4.93 EVILNAT (Cobra 8.5)

PS3 4.93 Evilnat w/ Cobra v8.5 - (CEX/PEX/D-PEX) 4.93

Go to download
Overview Extra info Updates (8) Reviews (4) History Discussion
haxxxen said:
oh, and something about the targetmanager fix for DEX:
you have to change the code for tty write in debug source
Code: 
LV2_SYSCALL(int, ttyWrite, (int channel, const char* message, int length, int* written))
{
f_desc_t f;
f.addr=(void *)sys_tty_write_symbol;
f.toc=(void *)sys_toc_symbol;
int (*func)(int, const char *, int, int *)=(void *)&f;
// func(channel, message, length, written);
debug_print(message, length);
/* if (written)
*written = length; */
return func(channel, message, length, written);
}
I have commented the original code. the sys_toc_symbol and sys_tty_write_symbol have to be defined 64bit, so for 4.21 DEX it would be
Code: 
#define sys_toc_symbol 0x8000000000363E80
#define sys_tty_write_symbol 0x80000000002A4408
this will fix the tm hang and timeout. the tty output is essential in my opinion, cause it prints some extra system debug info

edit
all credits go to habib, who has changed the code for me. I couldn't rest and was very intrusive until he found and gave me the fix
Click to expand...
Thank so much haxxxen! I will add it asap ;)
 
haxxxen said:
oh, and something about the targetmanager fix for DEX:
you have to change the code for tty write in debug source
Code: 
LV2_SYSCALL(int, ttyWrite, (int channel, const char* message, int length, int* written))
{
f_desc_t f;
f.addr=(void *)sys_tty_write_symbol;
f.toc=(void *)sys_toc_symbol;
int (*func)(int, const char *, int, int *)=(void *)&f;
// func(channel, message, length, written);
debug_print(message, length);
/* if (written)
*written = length; */
return func(channel, message, length, written);
}
I have commented the original code. the sys_toc_symbol and sys_tty_write_symbol have to be defined 64bit, so for 4.21 DEX it would be
Code: 
#define sys_toc_symbol 0x8000000000363E80
#define sys_tty_write_symbol 0x80000000002A4408
this will fix the tm hang and timeout. the tty output is essential in my opinion, cause it prints some extra system debug info

edit
all credits go to habib, who has changed the code for me. I couldn't rest and was very intrusive until he found and gave me the fix
Click to expand...
I have made two changes if they seem good to you, I have made use of the MKA macro and sys_tty_write_symbol defined as 32bits, we can use defined TOC macro with this too, I didn't test it yet:
Code: 
#define TOC                  0x3759C0 (already defined in Cobra)
#define sys_tty_write_symbol 0x27550C

// Target Manager fix for DEX (By haxxxen)
LV2_SYSCALL(int, ttyWrite, (int channel, const char* message, int length, int* written))
{
    f_desc_t f;
    f.addr = (void *)MKA(sys_tty_write_symbol);
    f.toc = (void *)MKA(TOC);
    int (*func)(int, const char *, int, int *) = (void *)&f;
    debug_print(message, length);
    //if (written)
    //*written = length;

    return func(channel, message, length, written);
}
 
Hi, I have 2 questions:
1. Should I use additional homebrew tools such as SEN ENABLER or PSN PATCH, etc. for safer PSN login?( Is the option to disable syscalls via WEBMAN MOD or only disable syscalls by CFW tools sufficient/the same as additional homebrews?)
2nd Can I switch from CFW 4.90 [CEX] to 4.90 [PEX] through updates in XMB?
 
Evilnat said:
I have made two changes if they seem good to you, I have made use of the MKA macro and sys_tty_write_symbol defined as 32bits, we can use defined TOC macro with this too, I didn't test it yet:
Click to expand...
I see and have checked now, so this makro translates to 32bit. have to learn much more about coding. nice, will try

edit
tried now, works as expected. thanks :)
 
Last edited:
cha0shacker said:
@Evilnat

Seeing that you still experiment with ps2_netemu, did you ever tried to find the code that is responsible for physical disc loading? I mean since it's based off softemu which had physical disc abilities how far fetched is it that the code is still in there and just deactivated, same for the memory card and usb support?

I had gxemu, softemu and netemu open in a hex comparison this morning and there are snippets of code in gxemu and softemu that are just missing in netemu while others are identical. I used the latest available for comparison (4.90 for all emus but softemu) and also compared them from FW 4.01, since that's the last version with softemu included.
I also noticed how big the changes between the normal 4.90 netemu and the cobra version are. Insane stuff. I used Araxis Merge for a 3-way hex compare on the decrypted elf files.

I sadly don't work with PPC ASM or HEX enough to make sense of it but it should be possible in theory to combine the code in certain places, right?

Also how do you encrypt modified elf files back to selfs? I modified the temperature monitor a bit but can't find out how to encrypt the thing again correctly.

—————————

About the gameboot, are the sparkles only there when the original theme is active? Because i currently use gameboot on but the sparkels aren't shown on mine.
Also maybe a switch to use the original boot animation and / or sound if there is still enough space on dev_flash. I noticed during my experiments that there is less than 2MiB left.
Click to expand...

bump2

Another question in addition to that: How to rename the App Home folder from the default "+ PlayStation 3"?
 
hi guys, so i got a DEX p3 ( been away for like 6 7 years or so, lost access to my old laptop with everything onit and forgot my old logins for certain sites) running on 4.55PSITA, dusting it off so i can hit some bo1 2 and 3 ( 3 will be new to me) zombies.
would this be safe to install over the current FW and then just boot online up? i used to boot up PSITA manager then spoof id then go do what ever on what ever, like is rebug CFW still a thing? what's changed really and is there any important things i should know? would be a great help if someone can lmk or even be an absolute hero and pm me even lol
thanks!
 
oTitY said:
hi guys, so i got a DEX p3 ( been away for like 6 7 years or so, lost access to my old laptop with everything onit and forgot my old logins for certain sites) running on 4.55PSITA, dusting it off so i can hit some bo1 2 and 3 ( 3 will be new to me) zombies.
would this be safe to install over the current FW and then just boot online up? i used to boot up PSITA manager then spoof id then go do what ever on what ever, like is rebug CFW still a thing? what's changed really and is there any important things i should know? would be a great help if someone can lmk or even be an absolute hero and pm me even lol
thanks!
Click to expand...


So you can use EvilNat's CFW to disable syscalls from the XMB. Suggest finding a anti-ban eboot as COD still gets folks banned to this day. BO1 is safe but 2 & 3 still ban folks quite often. Since GTAV is offline it is certainly the main game folks get banned playing. Good idea to not use your main account as it goes across all systems.


Rebug isn't making CFW anymore as there hasn't been a DEX OFW since 4.84 so Nat ported it over for others on 4.89 & 4.90 if you want to stay DEX or just convert back to CEX first.
 
Speaking of disabling the coldboot logo and sound, could we get an option to re-enable for those of us who like that feature?

Also, could we get an option to disable photo editor like ultimate toolbox has?
 
RoboKing's Cosmos said:
@Evilnat can you implement IDPS PSID spoofing for hdd0? to copy over the files on another setting from PSN or perhaps let the user manually put it in hdd0.
Click to expand...
I will do it ;)
goggo1 said:
@Evilnat
could you test the problem with the action replay?
Click to expand...
Do you mean PSX/PS2 Action Replay ISO?
60fpshacksrock said:
Speaking of disabling the coldboot logo and sound, could we get an option to re-enable for those of us who like that feature?

Also, could we get an option to disable photo editor like ultimate toolbox has?
Click to expand...
There is a toggle option in xai_plugin that works with Cobra, you will be able to enable or disable coldboot animation

I will look about disable photo editor
 
cha0shacker said:
@Evilnat

Seeing that you still experiment with ps2_netemu, did you ever tried to find the code that is responsible for physical disc loading? I mean since it's based off softemu which had physical disc abilities how far fetched is it that the code is still in there and just deactivated, same for the memory card and usb support?

I had gxemu, softemu and netemu open in a hex comparison this morning and there are snippets of code in gxemu and softemu that are just missing in netemu while others are identical. I used the latest available for comparison (4.90 for all emus but softemu) and also compared them from FW 4.01, since that's the last version with softemu included.
I also noticed how big the changes between the normal 4.90 netemu and the cobra version are. Insane stuff. I used Araxis Merge for a 3-way hex compare on the decrypted elf files.

I sadly don't work with PPC ASM or HEX enough to make sense of it but it should be possible in theory to combine the code in certain places, right?

Also how do you encrypt modified elf files back to selfs? I modified the temperature monitor a bit but can't find out how to encrypt the thing again correctly.

—————————

About the gameboot, are the sparkles only there when the original theme is active? Because i currently use gameboot on but the sparkels aren't shown on mine.
Also maybe a switch to use the original boot animation and / or sound if there is still enough space on dev_flash. I noticed during my experiments that there is less than 2MiB left.
Click to expand...
Sorry mate I haven't seen your comment until now

My gameboot is the default one, I have not modified it

The problem is that if we can enable disc support on non BC PS3 (I don't know if this is possible yet and maybe it is impossible to do), the game will be laggy or with issues because those PS3 models don't have the necessary hardware to play them

You can encrypt them again with scetool with template:

scetool -t original.self -e decrypted.self output.self

Evilnat said:
---------------------------------------------
Click to expand...

Now ps2_netemu with RSX and CPU temps payload researched by @3141card was added to Cobra, credits to him have been added to the code itself, thank so much for all your work!

For example, the string with the current temperature values can now be configured easily with assembly code. There may be changes in the future

@aldostools I will add all my patches to my Cobra repository when everything is finished and tested

Lr0YJKB.png
 
Last edited:
You must log in or register to reply here.

Similar threads

Back
Top