Added graf_chokolo's payloads and a loader.

graf/Makefile

@@ -0,0 +1,64 @@
+.SUFFIXES:
+ifeq ($(strip $(PSL1GHT)),)
+$(error "PSL1GHT must be set in the environment.")
+endif
+
+include $(PSL1GHT)/Makefile.base
+
+TARGET		:=	$(notdir $(CURDIR))
+BUILD		:=	build
+SOURCE		:=	source
+INCLUDE		:=	include ../libkammy/include ../lv2
+DATA		:=	data
+LIBS		:=	../../libkammy/libkammy.a
+
+CFLAGS		+= -g -O2 -Wall
+CXXFLAGS	+= -g -O2 -Wall
+
+ifneq ($(BUILD),$(notdir $(CURDIR)))
+
+export OUTPUT	:=	$(CURDIR)/$(TARGET)
+export VPATH	:=	$(foreach dir,$(SOURCE),$(CURDIR)/$(dir)) \
+					$(foreach dir,$(DATA),$(CURDIR)/$(dir))
+export BUILDDIR	:=	$(CURDIR)/$(BUILD)
+export DEPSDIR	:=	$(BUILDDIR)
+
+CFILES		:= $(foreach dir,$(SOURCE),$(notdir $(wildcard $(dir)/*.c)))
+CXXFILES	:= $(foreach dir,$(SOURCE),$(notdir $(wildcard $(dir)/*.cpp)))
+SFILES		:= $(foreach dir,$(SOURCE),$(notdir $(wildcard $(dir)/*.S)))
+BINFILES	:= $(foreach dir,$(DATA),$(notdir $(wildcard $(dir)/*.bin))) \
+			   graf.bin
+
+export OFILES	:=	$(CFILES:.c=.o) \
+					$(CXXFILES:.cpp=.o) \
+					$(SFILES:.S=.o)
+
+export BINFILES	:=	$(BINFILES:.bin=.bin.h)
+
+export INCLUDES	:=	$(foreach dir,$(INCLUDE),-I$(CURDIR)/$(dir)) \
+					-I$(CURDIR)/$(BUILD)
+
+.PHONY: $(BUILD) clean
+
+$(BUILD):
+	@[ -d $@ ] || mkdir -p $@
+	@make --no-print-directory -C ../libkammy
+	@make --no-print-directory -C ../lv2 -f Makefile.graf
+	@make --no-print-directory -C $(BUILD) -f $(CURDIR)/Makefile
+
+clean:
+	@echo Clean...
+	@rm -rf $(BUILD) $(OUTPUT).elf $(OUTPUT).self
+
+else
+
+DEPENDS	:= $(OFILES:.o=.d)
+
+$(OUTPUT).self: $(OUTPUT).elf
+$(OUTPUT).elf: $(OFILES) ../../libkammy/libkammy.a
+
+$(OFILES): $(BINFILES)
+
+-include $(DEPENDS)
+
+endif

graf/data/.gitignore

@@ -0,0 +1 @@
+graf.bin

graf/source/main.cpp

@@ -0,0 +1,55 @@
+#include <psl1ght/lv2.h>
+#include <kammy.h>
+#include <common/kammy_lv2.h>
+
+#include "graf.bin.h"
+
+#include <stdio.h>
+
+static u64 LoadModule(const u8* bin, const char* name, u64 param1 = 0, u64 param2 = 0, u64 param3 = 0, u64 param4 = 0, u64 param5 = 0, u64 param6 = 0)
+{
+	u64 ret = KAMMY_ERROR;
+	printf("\tLoading %s into lv2... ", name);
+	const Lv2Module* module = Kammy_Load(bin);
+	if (!module->Verify()) {
+		printf("Failed! %s is corrupt.\n", name);
+		return ret;
+	}
+	if (!module->Execute(&ret, param1, param2, param3, param4, param5, param6))
+		printf("Failed! Kammy was unable to load %s.\n", name);
+	else
+		printf("Done! Result returned from %s in lv2: 0x%08x%08x\n", name, (u32)(ret >> 32), (u32)ret);
+	return ret;
+}
+
+static bool Init()
+{
+	if (Kammy_IsInitialised())
+		printf("\tAlready loaded!\n");
+	else {
+		printf("\tInitializing... ");
+		if (Kammy_Initialise())
+			printf("Done! Kammy injected into lv2 successfully.\n");
+		else {
+			printf("Failed! Syscalls could not be injected. Does this payload have peek/poke?\n");
+			return false;
+		}
+	}
+
+	return true;
+}
+
+extern "C" int main(int argc, char** argv)
+{
+	printf("Kammy v" LIBKAMMY_VERSION "\n");
+
+	if (!Init()) {
+		printf("Failed!\n");
+		return 0;
+	}
+
+	LoadModule(graf_bin, "graf.bin");
+	printf("Aaand we're done for tonight folks.\n");
+
+	return 0;
+}

lv2/Makefile.graf

@@ -0,0 +1,100 @@
+.SUFFIXES:
+ifeq ($(strip $(PSL1GHT)),)
+$(error "PSL1GHT must be set in the environment.")
+endif
+
+include $(PSL1GHT)/Makefile.base
+
+MAKEFILE	:=	graf
+TARGET		:=	$(MAKEFILE).bin
+TARGETS		:= ../graf/data/$(TARGET)
+BUILD		:=	$(MAKEFILE)/build
+DATA		:=	$(MAKEFILE)/data
+LINKFILE	:=	common/kammy.x
+SOURCE		:=	$(MAKEFILE) common
+INCLUDE		:=	$(SOURCE)
+MAPFILE		:=	$(BUILD)/$(MAKEFILE).map
+TEXTBASE	:=	0xFAC3B01000000000
+LIBS		:=	
+
+LD			:= ppu-ld
+
+CFLAGS		+= -nodefaultlibs -nostdlib \
+			   -fno-builtin -fno-exceptions \
+			   -Os -Wall \
+			   -DLV2
+CXXFLAGS	:= $(CFLAGS) -fno-rtti
+CFLAGS		+= --std=gnu99
+LDFLAGS		:= -L. -s -T $(LINKPATH) \
+			   -Ttext $(TEXTBASE) \
+			   -Map $(MAPPATH) --no-demangle
+
+XXD			:= xxd -r -p
+
+ifneq ($(notdir $(BUILD)),$(notdir $(CURDIR)))
+
+export OUTPUT	:=	$(CURDIR)/$(TARGET)
+export OUTPUTS	:=	$(foreach dir,$(TARGETS),$(CURDIR)/$(dir))
+export VPATH	:=	$(foreach dir,$(SOURCE),$(CURDIR)/$(dir)) \
+					$(foreach dir,$(DATA),$(CURDIR)/$(dir))
+export BUILDDIR	:=	$(CURDIR)/$(BUILD)
+export DEPSDIR	:=	$(BUILDDIR)
+export LINKPATH	:=	$(CURDIR)/$(LINKFILE)
+export MAPPATH	:=	$(CURDIR)/$(MAPFILE)
+
+CFILES		:= $(foreach dir,$(SOURCE),$(notdir $(wildcard $(dir)/*.c)))
+CXXFILES	:= $(foreach dir,$(SOURCE),$(notdir $(wildcard $(dir)/*.cpp)))
+SFILES		:= $(foreach dir,$(SOURCE),$(notdir $(wildcard $(dir)/*.S)))
+BINFILES	:= $(foreach dir,$(DATA),$(notdir $(wildcard $(dir)/*.bin)))
+
+export OFILES	:=	$(CFILES:.c=.o) \
+					$(CXXFILES:.cpp=.o) \
+					$(SFILES:.S=.o)
+
+export BINFILES	:=	$(BINFILES:.bin=.bin.h)
+
+export INCLUDES	:=	$(foreach dir,$(INCLUDE),-I$(CURDIR)/$(dir)) \
+					-I$(CURDIR)/$(BUILD)
+
+.PHONY: $(BUILD) clean
+
+$(BUILD):
+	@[ -d $@ ] || mkdir -p $@
+	@make --no-print-directory -C $(BUILD) -f $(CURDIR)/Makefile.$(MAKEFILE)
+
+objdump: $(OUTPUT)
+	@ppu-objdump -D -EB -b binary -m powerpc:common64 $(BUILD)/$(TARGET)
+
+clean:
+	@echo Clean...
+	@rm -rf $(BUILD) $(OUTPUT) $(OUTPUTS)
+
+else
+
+DEPENDS	:= $(OFILES:.o=.d)
+
+$(BUILD): $(OUTPUTS)
+
+ifneq ($(OUTPUTS),)
+$(OUTPUTS): $(OUTPUT)
+	@cp $< $@
+endif
+
+GET_MAIN = '/^ +0x[0-9a-z]+ +_start$$/ {print $$1}'
+GET_TEXT = '/^\.text +0x[0-9a-z]+ +0x[0-9a-z]+$$/ {print $$2}'
+GET_BSS_END = '/^ +0x[0-9a-z]+ +__bss_end = \.$$/ {print $$1}'
+GET_BSS_START = '/^ +0x[0-9a-z]+ +__bss_start = \.$$/ {print $$1}'
+$(OUTPUT): $(OFILES)
+	@echo "[LD]  $@"
+	@$(LD) $(LDFLAGS) $(OFILES) -o $(BUILDDIR)/$(TARGET)
+	@echo 1337baad00000020 | $(XXD) > $@
+	@awk $(GET_MAIN) $(MAPPATH) | $(XXD) >> $@
+	@awk $(GET_TEXT) $(MAPPATH) | $(XXD) >> $@
+	@awk $(GET_BSS_END) $(MAPPATH) | $(XXD) >> $@
+	@cat $(BUILDDIR)/$(TARGET) >> $@
+	@dd bs=1 count="`calc \`awk $(GET_BSS_END) $(MAPPATH)\` - \`awk $(GET_BSS_START) $(MAPPATH)\` + 0x10`" if=/dev/zero >> $@ 2> /dev/null
+$(OFILES):
+
+-include $(DEPENDS)
+
+endif

lv2/graf/cksum.c

@@ -0,0 +1,43 @@
+
+/*
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; version 2 of the License.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#include <cksum.h>
+
+u16 cksum(const void *data, int size)
+{
+	const u16 *ptr;
+	long sum;
+
+	ptr = data;
+	sum = 0;
+
+	while(size > 1)
+	{
+		sum += *ptr++;
+		if(sum & 0x80000000)
+			sum = (sum & 0xFFFF) + (sum >> 16);
+
+		size -= 2;
+	}
+
+	if (size)
+		sum += (u16) *(u8 *) ptr;
+
+	while (sum >> 16)
+		sum = (sum & 0xFFFF) + (sum >> 16);
+
+	return ~sum;
+}

lv2/graf/cksum.h

@@ -0,0 +1,33 @@
+
+/*
+ *  This program is free software; you can redistribute it and/or modify
+ *  it under the terms of the GNU General Public License as published by
+ *  the Free Software Foundation; version 2 of the License.
+ *
+ *  This program is distributed in the hope that it will be useful,
+ *  but WITHOUT ANY WARRANTY; without even the implied warranty of
+ *  MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+ *  GNU General Public License for more details.
+ *
+ *  You should have received a copy of the GNU General Public License
+ *  along with this program; if not, write to the Free Software
+ *  Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
+ */
+
+#ifndef _CKSUM_H_
+#define _CKSUM_H_
+
+#include <inttypes.h>
+
+struct pseudo_hdr
+{
+	u32 src;
+	u32 dest;
+	u8 zero;
+	u8 proto;
+	u16 len;
+};
+
+u16 cksum(const void *data, int size);
+
+#endif