Neperos
SIGN IN
Copy Link
Add to Bookmark
Report

KDumper

KDumper - A PSPDEV production

PS_2's profile picture
@PS_2
Published in 
PSP
 · 6 years ago

KDumper - A PSPDEV production.

Tool + source to enter kernel mode and dump memory (and a few other things).
Will dump from 0x88000000 -> 0x883fffff as kmem.bin and 0xbfc00000 ->
0xbfd00000 as boot.bin (not really useful).
Now play nice boys + girls.

Much thx to the usual shower who have definetly not been sleeping on the job!

code 

 
/ * Program to dump some cool stuff in Kernel mode * / 
/ * Tyranid 2k5 * / 
#include < kernel.h > 
#include < debug.h > 
#include < stdlib.h > 
#include < string.h > 

#define printf	pspDebugScreenPrintf 

int exit_callback(void) 
{ 
	sceKernelExitGame(); 

	return 0; 
} 

void CallbackThread(void *arg) 
{ 
	int cbid; 

	cbid = sceKernelCreateCallback("Exit Callback", exit_callback, NULL); 
	sceKernelRegisterExitCallback(cbid); 

	sceKernelSleepThreadCB(); 
} 

/ * Dump the status of a thread * / 
void dump_threadstatus(void) 
{ 
	int thid; 
	ThreadStatus status; 
	int ret; 

	thid = sceKernelGetThreadId(); 
	memset(&status, 0, sizeof(ThreadStatus)); 
	printf("Thread ID: %08X\n", thid); 
	status.size = sizeof(ThreadStatus); 
	ret = sceKernelReferThreadStatus(thid, &status);  
	printf("Get Thread Status: %08X\n", ret); 
	if(ret == 0) 
	{ 
		printf("Name: %s\n", status.name); 
		printf("Thread Addr: %08X\n", status.th_addr); 
		printf("Stack Addr: %08X\n", status.stack_addr); 
		printf("Stack Size: %08X\n", status.stack_size); 
		printf("gp: %08X\n", status.gp); 
		printf("Initial Pri: %x\n", status.init_pri); 
		printf("Current Pri: %x\n", status.curr_pri); 
	} 
} 

/ * Sets up the callback thread and returns its thread id * / 
int SetupCallbacks(void) 
{ 
	int thid = 0; 

	thid = sceKernelCreateThread("update_thread", CallbackThread, 0x11, 0xFA0, 0, 0); 
	if(thid >= 0) 
	{ 
		sceKernelStartThread(thid, 0, 0); 
	} 

	return thid; 
} 

void dump_cop0_regs(void) 
{ 
	u32 regs[32]; 
	int i; 

	asm __volatile__ ( 
		"mfc0 $3, $0\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $1\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $2\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $3\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $4\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $5\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $6\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $7\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $8\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $9\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $10\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $11\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $12\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $13\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $14\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $15\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $16\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $17\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $18\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $19\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $20\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $21\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $22\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $23\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $24\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $25\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $26\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $27\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $28\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $29\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $30\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $31\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		: 
		: "r"(®s[0]) 
	); 

	printf("Cop0 regs\n"); 
	for(i = 0; i < 32; i+=4) 
	{ 
		printf("$%02d: %08X, $%02d: %08X, $%02d: %08X $%02d: %08X\n",  
				i, regs[i], i+1, regs[i+1], i+2, regs[i+2], i+3, regs[i+3]); 
	} 
} 

char g_data[0x400000] __attribute__((aligned(64))); 

/ * Well what would you expect ? :) * / 
void dump_memregion(const char* file, void *addr, int len) 
{ 
	int fd; 

	fd = sceIoOpen(file, O_CREAT | O_TRUNC | O_WRONLY, 0777); 
	pspDebugScreenPrintf("fd %d\n", fd); 
	memcpy(g_data, addr, len); 
	sceIoWrite(fd, g_data, len); 
	sceIoClose(fd); 
	pspDebugScreenPrintf("%s written\n", file); 
} 

/ * Main function in kernel mode * / 
void kmain(void) 
{ 
	pspDebugScreenInit(); 

	printf("Kernel mem dumper. TyRaNiD 2k5.\n"); 
	printf("Props to nem, mrbrown, adresd et al\n\n"); 
	dump_threadstatus(); 
	dump_cop0_regs(); 
	printf("Dumping Boot Mem 0xBFC00000 -> 0xBFD00000\n"); 
	dump_memregion("ms0:/boot.bin", (void*) 0xBFC00000, 0x100000); 
	printf("Dumping Kernel Mem 0x88000000 -> 0x883FFFFF\n"); 
	dump_memregion("ms0:/kmem.bin", (void*) 0x88000000, 0x400000); 
} 

/ * Main function in user mode * / 
int main(void) 
{ 
	SetupCallbacks(); 
	sceKernelSleepThread(); 

	return 0; 
}

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Recent Articles

Recent Comments

eZine's profile picture
eZine lover (@eZine)
22 Nov 2024
It was brought to my attention that there’s a mistake as this article appears to be empty. Unfortunately, it’s not a mistake. The first i ...
eZine's profile picture
eZine lover (@eZine)
22 Nov 2024
Thanks for the comment. I'm glad to know that my archiving work is useful to someone! You can find more ezines by checking out my profi ...
guest's profile picture
@guest
21 Nov 2024
I can't believe you archived it! Chronicles of Chaos was my favorite online magazine back in the day.
lostcivilizations's profile picture
Lost Civilizations (@lostcivilizations)
21 Nov 2024
Thank you very much for your comment. I haven’t read the book by Hakan Öniz and didn’t know the Shardana could have traveled so far as to re ...
guest's profile picture
@guest
20 Nov 2024
Shardana or Sheridan are the sea peoples who arrive in Eire or Ireland and also move into Scotland
Adelaide's profile picture
@Adelaide
20 Nov 2024
È buono
guest's profile picture
@guest
20 Nov 2024
TODAY IT-S FREEZING. UNFORTUNATELY I NEED TO GO TO THE OFFICE! WHAT ABOUT YOU?
guest's profile picture
@guest
19 Nov 2024
reading Birmingham I thought that it was the city in UK :D
guest's profile picture
@guest
19 Nov 2024
are they made all year or typical of a special occasion?
guest's profile picture
@guest
19 Nov 2024
Deliziosa!!!!!Assolutamente da provare questa domenica! Grazie per l'idea :D
a Francesco Arca production 2016 - 2024
Terms of Service - Privacy Policy
neperos on mastodon
Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT