Sponsored Links

Sponsored Links

RemoteSystem SPRX PS3 Plug-In by TheRifBoy for PS3 / PC Connections


Sponsored Links
15w ago - Following up on the recent PS3 XMB Blitting updates by 3141card, today PlayStation 3 developer therifboy has made available a RemoteSystem SPRX PS3 Plug-In for PS3 / PC connections with details below.

Download: [Register or Login to view links] / [Register or Login to view links] / [Register or Login to view links]

To quote: I've been working on this for 3 weeks now.

It allows you a fast connection between ps3 and pc to make function calls and syscalls and some other stuff. It will come in handy for for people who are reversing vsh and quickly want to call a function.

The download contains a .sprx, a C++ dll. a C# dll and I've included a C# library with some examples to understand how it works.

Credits to deank and 3141card

-therifboy

From the included ReadMe file: Load RemoteSystem.sprx on your ps3 using PRX Loader. Add RSYS_Net.dll as reference to your project and add RSYSLib.cs

Understanding this file is needed if you want to use the functions RSYSSyscall and RSYSCall. Both functions have String format as one of the arguments. This is needed if I want to use __arglist (equivalent to ellipsis (const char* format, ...).

I'll explain this with an example:

This syscall takes 2 arguments. First one is an int and second one is a output byte array.. our format string would look like this:

This is then how you'd call the function.


The variable out_buffer will contain what the syscall returned.

Float types and integer types are swapped to big endian if the byte order of the host is little endian. When passing arrays, each element must be reversed if the byte order is little endian. RSYSLib contains some functions for fast conversion from little endian to big endian but it is up to the user to use them.

The difference between pointer 'p' and const pointer 'c' is that when using 'c' your variable won't get modified.




Stay tuned for more PS3 Hacks and PS3 CFW news, follow us on Twitter and be sure to drop by the PS3 Hacks and PS3 Custom Firmware Forums for the latest PlayStation 3 scene updates and homebrew releases!

Comments 21 Comments - Go to Forum Thread »

• Please Register at PS3News.com or Login to make comments on Site News articles. Thanks!

tastyratz's Avatar
#21 - tastyratz - 32w ago
I just wanted to mention that using this tool on a 64-bit windows 7 install it will not see my hdd unless I open CMD as administrator, looks like it requires elevated privileges.

For anyone running into frustrations that was the ticket for me. I am going to reach out to aldo and fill him in because his tool requires elevation and it won't stack elevation for the ps3 exe so it won't work for me.

PS3 News's Avatar
#20 - PS3 News - 35w ago
Following up on his previous updates, PlayStation 3 developer 3141card has shared a PS3 XMB Blitting POC Plugin alongside a demo video of it in action below.

Download: [Register or Login to view links] / [Register or Login to view links] / [Register or Login to view links] / [Register or Login to view links] / [Register or Login to view links] (Mirror)

To quote: I found a way for blitting information on the XMB screen, it is not perfect atm and work only in main XMB, not ingame. I found some bitmap-data in main ram, and poke other RGBA values on this place.

I make a simple framebuffer, print text in him and poke him on the screen. The example have only a blue background and white text, but more complex things are possible, inclusive nice interactive GUIs.







Here is the sprx+source, it is very simple, not perfect only a quickly written test app... I test it only on rebug 4.46, after booting hold R2 and press Start, it will only work after bootup!!! Not after leaving a Game or App.

Copy PIC1.PNG from download (blitting_xmb_test_PIC1_PNG.rar) in e.g. multiman dir. In XMB go on multiman and press select. Simple example, draw only one frame if select was pressed.

Furthermore, it is a stupid method, but if no better way arises... in principle:

IO module is running all the time the ps3 is running.
IO module awaits input from many devices, not only pad, also Kb and mouse.

The system (XMB, in Game XMB), hombrew like multiman and also in background running prx, need a struct for handle the input.

This is a ram dump from my rebug 4.46C ps3. At offset 0x10389F4 is the pad-data struct.

00 00 = DIGITAL2 (if O is pressed = 00 20, see psl1ght header files for pad to understand the flags)

The point, if you are in game and press O on your pad, to set this value in the pad-data struct of the running game to 00 20 or use a in backround running plugin to set this value with poke to 00 20 if you press a special Keyboard button, it is the same.

Analogstick (00 82 00 82 00 80 00 80) 2 Mouse is a little bit more tricky, but also possible.

If you have rebug 4.46C running, here (linked above) is a simple ram viewer prx, based on the blit into PIC1.PNG. Look at offset 0x8000000001038800 and 0x8000000001038A00 for the pad-data struct, press e.g. O and you see the altered values...

I use it only on 4.46C with Users prx loader. Work only in XMB, is not stable, only some playing for me, not a release !

  • Go in games column on the app with the special PIC1.PNG, press select to toggle the hex-viewer on/off.
  • Use R1 and L1 to go one sector up or down,
  • Hold R2 and use R1 und L1 to go 1 KB up or down,
  • Hold L2 and use R1 und L1 to go 1 MB up or down.

EDIT: fixed a stupid copy-past error in source code of prx

Blitting in XMB Background PNG Example (see video and files above):

The background png must be 1920x1080 and set 100% (no scaling!) Select button start/stop blitting, work only in XMB, kk

Its a simple example, no event checks, blitting stop not automatically! Use select to stop blitting before you start a app/game or shutdown the PS3, Otherwise your PS3 crashes.

Update: May 5, 2014: Two freezing bugs fixed.. new sprx+src (linked above) and please notice, its a example, a concept, not really an app.

Will not work, it need the background png (say png, mean the ARGB area in local memory for the bg) to see the blitting area.

I have tried several things, but nothing stop fast enough, the prob are the short time to write a finished frame in local mem. In XMB there are 0x0FE00000 (254MB) accessible, the bg area begins at 0x00C80000, the raw ARGB data 0x200 later. If a eboot.bin starts, only 0x00500000 (5MB) are now accessible, so r/w offset 0x00C80200 and higher = freeze. say it again, blitting is stupid time to look at gcm...

Hhmm, found a more cooperative mutex, now blitting stop automatically by game/app start or shutdown. I also lock now the gcm_lwmutex during r/w processes to local mem.

I use furthermore 4.46 CEX rebug + User's prx-loader for testing a prx, keep that in mind if use other MFW's.. same link as before (write no change log or make revisions, is not a app and simple source code say all, if someone will use the method)

Another change, skip the mutex stuff and stop blitting now each time the X button is pressed, that stop blitting also if you go on trophies or a sub-menu under setting, don't like it but better than a freeze.

I don't know how the power-button can be checked, so if you shutdown over power-button during blitting, PS3 will freeze.

More PlayStation 3 News...

aracard's Avatar
#19 - aracard - 35w ago
how did you copy the data with this program from the hdd? i have ylod and cannot access the ps3

majid25's Avatar
#18 - majid25 - 48w ago
I have a similar question, I have a dead ps3 on which I want to recover the hard drive contents but I did make a flash dump before it died. Can the eid root key be obtained from the dump? That's how I believe it works unless there is some other step

aldostools's Avatar
#17 - aldostools - 50w ago
can you copy savedata from a hdd of a ps3 that is dead
yes, but only if you have the eid_root_key from the dead ps3. Brenza about the write feature, here is what 3141card answered:

I can you say why I not plan to do that. I simply know not enough about filesystems. Is the de/encryption a prob? No, its the easiest part on the prog. Its easy to write a fuction for on-the-fly encryption, simply a invers of my read_device(). I have no wish to write a app was kill in worst case a many ps3-hdd's. Only because i forget to set a flag or to update a special value in superblock or cylinder. And why write such a prog? There is always a better way. Linux.

glevand has it show (on psdevwiki.com/ps3/Mounting_HDD_on_PC). It is easy to mount a ps3 hdd on linux.

He show it for a slim hdd, ok, but for a fat only the decryption is other.

For slim: cryptsetup create -c aes-xts-plain64 -d -s 256

For fat: cryptsetup create -c aes-cbc-null -d -s 192

Next is, compile the kernel for UFS write support, and mount gameOS rw.

Work perfect for me. So why a maybe risky hombrew, if i can use a brilliant OS with proper coded device driver.

Sponsored Links

Sponsored Links
Sponsored Links

Sponsored Links







Affiliates - Contact Us - PS3 Downloads - Privacy Statement - Site Rules - Top - © 2014 PlayStation 3 News