Time to call some BS out

Discussion in 'Site Discussions & Suggestions' started by Joel16, Aug 9, 2016.

Thread Status:
Not open for further replies.
  1. Joel16
    OP

    Joel16 Ils ne passeront pas

    Member
    444
    848
    May 8, 2011
    United States
    Doesn't concern you.
    I've been lurking in GBATemp for a while now, and I've noticed this one user who goes around making claims about 'dumping bootroms' and mentioning 'twl menus' and what not. Basically all this guy has been saying is a bunch of bullshit. I mean take a look at his github. His commits are a bunch of crap. If you have a look at his forks any developer would notice that all he's basically doing is deleting a bunch of code and making string changes or very minimal code changes that basically doesn't change anything. What I'd think is, he's probably doing this to add more to his github activity? I don't know. I hate how he's making claims that every other well known developer has denied possibility of said exploit or whatever.

    I'm probably going to get hate for calling him out but here goes. @olec04 why don't you explain just how you manage to 'dump bootroms' and how you're 'getting into this twl shit'. I don't have anything against you but I'm sick of seeing people like you get other user's hopes up when you can barely code and make baseless claims without proof. This is the reason I'm calling you out. Having reverse engineered certain prx modules for the PSP, I highly doubt you can reverse engineering anything yet alone code kernel level programs.
     
    Last edited by Joel16, Aug 9, 2016
    Slattz, Wolfvak, VinsCool and 4 others like this.
  2. olec04

    olec04 Working on Project Heaven!

    Banned
    851
    142
    Apr 10, 2015
    United States
    Trying to downgrade on 11.0 via AM services
    Ikr that guys sucks BTW TwlMenu exists in the dsi SDK and the bootrom dumping method im gonna use is documented on 3dbrew
    My github truely does suck.
    ARM9's and ARM11's exception vectors are hardcoded to point at the CPU's internal memory (0x08000000 region for ARM9, AXIWRAM for ARM11). While the bootrom does set them up to point to an endless loop at some point during boot, it does not do so immediately. As such, a carefully-timed fault injection (via hardware) to trigger an exception (such as an invalid instruction) will cause execution to fall into ARM9 RAM.

    Since RAM isn't cleared on boot (see below), one can immediately start execution of their own code here to dump bootrom, OTP, etc. The ARM9 bootrom does the following at reset: reset vector branches to another instruction, then branches to bootrom+0x8000. Hence, there's no way to know for certain when exactly the ARM9 exception-vector data stored in memory gets initialized.
     
  3. BORTZ

    BORTZ "Another stunning Van Gogh"

    Supervisor
    11,536
    14,040
    Dec 2, 2007
    United States
    Pittsburgh
    lol
     
    Jacklack3, zoogie, olec04 and 5 others like this.
Thread Status:
Not open for further replies.