Gaming KH BBS UPDATES

[neriphis]

sry this might be considered spam but you realize the plug-ins arent just source code, it has a compiled prxs in it.


the person making the patch is not done and the source code is so we can work on it to. if you know what your doing try working on it

 

[SoraRikuKairi]

actually this is not by me and i have no idea what patching is about, if i have new updates i will post them

 

[neriphis]

the rumor that the plug-in corrupts the iso is false. it has not been tested with the original eboot.

 

[Zeroneo]

the rumor that the plug-in corrupts the iso is false. it has not been tested with the original eboot.

If people cared to read the README.txt file they would know that the file is a source code incase anyone would want to develop a plugin for the game. It's not to be added to the ISO file in no way.

 

[neriphis]

sry this might be considered spam but you realize the plug-ins arent just source code, it has a compiled prxs in it.


the person making the patch is not done and the source code is so we can work on it to. if you know what your doing try working on it

i know that. mentioned it in an earlier post. i just wanted to see if i could get anywhere at all by running it. and yes i know arguing is spam.

 

[SoraX]

I made a video showing the 3 red screens on a Slim PSP (2000) in 5.50 GEN-D3. http://www.youtube.com/watch?v=WaDDkr40mdw

Not too much of an update, but if someone hasn't tried out the patches themselves, this'll help them.

 

[qaz015393]

yes finally some useful information thanks for all of it. the psp site im on doesnt even have this. im gona check back 2mor for more info. thanks alot

can some1 make a zip containg the Eboot.bin because i cant download it.

 

[Fluto]

why

one of the patcher maker is announcing in a shout box

someone says he can go to the blue screen! wait for more news

a USER NAME called CROSSPC got it to the menu screen he's going to upload now

 

[Fluto]

a type of patch is going to be released soon to go to the menu screen but then it freezes

 

[dgwillia]

I heard (Dont quote or flame me), that some Hackers managed to get the game running for "A few minutes", if its true, its pretty good progress.

 

[djricekcn]

I heard (Dont quote or flame me), that some Hackers managed to get the game running for "A few minutes", if its true, its pretty good progress.

from what I heard, it's not true at all and it's "fishing"

 

[Okami Wolfen]

Has anyone tried running it on an emulator and then looking at the debug info?

(I'm guessing you HAVE, but just curious...)

 

[djricekcn]

Don't take this the wrong way, but if you're not one of the hackers and you think you came up with a solution / help to a solution it is 99.99% chance that they already done it / thought about it. again, not dispecting you or anything, just giving my opinion

 

[Okami Wolfen]

I kinda guessed that you had tried it. I'd ask what the results were, but more than likely I wouldn't be able to understand it.

 

[Fluto]

to Blue Screen?

First, thx to crosspc for the files. After I gotten his files, I did few tests on the plugin with customized eboot.bin.

But still, I couldn't bypassed the security after the blue screen came up. It looks like there is a different between Firmware 5.50 and 6.20 save data.prx. The encryption are different as you can see the image below.

STEPS:
- Replace this Eboot.bin with your current one.
- Place the savedata to your save directory

Setting PSP:
PHAT PSP CFW 5.50 GEN-D3
CPU-Clock Speed: Default
ISO driver: M33
Plugins: Enable

Here is the patch : ( Again, this is only bypassed up to the Blue screen)
http://www.megaupload.com/?d=L0U4RO55

some people say don't work

 

[markdgx]

Tested, doesn't work.
Still stucks after the 2nd screen.

 

[mcboom]

Found this at some website

As I find information about the eboot I'll post it here and hopefully can help others figure out things too.

The first piracy check has already been bypassed in the first hacked eboot, here's the difference:

original:
880de80: 10800010 beqz a0,0x880dec4
880def4: 27bdf7e0 addiu sp,sp,-2080
880def8: afb00800 sw s0,2048(sp)

patch:
880de80: 10000010 b 0x880dec4
880def4: 03e00008 jr ra
880def8: 24020001 li v0,1


If there is indeed a save piracy check then this information could be useful:
Main save function is at 8ac85e4. Along that function a few calls to recognizable strings can be found.

I'm posting the disassembly from both of the disassemblers that I am using. The first is psp-objdump the second is IDAPro. The word in quotes is the string being called.

QUOTE8ac8668: 24a580a0 addiu a1,a1,-32608
.text:08AC8688 la $a0, aFatms0_0 # "fatms0:"

8ac86e0: 2484fff0 addiu a0,a0,-16
.text:08AC86E0 la $a0, aMs0Psp # "ms0:/PSP"

8ac86f4: 2484ffb0 addiu a0,a0,-80
.text:08AC86F4 la $a0, aMs0PspSaveda_1 # "ms0:/PSP/SAVEDATA"

8ac8188: 3c0508b5 lui a1,0x8b5
.text:08AC8188 la $a1, aMs0PspSaveda_1 # "ms0:/PSP/SAVEDATA"

8ac8758: 2484ffc4 addiu a0,a0,-60
.text:08AC8758 la $a0, aFatms0_0 # "fatms0:"

I also theorize that the main piracy check function might be at or near 8A7D604. It looks like 8A7D7BC will continuously loop back to the function that starts there.

Calls at these addresses looks suspicious to me:
08A7D69C
08A7D7CC

 

[Excellentnuke]

Found this at some website

That website is already the website that we're using to share information.

 

[SoraX]

That blue screen tutorial doesn't work, stuck after the second screen when it checks the saved data.

 

[Blazekid3]

That blue screen tutorial doesn't work, stuck after the second screen when it checks the saved data.

yeah me too i am using GEN D (full)