Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- #define KERN_XFAST_SYSCALL 0x1C0
- #define KERN_PROCESS_ASLR 0x5F824
- #define KERN_PRISON_0 0x111F870
- #define KERN_ROOTVNODE 0x21EFF20
- #define KERN_PTRACE_CHECK 0x41F4E5
- #define KERN_PRINTF 0x0B7A30
- #define KERN_COPYOUT 0x2715B0
- #define KERN_PATCH_HASMSELF 0x8BC90
- #define KERN_PATCH_CANMSELF 0x8BCB0
- //patch memcpy first
- *(uint8_t *)(ptrKernel + 0x2713FD) = 0xEB;
- // patch sceSblACMgrIsAllowedSystemLevelDebugging
- memcpy((void *)(ptrKernel + 0x8BC20), "\x48\xC7\xC0\x01\x00\x00\x00\xC3", 8);
- // patch sceSblACMgrHasMmapSelfCapability
- memcpy((void *)(ptrKernel + 0x8BC90), "\x48\xC7\xC0\x01\x00\x00\x00\xC3", 8);
- // patch sceSblACMgrIsAllowedToMmapSelf
- memcpy((void *)(ptrKernel + 0x8BCB0), "\x48\xC7\xC0\x01\x00\x00\x00\xC3", 8);
- // disable sysdump_perform_dump_on_fatal_trap
- // will continue execution and give more information on crash, such as rip
- *(uint8_t *)(ptrKernel + 0x00767E30) = 0xC3;
- // self patches
- memcpy((void *)(ptrKernel + 0x168051), "\x31\xC0\x90\x90\x90", 5);
- // patch ptrace
- ptrKernel[KERN_PTRACE_CHECK] = 0xEB;
- memcpy((void *)(ptrKernel + 0x41F9D1), "\xE9\x7C\x02\x00\x00", 5);
- // Disable process aslr
- *(uint16_t*)&ptrKernel[KERN_PROCESS_ASLR] = 0x9090;
- // patch kmem_alloc
- *(uint8_t *)(ptrKernel + 0x37BF3C) = VM_PROT_ALL;
- *(uint8_t *)(ptrKernel + 0x37BF44) = VM_PROT_ALL;
- *****ps4debug*****
- // libkernel.sprx
- scePthreadAttrInit = 0x0013660
- scePthreadAttrSetstacksize = 0x00013680
- scePthreadCreate = 0x00013AA0
- thr_initial = 0x8E430
- // libkernel_web.sprx
- scePthreadAttrInit = 0x000087F0
- scePthreadAttrSetstacksize = 0x0001A580
- scePthreadCreate = 0x00204C0
- thr_initial = 0x8E430
- // libkernel_sys.sprx
- scePthreadAttrInit = 0x0014190
- scePthreadAttrSetstacksize = 0x0141B0
- scePthreadCreate = 0x00145D0
- thr_initial = 0x8E830
- //all addresses ported by rfoodxmodz
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
