Merge pull request #29 from ChendoChap/master

pr

Makefile

@@ -3,16 +3,14 @@
 TARGET = payload.bin
 KTARGET = kpayload.elf
 
-all: clean $(TARGET) $(KTARGET)
+all: clean $(KTARGET) $(TARGET)
 
 $(TARGET):
 	cd payload && $(MAKE) -s
 	cp payload/$(TARGET) $(TARGET)
 
 $(KTARGET):
-	cd kpayload && $(MAKE) -s
-	cp kpayload/$(KTARGET) $(KTARGET)
-	elfedit --output-type=DYN $(KTARGET)
+	cd kpayload && $(MAKE) -s && elfedit --output-type=DYN $(KTARGET)
 
 .PHONY: clean
 clean:

kpayload/include/freebsd.h

@@ -296,6 +296,7 @@ TYPE_FIELD(struct ucred *p_ucred, 0x40);
 TYPE_FIELD(struct filedesc *p_fd, 0x48);
 TYPE_FIELD(int pid, 0xB0);
 TYPE_FIELD(struct vmspace *p_vmspace, 0x168);
+TYPE_FIELD(char titleId[10], 0x390);
 TYPE_FIELD(char p_comm[32], 0x44C);
 TYPE_END();
 

kpayload/include/rpc.h

@@ -86,9 +86,10 @@ struct rpc_proc_write {
 struct rpc_proc_list {
 	char name[32];
 	uint32_t pid;
+	char  titleId[10];
 } __attribute__((packed));
 
-#define RPC_PROC_LIST_SIZE 36
+#define RPC_PROC_LIST_SIZE 46
 
 struct rpc_proc_info1 {
 	uint32_t pid;

kpayload/source/rpc.c

@@ -550,6 +550,7 @@ int rpc_handle_list(int fd, struct rpc_packet *packet) {
 	for (int i = 0; i < count; i++) {
 		memcpy(plist[i].name, p->p_comm, sizeof(plist[i].name));
 		plist[i].pid = p->pid;
+		memcpy(plist[i].titleId, p->titleId, sizeof(plist[i].titleId));
 
 		if (!(p = p->p_forw)) {
 			break;

librpc/PS4RPC.cs

@@ -45,7 +45,7 @@ private enum RPC_CMDS : uint
         private const int RPC_PACKET_SIZE = 12;
         private const int RPC_PROC_READ_SIZE = 16;
         private const int RPC_PROC_WRITE_SIZE = 16;
-        private const int RPC_PROC_LIST_SIZE = 36;
+        private const int RPC_PROC_LIST_SIZE = 46;
         private const int RPC_PROC_INFO1_SIZE = 4;
         private const int RPC_PROC_INFO2_SIZE = 60;
         private const int RPC_PROC_INSTALL1_SIZE = 4;
@@ -447,14 +447,16 @@ public ProcessList GetProcessList()
             // parse data
             string[] procnames = new string[number];
             int[] pids = new int[number];
+			string[] titleIds = new string[number];
             for (int i = 0; i < number; i++)
             {
                 int offset = i * RPC_PROC_LIST_SIZE;
                 procnames[i] = GetNullTermString(data, offset);
                 pids[i] = BitConverter.ToInt32(data, offset + 32);
+                titleIds[i] = GetNullTermString(data, offset + 36);
             }
 
-            return new ProcessList(number, procnames, pids);
+            return new ProcessList(number, procnames, pids, titleIds);
         }
 
         /// <summary>

librpc/Process.cs

@@ -7,17 +7,19 @@ public class Process
     {
         public string name;
         public int pid;
-
+		public string titleId;
+
         /// <summary>
         /// Initializes Process class
         /// </summary>
         /// <param name="name">Process name</param>
         /// <param name="pid">Process ID</param>
         /// <returns></returns>
-        public Process(string name, int pid)
+        public Process(string name, int pid, string titleId)
         {
             this.name = name;
             this.pid = pid;
+            this.titleId = titleId;
         }
     }
 
@@ -32,12 +34,12 @@ public class ProcessList
         /// <param name="names">Process names</param>
         /// <param name="pids">Process IDs</param>
         /// <returns></returns>
-        public ProcessList(int number, string[] names, int[] pids)
+        public ProcessList(int number, string[] names, int[] pids, string[] titleIds)
         {
             processes = new Process[number];
             for (int i = 0; i < number; i++)
             {
-                processes[i] = new Process(names[i], pids[i]);
+                processes[i] = new Process(names[i], pids[i], titleIds[i]);
             }
         }
 

payload/source/embed.s

@@ -0,0 +1,12 @@
+	.section .rodata
+	.global kpayload
+	.type   kpayload, @object
+	.align  4
+kpayload:
+	.incbin "../kpayload/kpayload.elf"
+kpayload_end:
+	.global kpayload_size
+	.type   kpayload_size, @object
+	.align  4
+kpayload_size:
+	.int    kpayload_end - kpayload

payload/source/main.c

@@ -4,6 +4,9 @@
 #include "jkpatch.h"
 #include "install.h"
 
+extern uint8_t kpayload[];
+extern int32_t kpayload_size;
+
 // perfect for putty
 void ascii_art(void *_printf) {
 	printf("\n\n");
@@ -79,60 +82,6 @@ void scesbl_patches(struct thread *td, uint64_t kernbase) {
 	//*(uint8_t *)(kernbase + 0x36057B) = 0;
 }
 
-int receive_payload(void **payload, size_t *psize) {
-	struct sockaddr_in server;
-	server.sin_len = sizeof(server);
-	server.sin_family = AF_INET;
-	server.sin_addr.s_addr = IN_ADDR_ANY;
-	server.sin_port = sceNetHtons(9023);
-	memset(server.sin_zero, 0, sizeof(server.sin_zero));
-
-	int servsock = sceNetSocket("jkpatch", AF_INET, SOCK_STREAM, 0);
-
-	sceNetBind(servsock, (struct sockaddr *)&server, sizeof(server));
-
-	sceNetListen(servsock, 128);
-
-	int client = sceNetAccept(servsock, NULL, NULL);
-	if (client < 0) {
-		return 1;
-	}
-
-	void *data = (void *)malloc(4096);
-	int recvlen = 0;
-	int length = 0;
-
-	while (1) {
-		recvlen = sceNetRecv(client, data + length, 4096, 0);
-		length += recvlen;
-
-		if (recvlen) {
-			void *ndata = (void *)realloc(data, length + 4096);
-			if (ndata) {
-				data = ndata;
-			} else {
-				break;
-			}
-		} else {
-			break;
-		}
-	}
-
-	if (payload) {
-		*payload = data;
-	} else {
-		free(data);
-	}
-
-	if (psize) {
-		*psize = length;
-	}
-
-	sceNetSocketClose(servsock);
-
-	return 0;
-}
-
 struct jkuap {
 	uint64_t sycall;
 	void *payload;
@@ -189,13 +138,7 @@ int jkpatch(struct thread *td, struct jkuap *uap) {
 int _main(void) {
 	initKernel();
 	initLibc();
-	initNetwork();
-
-	size_t psize = 0;
-	void *payload = NULL;
-	receive_payload(&payload, &psize);
-
-	syscall(11, jkpatch, payload, psize);
+	syscall(11, jkpatch, kpayload, kpayload_size);
 
 	// this could race
 	/*if (payload) {