40;orig_funcs&#91;6&#93;, sceNetInit&#41;;

	pspSdkSetK1&#40;k1&#41;;
	return res;
&#125;


SceUID sceKernelLoadModulePatched&#40;const char *path, int flags, SceKernelLMOption *option&#41;&#123;
	SceUID FileToWrite,res;
   char stringa&#91;32&#93;;
	int k1 = pspSdkSetK1&#40;0&#41;;

   FileToWrite = sceIoOpen&#40;"ms0&#58;/log.txt", PSP_O_WRONLY | PSP_O_CREAT | PSP_O_APPEND, 0777&#41;;
   sceIoWrite&#40;FileToWrite,"&#91;*&#93; System is loading ",22&#41;;
	sceIoWrite&#40;FileToWrite,path,strlen&#40;path&#41;&#41;;
	sceIoWrite&#40;FileToWrite,"\n",1&#41;;
   sceIoClose&#40;FileToWrite&#41;;
	
   if&#40;strcmp&#40;path,"flash0&#58;/kd/pspnet.prx"&#41;&#41;&#123;
		sctrlHENPatchSyscall&#40;&#40;u32&#41;sceKernelLoadModulePatched,&#40;void *&#41;orig_funcs&#91;2&#93;&#41;;
		res=sceKernelLoadModule&#40;path,flags,option&#41;;
		sctrlHENPatchSyscall&#40;orig_funcs&#91;2&#93;, sceKernelLoadModulePatched&#41;;
	&#125;else res=66061197;

	FileToWrite = sceIoOpen&#40;"ms0&#58;/log.txt", PSP_O_WRONLY | PSP_O_CREAT | PSP_O_APPEND, 0777&#41;;
   sprintf&#40;stringa,"%d",res&#41;;
	sceIoWrite&#40;FileToWrite,stringa,strlen&#40;stringa&#41;&#41;;
   sceIoWrite&#40;FileToWrite,"\n",1&#41;;
    sceIoClose&#40;FileToWrite&#41;;

	pspSdkSetK1&#40;k1&#41;;
	return res;
&#125;

int sceKernelStartModulePatched&#40;SceUID modid, SceSize argsize, void *argp, int *status, SceKernelSMOption *option&#41;&#123;
	int res,FileToWrite;
	int k1 = pspSdkSetK1&#40;0&#41;;
        char stringa&#91;32&#93;;
        
        FileToWrite = sceIoOpen&#40;"ms0&#58;/log.txt", PSP_O_WRONLY | PSP_O_CREAT | PSP_O_APPEND, 0777&#41;;
	sceIoWrite&#40;FileToWrite,"&#91;*&#93; Starting a module\n",22&#41;;
        sceIoClose&#40;FileToWrite&#41;;

	if&#40;modid!=66061197&#41;&#123;
		sctrlHENPatchSyscall&#40;&#40;u32&#41;sceKernelStartModulePatched,&#40;void *&#41;orig_funcs&#91;5&#93;&#41;;
		res=sceKernelStartModule&#40;modid,argsize,argp,status,option&#41;;
		sctrlHENPatchSyscall&#40;orig_funcs&#91;5&#93;, sceKernelStartModulePatched&#41;;

	&#125; else res=66061197;

	FileToWrite = sceIoOpen&#40;"ms0&#58;/log.txt", PSP_O_WRONLY | PSP_O_CREAT | PSP_O_APPEND, 0777&#41;;
        sprintf&#40;stringa,"%d",res&#41;;
	sceIoWrite&#40;FileToWrite,stringa,strlen&#40;stringa&#41;&#41;;
        sceIoWrite&#40;FileToWrite,"\n",1&#41;;
        sceIoClose&#40;FileToWrite&#41;;

	pspSdkSetK1&#40;k1&#41;;
 	return res;
&#125;

int RestoreExitGame&#40;&#41;
&#123;
	int k1 = pspSdkSetK1&#40;0&#41;;

	sctrlHENPatchSyscall&#40;&#40;u32&#41;sceKernelLoadModulePatched,&#40;void *&#41;orig_funcs&#91;2&#93;&#41;;
	sctrlHENPatchSyscall&#40;&#40;u32&#41;sceKernelStartModulePatched,&#40;void *&#41;orig_funcs&#91;5&#93;&#41;;

	pspSdkSetK1&#40;k1&#41;;
	return 0;
&#125;

void SetConfFile&#40;int n&#41;
&#123;
	int k1 = pspSdkSetK1&#40;0&#41;;
	sctrlSESetBootConfFileIndex&#40;n&#41;;
	pspSdkSetK1&#40;k1&#41;;
&#125;

void SetUmdFile&#40;char *umdfile&#41;
&#123;
	int k1 = pspSdkSetK1&#40;0&#41;;
	sctrlSESetUmdFile&#40;umdfile&#41;;
	pspSdkSetK1&#40;k1&#41;;
&#125;


int module_start&#40;SceSize args, void *argp&#41;&#123;
	SceUID fd = sceIoOpen&#40;"ms0&#58;/PSP/GAME4XX/bootload/rdriver.prx", PSP_O_RDONLY, 0&#41;;

	if &#40;fd < 0&#41;
	&#123;
		return 0;
	&#125;


	int size = sceIoLseek&#40;fd, 0, PSP_SEEK_END&#41;;
	sceIoLseek&#40;fd, 0, PSP_SEEK_SET&#41;;

	SceUID pid = sceKernelAllocPartitionMemory&#40;PSP_MEMORY_PARTITION_KERNEL, "", PSP_SMEM_Low, size, NULL&#41;;
	if &#40;pid < 0&#41; return 0;
	sceIoRead&#40;fd, sceKernelGetBlockHeadAddr&#40;pid&#41;, size&#41;;
	
	sctrlHENLoadModuleOnReboot&#40;"/kd/usersystemlib.prx", sceKernelGetBlockHeadAddr&#40;pid&#41;, size, BOOTLOAD_GAME | BOOTLOAD_POPS | BOOTLOAD_UMDEMU&#41;;

	sceUtilityLoadModule&#40;256&#41;;

	orig_funcs&#91;2&#93; = sctrlHENFindFunction&#40;"sceModuleManager", "ModuleMgrForUser", 0x977DE386&#41;; //sceKernelLoadModule
	orig_funcs&#91;5&#93; = sctrlHENFindFunction&#40;"sceModuleManager", "ModuleMgrForUser", 0x50F0C1EC&#41;; //sceKernelStartModule
	orig_funcs&#91;6&#93; = sctrlHENFindFunction&#40;"sceNet_Library", "sceNet", 0x39AF39A6&#41;; //sceNetInit

        sctrlHENPatchSyscall&#40;orig_funcs&#91;2&#93;, sceKernelLoadModulePatched&#41;; // sceKernelLoadModulePatched
	sctrlHENPatchSyscall&#40;orig_funcs&#91;5&#93;, sceKernelStartModulePatched&#41;; //sceKernelStartModulePatched
	sctrlHENPatchSyscall&#40;orig_funcs&#91;6&#93;, sceNetInitPatched&#41;; //sceNetInitPatched

	sceKernelDcacheWritebackAll&#40;&#41;;
	sceKernelIcacheClearAll&#40;&#41;;

	return 0;
&#125;
The program loads the pspnet.prx module, patches the net syscall and the loadmodule (so the target homebrew won't load the pspnet prx again). Where's the error?
Last edited by Ruj89 on Mon Sep 29, 2008 7:20 am, edited 2 times in total.
Top
Ruj89
Posts: 12
Joined: Tue Jun 12, 2007 7:12 am

Re: sceNet functions hook

Post by Ruj89 »

[DELETED]
Top
moonlight
Posts: 567
Joined: Wed Oct 26, 2005 7:46 pm

Post by moonlight »

There is a problem: net api is not kernel mode, so, they are no syscalls, they are pure jumps from user to user.
Top
Ruj89
Posts: 12
Joined: Tue Jun 12, 2007 7:12 am

Post by Ruj89 »

Thank you moonlight! So I have to develop a parallel module and, hooking the loadmodules functions, replace the prx... is there a faster way to change a function user2user?
Top
Ruj89
Posts: 12
Joined: Tue Jun 12, 2007 7:12 am

Post by Ruj89 »

If it exists, could you indicate me an example on how to hook the functions of a user module? Or just tell me if there is a source of a program that do that.
Top
Post Reply

Return to “PSP Development”