Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- # BD Region C (RUS/IND/CHN)
- # Patches marked with (*1) seem to be unstable. Thanks to drizztbsd and
- # RandomUse.
- # PL3:
- ef48: payload.bin # this is not neccesary,
- # just the first QWORD of the payload
- # Change region to US... Thanks ps3mrenigma
- # Syscall preamble
- F380: F821FF51 # stdu %sp, -0xB0(%sp)
- F384: 7C0802A6 # mflr %r0
- F388: FBC100A0 # std %r30, 0xA0(%sp)
- F38C: FBE100A8 # std %r31, 0xA8(%sp)
- F390: FBA10098 # std %r29, 0×98(%sp)
- F394: F80100C0 # std %r0, 0xC0(%sp)
- # capture 0x19004 if not jump to original syscall
- F398: 3FE00001 # lis %r31, 1
- F39C: 63FF9004 # ori %r31, %r31, 0×9004
- F3A0: 7C1F1800 # cmpw %r31, %r3
- F3A4: 4082003C # bne _orig_syscall
- # Force Russia - Retail
- F3A8: 3BC0008C # li %r30, 0×8C
- F3AC: 3BA00001 # li %r29, 1
- F3B0: 9BA40001 # stb %r29, 1(%r4)
- F3B4: 9BC40003 # stb %r30, 3(%r4)
- F3B8: 9BA40005 # stb %r29, 5(%r4)
- F3BC: 9BA40007 # stb %r29, 7(%r4)
- F3C0: 38600000 # li %r3, 0
- # Restore STACK
- F3C4: E80100C0 # ld %r0, 0xC0(%sp)
- F3C8: EBA10098 # ld %r29, 0×98(%sp)
- F3CC: EBE100A8 # ld %r31, 0xA8(%sp)
- F3D0: EBC100A0 # ld %r30, 0xA0(%sp)
- F3D4: 7C0803A6 # mtlr %r0
- F3D8: 382100B0 # addi %sp, %sp, 0xB0
- F3DC: 4E800020 # blr
- F3E0: 4823ED28 # b syscall0x363
- 31EB1C: 0000F380 #syscall 0x363 descriptor
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement