webMAN-MOD icon indicating copy to clipboard operation
webMAN-MOD copied to clipboard

Published 20 hours ago verified publisher icon aldostools

Adding LV1/LV2 Peek Poke to PS3MAPI Server

Open PHTNCx64 opened this issue 4 years ago • 9 comments

While PS3MAPI is already powerful, it still misses a feature in my opinion, the ability to peek/poke on the Kernel and Hypervisor. This would enable developers to easily remotely change code without always compiling code. I know that WMM already supports that on the web debugger, but creating own tools with own adjustments would be much better.

TheRouLetteBoi and Jo-Milk for example found out that CCAPI (until 2.80 rev5) uses a custom PPC instruction by hooking a function to the exception system to the OS, it would be good if we easily could replace the sc instruction with CCAPI's with personal tools.

PHTNCx64 avatar Sep 28 '21 13:09 PHTNCx64

With compiling code I mean creating applications and modules for PS3

PHTNCx64 avatar Sep 28 '21 13:09 PHTNCx64

Cobra 8.3 / Mamba 8.4 have the following PS3MAPI opcodes that allow to peek/poke LV1 and LV2.

#define PS3MAPI_OPCODE_LV2_PEEK						0x1006
#define PS3MAPI_OPCODE_LV2_POKE						0x1007
#define PS3MAPI_OPCODE_LV1_PEEK						0x1008
#define PS3MAPI_OPCODE_LV1_POKE						0x1009

webMAN MOD also supports web commands for peek, poke, dump memory, call syscalls, file management, etc.

These commands can be called in 4 ways: 1- Using web interface (http) through port 80. e.g. http://localhost/peek.lv1?0x3000 2- Using SITE command (ftp) through port 21. e.g. SITE /poke.lv2?0x3000=0x1122334455667788 3- Using GET command (ps3mapi server) through port 7887. e.g. GET /install.ps3/dev_hdd0/mygame.pkg 4- Using /dev_hdd0/tmp/wm_request that is polled periodically.

The web command can be a single command or a .bat file containing multiple commands.

These features haven't been extensively tested, but the concept is implemented.

aldostools avatar Sep 28 '21 13:09 aldostools

I'm aware that there are Opcodes in PS3MAPI, but I mean adding them to the FTP Server as a regular command, so people can create C#/C/C++ tools on a PC easily. The problem with the HTTP request methods is that WMM returns the whole page as html source code to the user instead of only returning the important values, it requires users to parse out all unnecessary values from the page and that takes time and would require adding external libraries that are often quite large.

PHTNCx64 avatar Sep 28 '21 17:09 PHTNCx64

I think there seems to be a confusion here, sorry if that's true, what I mean is adding a PEEK/POKE command to the PS3MAPI FTP Server in ps3mapi.h. I'll write some code on handling peek/poke requests and get back to you once I've wrote the first implementation for it.

PHTNCx64 avatar Sep 29 '21 07:09 PHTNCx64

Here is my first implementation, I'm not sure if that works, as I barely have time for testing it right now and wrote this in my spare time today. But if I interpreted the way your code ssplit works correctly, it should work. Note that this is not a command inside the PS3, MEMORY, MODULE or another section.

else if(_IS(cmd, "PEEKLV2") || (_IS(cmd, "PEEKLV1")))
			{
				if(split)
				{
					bool isLV2Peek = _IS(cmd, "PEEKLV2");

					split = ssplit(param1, cmd, 19, param2, PS3MAPI_MAX_LEN);

					system_call_3(SC_COBRA_SYSCALL8, SYSCALL8_OPCODE_PS3MAPI, isLV2Peek ? PS3MAPI_OPCODE_LV2_PEEK : PS3MAPI_OPCODE_LV1_PEEK, val(cmd));
					sprintf(buffer, "200 %i\r\n", p1);
					ssend(conn_s_ps3mapi, buffer);
					
				}
			}
			else if(_IS(cmd, "POKELV2") || (_IS(cmd, "POKELV1")))
			{
				if(split)
				{
					bool isLV2Peek = _IS(cmd, "POKELV2");

					split = ssplit(param1, cmd, 19, param2, PS3MAPI_MAX_LEN);
					
					system_call_3(SC_COBRA_SYSCALL8, SYSCALL8_OPCODE_PS3MAPI, isLV2Peek ? PS3MAPI_OPCODE_LV2_POKE : PS3MAPI_OPCODE_LV1_POKE, val(cmd), val(param2));
					sprintf(buffer, "200 %i\r\n", p1);
					ssend(conn_s_ps3mapi, buffer);
				}
				else ssend(conn_s_ps3mapi, PS3MAPI_ERROR_501);
			}

PHTNCx64 avatar Sep 29 '21 14:09 PHTNCx64

@PHTNCx64 You can test the new PS3MAPI ftp commands PEEKLV1/PEEKLV2/POKELV1/POKELV2/SYSCALL webftp_server_peek_poke_syscall_PS3MAPI.zip

PEEKLV1 <address> PEEKLV2 <address> POKELV1 <address> <value> POKELV2 <address> <value> SYSCALL <syscall-number>|0x<hex-value>|<decimal-value>|<string-value>

In theory the command SYSCALL can do the same work of the other 4 commands.

aldostools avatar Sep 29 '21 16:09 aldostools

Sorry for the late response. Thanks for the test build. I'll be back once I've tested the commands this weekend.

PHTNCx64 avatar Oct 01 '21 12:10 PHTNCx64

I have published in the release page the build including support for 8 additional PS3MAPI server commands:

PEEKLV1 address -> returns value at address PEEKLV2 address -> returns value at address POKELV1 address value POKELV2 address value

SYSCALL sc|value|value|value|etc. -> returns syscall result REGISTRY GET regkey -> returns registry key value REGISTRY SET regkey value PROCESS GETCURRENTPID -> returns current game process id or first process id in the list

Also added to support for load system modules from dev_flash to a process id: MODULE LOAD <prx_path>

aldostools avatar Oct 02 '21 00:10 aldostools

Thanks for the release, I'll update the PS3MAPI client library. I'm not sure when I'm going to be done with it, but I'll release the library as soon as possible.

PHTNCx64 avatar Oct 02 '21 07:10 PHTNCx64