Neperos
SIGN IN
Copy Link
Add to Bookmark
Report

KDumper

KDumper - A PSPDEV production

PS_2's profile picture
@PS_2
Published in 
PSP
 · 6 years ago

KDumper - A PSPDEV production.

Tool + source to enter kernel mode and dump memory (and a few other things).
Will dump from 0x88000000 -> 0x883fffff as kmem.bin and 0xbfc00000 ->
0xbfd00000 as boot.bin (not really useful).
Now play nice boys + girls.

Much thx to the usual shower who have definetly not been sleeping on the job!

code 

 
/ * Program to dump some cool stuff in Kernel mode * / 
/ * Tyranid 2k5 * / 
#include < kernel.h > 
#include < debug.h > 
#include < stdlib.h > 
#include < string.h > 

#define printf	pspDebugScreenPrintf 

int exit_callback(void) 
{ 
	sceKernelExitGame(); 

	return 0; 
} 

void CallbackThread(void *arg) 
{ 
	int cbid; 

	cbid = sceKernelCreateCallback("Exit Callback", exit_callback, NULL); 
	sceKernelRegisterExitCallback(cbid); 

	sceKernelSleepThreadCB(); 
} 

/ * Dump the status of a thread * / 
void dump_threadstatus(void) 
{ 
	int thid; 
	ThreadStatus status; 
	int ret; 

	thid = sceKernelGetThreadId(); 
	memset(&status, 0, sizeof(ThreadStatus)); 
	printf("Thread ID: %08X\n", thid); 
	status.size = sizeof(ThreadStatus); 
	ret = sceKernelReferThreadStatus(thid, &status);  
	printf("Get Thread Status: %08X\n", ret); 
	if(ret == 0) 
	{ 
		printf("Name: %s\n", status.name); 
		printf("Thread Addr: %08X\n", status.th_addr); 
		printf("Stack Addr: %08X\n", status.stack_addr); 
		printf("Stack Size: %08X\n", status.stack_size); 
		printf("gp: %08X\n", status.gp); 
		printf("Initial Pri: %x\n", status.init_pri); 
		printf("Current Pri: %x\n", status.curr_pri); 
	} 
} 

/ * Sets up the callback thread and returns its thread id * / 
int SetupCallbacks(void) 
{ 
	int thid = 0; 

	thid = sceKernelCreateThread("update_thread", CallbackThread, 0x11, 0xFA0, 0, 0); 
	if(thid >= 0) 
	{ 
		sceKernelStartThread(thid, 0, 0); 
	} 

	return thid; 
} 

void dump_cop0_regs(void) 
{ 
	u32 regs[32]; 
	int i; 

	asm __volatile__ ( 
		"mfc0 $3, $0\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $1\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $2\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $3\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $4\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $5\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $6\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $7\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $8\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $9\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $10\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $11\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $12\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $13\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $14\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $15\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $16\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $17\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $18\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $19\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $20\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $21\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $22\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $23\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $24\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $25\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $26\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $27\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $28\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $29\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $30\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		"mfc0 $3, $31\n" 
		"sw $3, 0(%0)\n" 
		"addi %0, %0, 4\n" 
		: 
		: "r"(®s[0]) 
	); 

	printf("Cop0 regs\n"); 
	for(i = 0; i < 32; i+=4) 
	{ 
		printf("$%02d: %08X, $%02d: %08X, $%02d: %08X $%02d: %08X\n",  
				i, regs[i], i+1, regs[i+1], i+2, regs[i+2], i+3, regs[i+3]); 
	} 
} 

char g_data[0x400000] __attribute__((aligned(64))); 

/ * Well what would you expect ? :) * / 
void dump_memregion(const char* file, void *addr, int len) 
{ 
	int fd; 

	fd = sceIoOpen(file, O_CREAT | O_TRUNC | O_WRONLY, 0777); 
	pspDebugScreenPrintf("fd %d\n", fd); 
	memcpy(g_data, addr, len); 
	sceIoWrite(fd, g_data, len); 
	sceIoClose(fd); 
	pspDebugScreenPrintf("%s written\n", file); 
} 

/ * Main function in kernel mode * / 
void kmain(void) 
{ 
	pspDebugScreenInit(); 

	printf("Kernel mem dumper. TyRaNiD 2k5.\n"); 
	printf("Props to nem, mrbrown, adresd et al\n\n"); 
	dump_threadstatus(); 
	dump_cop0_regs(); 
	printf("Dumping Boot Mem 0xBFC00000 -> 0xBFD00000\n"); 
	dump_memregion("ms0:/boot.bin", (void*) 0xBFC00000, 0x100000); 
	printf("Dumping Kernel Mem 0x88000000 -> 0x883FFFFF\n"); 
	dump_memregion("ms0:/kmem.bin", (void*) 0x88000000, 0x400000); 
} 

/ * Main function in user mode * / 
int main(void) 
{ 
	SetupCallbacks(); 
	sceKernelSleepThread(); 

	return 0; 
}

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Recent Articles

Recent Comments

guest's profile picture
@guest
4 Nov 2024
In 1955, the explorer Thor Heyerdahl managed to erect a Moai in eighteen days, with the help of twelve natives and using only logs and stone ...
guest's profile picture
@guest
4 Nov 2024
For what unknown reason did our distant ancestors dot much of the surface of the then-known lands with those large stones? Why are such cons ...
guest's profile picture
@guest
4 Nov 2024
The real pyramid mania exploded in 1830. A certain John Taylor, who had never visited them but relied on some measurements made by Colonel H ...
guest's profile picture
@guest
4 Nov 2024
Even with all the modern technologies available to us, structures like the Great Pyramid of Cheops could only be built today with immense di ...
lostcivilizations's profile picture
Lost Civilizations (@lostcivilizations)
2 Nov 2024
In Sardinia, there is a legend known as the Legend of Tirrenide. Thousands of years ago, there was a continent called Tirrenide. It was a l ...
guest's profile picture
@guest
2 Nov 2024
What is certain is that the first Greek geographer to clearly place the Pillars of Hercules at Gibraltar was Eratosthenes (who lived between ...
guest's profile picture
@guest
1 Nov 2024
Disquieting thc drinks has been quite the journey. As someone keen on unpretentious remedies, delving into the in every respect of hemp has ...
guest's profile picture
@guest
29 Oct 2024
hi Good day I am writing to inform you of recent developments that may impact our ongoing operations. This morning, global news outlets hav ...
guest's profile picture
@guest
26 Oct 2024
primo
guest's profile picture
@guest
25 Oct 2024
хороший психотерапевт консультация психолога по омс
a Francesco Arca production 2016 - 2024
Terms of Service - Privacy Policy
neperos on mastodon
Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT