CBPS Forums

Console Hacking => PS Vita => Reverse Engineering => Topic started by: teakhanirons on June 01, 2020, 10:50:41 PM

Title: Taking a screenshot from a SceShell plugin
Post by: teakhanirons on June 01, 2020, 10:50:41 PM

I had problems using the newly added SceScreenshot from DolceSDK (https://github.com/DolceSDK/headers/commit/e85d82c49a877027580cffe7f2d09056efb36b76) from a SceShell (main) plugin when they worked fine in other apps. dots-tb told me to look into how shell handled the button combo. Then Princess suggested using taihen_min from sysident to use it.

sysident taihen_min.c implementation of module_get_offset is located here. (https://github.com/cuevavirus/sysident/blob/master/SysidentUser/src/taihen_min.c)

The offset is 0x14a928 on 3.60-3.61 retail firmwares. Going by cuevavirus's SceShell differences by firmware documentation (https://forum.devchroma.nl/index.php?topic=76.0), it's safe to assume that you'll have to find it yourself on other firmwares by comparing the code on that offset on 3.60-3.61 retail firmwares.

Here's a sample module_get_offset:

Code: [Select]

tai_module_info_t tai_info;
tai_info.size = sizeof(tai_module_info_t);
int ret = taiGetModuleInfo("SceShell", &tai_info);
if (ret < 0) return SCE_KERNEL_START_SUCCESS;

int (*shellShot)(void); // you define it (this may need to be global)

module_get_offset(tai_info.modid, 0, 0x14a928 | 1, &shellShot); // you fill it / point it

sceSysmoduleLoadModule(SCE_SYSMODULE_SCREEN_SHOT); // you load screenshot module
shellShot(); // you use the function
sceSysmoduleUnloadModule(SCE_SYSMODULE_SCREEN_SHOT); // you unload the screenshot module


Title: Re: Taking a screenshot from a SceShell plugin
Post by: FMudanyali on September 29, 2020, 12:02:31 PM

3.65 CEX offset: 0x14a980
3.65 REX (Testkit) offset: 0x142db4

Title: Re: Taking a screenshot from a SceShell plugin
Post by: FMudanyali on November 01, 2020, 12:51:56 PM

3.60 REX (Testkit) offset: 0x142d5c