The-Homebrew-Cloud/MochaPayload
2
0
Fork 0
mirror of https://github.com/wiiu-env/MochaPayload.git synced 2024-11-22 16:09:14 +01:00
Code Issues Packages Projects Releases Wiki Activity

Some code cleanup

Browse Source
This commit is contained in:
GaryOderNichts 2021-04-04 23:51:23 +02:00 committed by Maschell
parent 38625d2efe
commit fdbca1098a
6 changed files with 19 additions and 51 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
source/common/ipc_defs.h
View File

@ -222,11 +222,9 @@ typedef struct {
unsigned char unk3[0x12D8 - 0x68]; unsigned char unk3[0x12D8 - 0x68];
} MCPLoadFileRequest; } MCPLoadFileRequest;
#define IPC_CUSTOM_LOG_STRING 0xFF #define IPC_CUSTOM_START_MCP_THREAD 0xFE
#define IPC_CUSTOM_META_XML_SWAP_REQUIRED 0xFE
#define IPC_CUSTOM_MEN_RPX_HOOK_COMPLETED 0xFD #define IPC_CUSTOM_MEN_RPX_HOOK_COMPLETED 0xFD
#define IPC_CUSTOM_LOAD_CUSTOM_RPX 0xFC #define IPC_CUSTOM_LOAD_CUSTOM_RPX 0xFC
#define IPC_CUSTOM_META_XML_READ 0xFB #define IPC_CUSTOM_META_XML_READ 0xFB
#define IPC_CUSTOM_START_MCP_THREAD 0xFA
#define LOAD_FILE_TARGET_SD_CARD 0 #define LOAD_FILE_TARGET_SD_CARD 0

8
source/ios_kernel/source/instant_patches.c
View File

@ -78,11 +78,11 @@ void instant_patches_setup(void) {
// allow any region title launch // allow any region title launch
*(volatile u32 *) (0xE0030498 - 0xE0000000 + 0x12900000) = 0xE3A00000; // mov r0, #0 *(volatile u32 *) (0xE0030498 - 0xE0000000 + 0x12900000) = 0xE3A00000; // mov r0, #0
*(volatile u32 *) (0x050254D6 - 0x05000000 + 0x081C0000) = (volatile u32 *) THUMB_BL(0x050254D6, MCP_LoadFile_patch); *(volatile u32 *) (0x050254D6 - 0x05000000 + 0x081C0000) = THUMB_BL(0x050254D6, MCP_LoadFile_patch);
*(volatile u32 *) (0x05025242 - 0x05000000 + 0x081C0000) = (volatile u32 *) THUMB_BL(0x05025242, MCP_ioctl100_patch); *(volatile u32 *) (0x05025242 - 0x05000000 + 0x081C0000) = THUMB_BL(0x05025242, MCP_ioctl100_patch);
*(volatile u32 *) (0x0501dd78 - 0x05000000 + 0x081C0000) = (volatile u32 *) THUMB_BL(0x0501dd78, MCP_ReadCOSXml_patch); *(volatile u32 *) (0x0501dd78 - 0x05000000 + 0x081C0000) = THUMB_BL(0x0501dd78, MCP_ReadCOSXml_patch);
*(volatile u32 *) (0x051105ce - 0x05000000 + 0x081C0000) = (volatile u32 *) THUMB_BL(0x051105ce, MCP_ReadCOSXml_patch); *(volatile u32 *) (0x051105ce - 0x05000000 + 0x081C0000) = THUMB_BL(0x051105ce, MCP_ReadCOSXml_patch);
// patch default title id to system menu // patch default title id to system menu
*(volatile u32 *) mcp_data_phys(0x050B817C) = *(volatile u32 *) 0x0017FFF0; *(volatile u32 *) mcp_data_phys(0x050B817C) = *(volatile u32 *) 0x0017FFF0;

3
source/ios_mcp/source/fsa.c
View File

@ -57,8 +57,7 @@ int FSA_Unmount(int fd, char *path, u32 flags) {
return ret; return ret;
} }
int FSA_FlushVolume(int fd, char* volume_path) int FSA_FlushVolume(int fd, char* volume_path) {
{
u8* iobuf = allocIobuf(); u8* iobuf = allocIobuf();
u32* inbuf = (u32*)iobuf; u32* inbuf = (u32*)iobuf;
u32* outbuf = (u32*)&iobuf[0x520]; u32* outbuf = (u32*)&iobuf[0x520];

3
source/ios_mcp/source/ipc.c
View File

@ -362,8 +362,7 @@ static int ipc_ioctl(ipcmessage *message) {
message->ioctl.buffer_io[0] = FSA_ChangeMode(fd, path, mode); message->ioctl.buffer_io[0] = FSA_ChangeMode(fd, path, mode);
break; break;
} }
case IOCTL_FSA_FLUSHVOLUME: case IOCTL_FSA_FLUSHVOLUME: {
{
int fd = message->ioctl.buffer_in[0]; int fd = message->ioctl.buffer_in[0];
char *path = ((char *)message->ioctl.buffer_in) + message->ioctl.buffer_in[1]; char *path = ((char *)message->ioctl.buffer_in) + message->ioctl.buffer_in[1];

35
source/ios_mcp/source/mcp_loadfile.c
View File

@ -35,7 +35,6 @@ static bool doWantReplaceRPX = false;
static bool replace_target_device = 0; static bool replace_target_device = 0;
static uint32_t rep_filesize = 0; static uint32_t rep_filesize = 0;
static uint32_t rep_fileoffset = 0; static uint32_t rep_fileoffset = 0;
static uint32_t gbl_counter = 0;
static char rpxpath[256]; static char rpxpath[256];
#define log(fmt, ...) log_printf("%s: " fmt, __FUNCTION__, __VA_ARGS__) #define log(fmt, ...) log_printf("%s: " fmt, __FUNCTION__, __VA_ARGS__)
@ -234,37 +233,11 @@ int _MCP_ioctl100_patch(ipcmessage *msg) {
int command = msg->ioctl.buffer_in[0]; int command = msg->ioctl.buffer_in[0];
switch (command) { switch (command) {
case IPC_CUSTOM_LOG_STRING: {
//DEBUG_FUNCTION_LINE("IPC_CUSTOM_LOG_STRING\n");
if (msg->ioctl.length_in > 4) {
char *str_ptr = (char *) &msg->ioctl.buffer_in[0x04 / 0x04];
str_ptr[msg->ioctl.length_in - 0x04 - 1] = 0;
log_printf("%s", str_ptr);
}
return 1;
}
case IPC_CUSTOM_META_XML_SWAP_REQUIRED: {
//DEBUG_FUNCTION_LINE("IPC_CUSTOM_META_XML_SWAP_REQUIRED\n");
/*if(doWantReplaceXML) {
msg->ioctl.buffer_io[0] = 10;
} else {
msg->ioctl.buffer_io[0] = 11;
}
return 1;*/
}
case IPC_CUSTOM_MEN_RPX_HOOK_COMPLETED: { case IPC_CUSTOM_MEN_RPX_HOOK_COMPLETED: {
DEBUG_FUNCTION_LINE("IPC_CUSTOM_MEN_RPX_HOOK_COMPLETED\n"); DEBUG_FUNCTION_LINE("IPC_CUSTOM_MEN_RPX_HOOK_COMPLETED\n");
skipPPCSetup = true; skipPPCSetup = true;
return 1; break;
} }
/*
case IPC_CUSTOM_GET_AND_INCR_GBL_COUNTER: {
DEBUG_FUNCTION_LINE("IPC_CUSTOM_GET_AND_INCR_GBL_COUNTER\n");
gbl_counter++;
if(msg->ioctl.length_io >= sizeof(ACPMetaXml)) {
return 1;
}*/
case IPC_CUSTOM_META_XML_READ: { case IPC_CUSTOM_META_XML_READ: {
if (msg->ioctl.length_io >= sizeof(ACPMetaXml)) { if (msg->ioctl.length_io >= sizeof(ACPMetaXml)) {
DEBUG_FUNCTION_LINE("IPC_CUSTOM_META_XML_READ\n"); DEBUG_FUNCTION_LINE("IPC_CUSTOM_META_XML_READ\n");
@ -272,7 +245,7 @@ int _MCP_ioctl100_patch(ipcmessage *msg) {
strncpy(app_ptr->longname_en, rpxpath, 256 - 1); strncpy(app_ptr->longname_en, rpxpath, 256 - 1);
strncpy(app_ptr->shortname_en, rpxpath, 256 - 1); strncpy(app_ptr->shortname_en, rpxpath, 256 - 1);
} }
return 1; break;
} }
case IPC_CUSTOM_LOAD_CUSTOM_RPX: { case IPC_CUSTOM_LOAD_CUSTOM_RPX: {
DEBUG_FUNCTION_LINE("IPC_CUSTOM_LOAD_CUSTOM_RPX\n"); DEBUG_FUNCTION_LINE("IPC_CUSTOM_LOAD_CUSTOM_RPX\n");
@ -294,11 +267,11 @@ int _MCP_ioctl100_patch(ipcmessage *msg) {
DEBUG_FUNCTION_LINE("Will load %s for next title from target: %d (offset %d, filesize %d)\n", rpxpath, target, rep_fileoffset, rep_filesize); DEBUG_FUNCTION_LINE("Will load %s for next title from target: %d (offset %d, filesize %d)\n", rpxpath, target, rep_fileoffset, rep_filesize);
} }
return 1; break;
} }
case IPC_CUSTOM_START_MCP_THREAD: { case IPC_CUSTOM_START_MCP_THREAD: {
_startMainThread(); _startMainThread();
return 1; break;
} }
default: { default: {
} }

15
source/main.cpp
View File

@ -3,21 +3,20 @@
#include <string> #include <string>
#include <coreinit/cache.h> #include <coreinit/cache.h>
#include <coreinit/ios.h> #include <coreinit/ios.h>
#include <sysapp/title.h>
#include <whb/log.h>
#include <whb/log_udp.h>
#include "whb/log.h" #include "common/ipc_defs.h"
#include "whb/log_udp.h"
#include "ios_exploit.h" #include "ios_exploit.h"
extern "C" uint64_t _SYSGetSystemApplicationTitleId(int);
int main(int argc, char **argv) { int main(int argc, char **argv) {
WHBLogUdpInit(); WHBLogUdpInit();
WHBLogPrintf("Hello from mocha"); WHBLogPrintf("Hello from mocha");
unsigned long long sysmenuIdUll = _SYSGetSystemApplicationTitleId(0);
uint64_t sysmenuIdUll = _SYSGetSystemApplicationTitleId(SYSTEM_APP_ID_HOME_MENU);
memcpy((void *) 0xF417FFF0, &sysmenuIdUll, 8); memcpy((void *) 0xF417FFF0, &sysmenuIdUll, 8);
DCStoreRange((void *) 0xF417FFF0, 0x8); DCStoreRange((void *) 0xF417FFF0, 0x8);
@ -26,11 +25,11 @@ int main(int argc, char **argv) {
// When the kernel exploit is set up successfully, we signal the ios to move on. // When the kernel exploit is set up successfully, we signal the ios to move on.
int mcpFd = IOS_Open("/dev/mcp", (IOSOpenMode) 0); int mcpFd = IOS_Open("/dev/mcp", (IOSOpenMode) 0);
if (mcpFd >= 0) { if (mcpFd >= 0) {
int in = 0xFD;//IPC_CUSTOM_MEN_RPX_HOOK_COMPLETED; int in = IPC_CUSTOM_MEN_RPX_HOOK_COMPLETED;
int out = 0; int out = 0;
IOS_Ioctl(mcpFd, 100, &in, sizeof(in), &out, sizeof(out)); IOS_Ioctl(mcpFd, 100, &in, sizeof(in), &out, sizeof(out));
in = 0xFA;//IPC_CUSTOM_START_MCP_THREAD; in = IPC_CUSTOM_START_MCP_THREAD;
out = 0; out = 0;
IOS_Ioctl(mcpFd, 100, &in, sizeof(in), &out, sizeof(out)); IOS_Ioctl(mcpFd, 100, &in, sizeof(in), &out, sizeof(out));
IOS_Close(mcpFd); IOS_Close(mcpFd);