Al-Azif

Untitled

Sep 29th, 2020 (edited)
1,017
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. // kdslym_addr_aslr_patch
  2. // 4.05: 0x002862D6
  3. // 4.55: 0x001BA559
  4. // 4.74: 0x001BC769
  5. // 5.01: 0x00194765
  6. // 5.03: 0x00194875
  7. // 5.05: 0x00194875
  8. // 5.55: 0x0007A123
  9. // 6.20: 0x0021D745
  10. // 6.72: 0x003CEC8A
  11. // 7.02: 0x000C1F9A
  12.  
  13. bool Utilities::EnableAslr()
  14. {
  15.     if (*(uint16_t *)kdlsym(aslr_patch) != 0x9090 && *(uint8_t *)kdlsym(aslr_patch) != 0xEB)
  16.     {
  17.         WriteLog(LL_Warn, "ASLR already enabled");
  18.         return true;
  19.     }
  20.  
  21.     if ((*(uint16_t *)kdlsym(aslr_patch) == 0x9090 || *(uint8_t *)kdlsym(aslr_patch) == 0xEB) && g_origAslrBytes != 0xFFFF)
  22.     {
  23.         if (!gKernelBase)
  24.         {
  25.             WriteLog(LL_Error, "unable to find kernel base");
  26.             return false;
  27.         }
  28.  
  29.         uint8_t *kmem;
  30.  
  31.         kmem = (uint8_t *)&gKernelBase[kdlsym_addr_aslr_patch];
  32.         kmem[0] = ((uint8_t *)(&g_origAslrBytes))[0]; // Will these be swapped?
  33.         kmem[1] = ((uint8_t *)(&g_origAslrBytes))[1]; // Will these be swapped?
  34.  
  35.         WriteLog(LL_Info, "ASLR Enabled");
  36.         return true;
  37.     }
  38.  
  39.     WriteLog(LL_Error, "unable to enable ASLR");
  40.     return false;
  41. }
  42.  
  43. bool Utilities::DisableAslr()
  44. {
  45.     if (g_origAslrBytes == 0xFFFF)
  46.         g_origAslrBytes = *(uint16_t *)kdlsym(aslr_patch);
  47.  
  48.     if (*(uint16_t *)kdlsym(aslr_patch) != 0x9090 && *(uint8_t *)kdlsym(aslr_patch) != 0xEB)
  49.     {
  50.         if (!gKernelBase)
  51.         {
  52.             WriteLog(LL_Error, "unable to find kernel base");
  53.             return false;
  54.         }
  55.  
  56.         uint8_t *kmem;
  57.  
  58.         kmem = (uint8_t *)&gKernelBase[kdlsym_addr_aslr_patch];
  59.  
  60. #if MIRA_PLATFORM < MIRA_PLATFORM_ORBIS_BSD_600
  61.         kmem[0] = 0x90;
  62.         kmem[1] = 0x90;
  63. #else
  64.         kmem[0] = 0xEB;
  65. #endif
  66.  
  67.         WriteLog(LL_Info, "ASLR Disabled");
  68.         return true;
  69.     }
  70.  
  71.     WriteLog(LL_Error, "unable to disable ASLR");
  72.     return false;
  73. }
  74.  
  75. bool Utilities::ActivateWebBrowser()
  76. {
  77.     auto sceRegMgrGetInt = (uint32_t(*)(uint32_t p_Id, int32_t* p_OutValue))kdlsym(sceRegMgrGetInt);
  78.     auto sceRegMgrSetInt = (uint32_t(*)(uint32_t p_Id, int32_t p_Value))kdlsym(sceRegMgrSetInt);
  79.  
  80.     int32_t rtv;
  81.  
  82.     auto s_Ret = sceRegMgrGetInt(0x3C040000, &rtv);
  83.  
  84.     if (s_Ret != 0)
  85.     {
  86.         WriteLog(LL_Error, "could not get web browser activation status");
  87.         return false;
  88.     } else if (rtv == 0) {
  89.         WriteLog(LL_Info, "web browser already activated");
  90.         return true;
  91.     }
  92.  
  93.     WriteLog(LL_Warn, "activating web browser");
  94.  
  95.     s_Ret = sceRegMgrSetInt(0x3C040000, 0);
  96.  
  97.     if (s_Ret != 0)
  98.     {
  99.         WriteLog(LL_Error, "could not activate web browser");
  100.         return false;
  101.     }
  102.  
  103.     WriteLog(LL_Info, "activated web browser");
  104.     return true;
  105. }
  106.  
  107. void Utilities::SetTargetId(char targetId_input)
  108. {
  109.     if (g_origTargetId == (char)0xFF)
  110.         g_origTargetId = *(char *)kdlsym(target_id);
  111.  
  112.     if (g_origTargetId == targetId_input)
  113.     {
  114.         WriteLog(LL_Error, "Target ID is already %02hhX", targetId_input);
  115.         return;
  116.     }
  117.  
  118.     WriteLog(LL_Warn, "spoofing target ID to %02hhX", targetId_input);
  119.  
  120.     if (!gKernelBase)
  121.     {
  122.         WriteLog(LL_Error, "unable to find kernel base");
  123.         return;
  124.     }
  125.  
  126.     uint8_t *kmem;
  127.  
  128.     kmem = (uint8_t *)&gKernelBase[kdlsym_addr_target_id];
  129.     kmem[0] = targetId_input;
  130.  
  131.     WriteLog(LL_Info, "target ID spoofed to %02hhX", targetId_input);
  132. }
  133.  
  134. bool Utilities::SetFanThreshhold(int fanController_input)
  135. {
  136.     if (fanController_input < 59 || fanController_input > 79)
  137.     {
  138.         WriteLog(LL_Error, "Unsafe fan controller setting: %i°C", fanController_input);
  139.         return false;
  140.     }
  141.  
  142.     auto s_Thread = curthread;
  143.     if (s_Thread == nullptr)
  144.     {
  145.         WriteLog(LL_Error, "could not get current thread.");
  146.         return false;
  147.     }
  148.  
  149.     int fd = kopen_t("/dev/icc_fan", 0x0000, 0, s_Thread); // O_RDONLY
  150.     if (fd <= 0)
  151.     {
  152.         WriteLog(LL_Info, "unable to open \"/dev/icc_fan\"");
  153.         return false;
  154.     }
  155.  
  156.     char data[10] = {0x00, 0x00, 0x00, 0x00, 0x00, (char)fanController_input, 0x00, 0x00, 0x00, 0x00};
  157.     kioctl_t(fd, 0xC01C8F07, data, s_Thread);
  158.     kclose_t(fd, s_Thread);
  159.  
  160.     WriteLog(LL_Info, "Successfully set fan controller to %i°C", fanController_input);
  161.     return true;
  162. }
  163.  
RAW Paste Data