Install a bootstrap and return to application... how?

[darkness]

Ok, all resolved!
I'm not using esported functions!
Now I've built a prx that load the executables in a determinate mode, all passed with arg!
Thanks very much for all!
Oh, excuse for my very bad english, but while writing my problem I learn english! ;)

[darkness]

Pirata Nervo, (maybe) I've a solution for you!
I've passed 4 args to prx and for that I've used only a string!
Use strtok to divide the string!
This is a example:

Code: Select all

char* arguments = (char*)malloc( strlen(path) + strlen(target) +1);
sprintf("%s{%s", path, target);
sceKernelStartModule(mod, strlen(arguments), arguments, NULL, NULL);

And in the prx use strtok to divide the string on '{';
The only problem that I've encoured is that you cannot (I think) pass a very long string, but is only a possible problem of one of my function not a limitation of LoadModule funct!

[Pirata Nervo]

lol I knew How to pass the arguments but it's easier for me to add just a new line to my writeFile function instead of adding a new value to a for loop, creating a new string, etc :P

Thanks anyway.
About the size of the string, you can have a very long string as long as you allocate it :)

[darkness]

Thanks!
Now, a new problem, how to load a kernel mode pbp?

[Pirata Nervo]

you can't load kernel mode pbp's unless you have 1.50 kernel addon installed on your psp.
THat's why we use exports :P

[darkness]

If I use that function exported I can load kernel mode pbp's?

[Pirata Nervo]

no.
exports are made to don't use kernel mode pbp's and use kernel mode functions exported from kernel prx

[darkness]

And then? How Irshell launch kernel pbp?

[Pirata Nervo]

I am not ahman(ask him) but I know it is not that way :)

[darkness]

Ok, but there's no one function to load kernel pbp's? Whit loadexec I cannot load a kernel pbp?

[Pirata Nervo]

nop otherwise dont you think we could run kernel pbp from vsh?

[darkness]

What it means "nop"? ( I've think to asm code but I think is not true! )

[Pirata Nervo]

nop means no lol
and is also an instruction in asm

[darkness]

?? Assemly nop is not = no operation ?
However I haven't understand your post, we can or not run kernel pbp's with loadexec!

[Pirata Nervo]

nop can mean NO in english
in assembly means No Operation

[darkness]

Ok ok, thanks! I'll search around for a solution! ( If IrShell can do that it is possible )!

[hlide]

nop can mean NO in english

shouldn't it be "nope" ? because we don't speech "nop" and "nope" the same way : "nop" probably as in "top", "nope" probably as in "slope"

[Pirata Nervo]

lol maybe but as always wrote nop lol

[ldqmoon]

I tried the follow code , it's ok.

Code: Select all

int main_thread(SceSize args, void *argp)
{
	sceKernelDelayThread(10*100000);

	// Hook exit game function
	SceModule *mod;
	mod = sceKernelFindModuleByName("sceLoadExec");
	if(mod) apiHookByName(mod->modid, "LoadExecForUser","sceKernelExitGame", exit_to_mypspmenu);

	sceKernelExitDeleteThread(0);
	return 0;

}

but when I change the code to :

Code: Select all

int main_thread(SceSize args, void *argp)

{
	// Hook exit game function
   sceKernelDelayThread(10*100000);

	SceModule *mod;
	mod = sceKernelFindModuleByName("sceController_Service");
	if(mod){
         apiHookByName(mod->modid, "sceCtrl","sceCtrlReadBufferPositive", sceCtrlReadBufferPositiveFake);
        }
	sceKernelExitDeleteThread(0);
	return 0;

}
int sceCtrlReadBufferPositiveFake(SceCtrlData *pad_data, int count)

{

    return 0;     // return 0, do nothing when key pressed.

}

it won't work.

I want to hook the controller function. but It seems not work. i don't know why.

[darkness]

Try to use this funct:
( Are you sure about sceController_Service? Where I can fine the name of all the modules? )

Code: Select all

u32 orig_funcs;

int FunctPatched(void)
{
    return 0;
}

orig_funcs = sctrlHENFindFunction("sceController_Service", "sceCtrl", 0x1F803938);

sctrlHENPatchSyscall(orig_funcs, FunctPatched);

[Pirata Nervo]

yes sceController_Service exists.
you can check the libraries names here http://silverspring.lan.st
NID: 0x1F803938

@ldqmoon, your "fake" function only returns 0. it does nothing.

[Super Sheep]

@ldqmoon

Use the functions from the M33 SDK.

Code: Select all

	int sceCtrlReadBufferPositivePatched(SceCtrlData* pad, int count)
	{
		//code
	}
	
	u32 OriginalFunction;

	OriginalFunction = FindProc("sceController_Service", "sceCtrl_driver", 0x1F803938);

	sctrlHENPatchSyscall(OriginalFunction, sceCtrlReadBufferPositivePatched);

[darkness]

Yes, I've know a way to get the NID of a funct.
Thanks Pirata Nervo!
Super Sheep, your funct is the same as my...

[Super Sheep]

No it's not. My function can actually do something. Yours will constantly return 0. So the PSP will detect no buttons pressed. However i guess you're right since thats what he wants to do for some reason =/

[darkness]

Oh, yes, my PatchedFunct is only a sample, the function has to be changed as yours, but you have specified the correctly arg!