Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.


Messages - nik

Pages: [1]
1
Tutorials / [UNOFFICIAL TUTORIAL] Compiling HENKaku.
« on: July 12, 2020, 06:19:11 PM »
Hello. In this tutorial I'll explain how to compile and run your own version of HENKaku.

First, make sure you have installed Dolce SDK https://sdk.cbps.xyz/

Also make sure you have Git, node-uglify, Python 3, some kind of a webserver, and crc32 (the program).

Then, make a directory somewhere where you'll do all the stuff, and change to it.

Clone the HENKaku and hentai taiHEN repos from Nekohaku (the reason why we're using Nekohaku is because original repositories are old, and they don't work with Dolce SDK):

Code: [Select]
git clone https://github.com/nekohaku/henkaku.git && git clone --recurse-submodules https://github.com/nekohaku/taiHEN.git
Let's build taiHEN first, cd to taiHEN folder and execute the following:

Code: [Select]
mkdir build && cd build && cmake .. && make
It should build taihen.skprx, copy it somewhere.

Then let's build HENKaku, cd to henkaku directory and copy sample.config.in as (any config name you want).config,

you should see something like this:
Code: [Select]
# use bash syntax

# whether we're building in debug or release mode, debug has a lot of sceClibPrintf logging, release has none of it
RELEASE=0

# nekohaku.local exists only for me as I have an OpenWrt router where I can edit hosts file to point to my PC :p
# package files/taiHEN/HENkaku plugin files will be downloaded from here
# place them in the `pkg` directory: eboot.bin, head.bin, param.sfo
# the directory structure will be created by the exploit
PKG_URL_PREFIX="http://nekohaku.local/pkg/"

# Url to henkaku.bin
HENKAKU_BIN_URL="http://nekohaku.local/henkaku.bin"

# Version to show in Settings
HENKAKU_RELEASE=12
BETA_RELEASE=0

# CRC of taihen.skprx, will redownload if mismatch, prefix with 0x
TAIHEN_CRC32=0

# CRC of molecularShell eboot.bin, will redownload if mismatch, prefix with 0x
VITASHELL_CRC32=0

# PSN "X-I-5-Passphrase" for spoofing, leave empty to disable, obviously "CBPSCBPS..." is not a valid passphrase, you must find it yourself.
# hint: it's the same length as the sample one.
PSN_PASSPHRASE="CBPSCBPSCBPSCBPSCBPSCBPSCBPSCBPSCBPSCBPSCBPSCBPSCBPSCBPS"

Change nekohaku.local to url/ip/domain of your webserver.

In TAIHEN_CRC32 change 0 to the crc32 of taiHEN.skprx file, it should look something like this (don't copy mine!):
Code: [Select]
TAIHEN_CRC32=0xa38fc583
In VITASHELL_CRC32 change 0 to the crc32 of the molecularShell's eboot.bin, you can get it from henkaku's GitHub (link below). (prefix it with 0x too)
To use VitaShell you should replace any MLCL00001 references to VITASHELL, and comment line
Code: [Select]
GET_FILE("sce_sys/livearea/contents/install_button.png"); in bootstrap/bootstrap.c

Also you can change PSN_PASSPHRASE if you know the right one. CBPSCBPSCBPS... is a dummy one and it won't work. Which means PSN won't function. But who cares about PSN duh.

After that, type
Code: [Select]
./build.sh [your config filename]
And after some time it should finish, go to output/web, copy all three files to your webserver root, and rename exploit.html to index.html

Then make a pkg folder in your webserver's root and copy henkaku.suprx/henkaku.skprx/taihen.skprx to that folder.

Then copy molecularShell files to the pkg folder, you can get them from https://github.com/henkaku/henkaku.github.io/tree/master/go/pkg (don't copy henkaku/taihen files as you made your own!!!)

After that, run your webserver and go to the url you've set in the config file on your PSVita. If it works then congratulations.

that's it, have fun.

thanks to:
yifan lu - making henkaku
that hacker known as cbps - making dolce sdk
Microsoft - making wsl 2 and breaking hwclock in it. >:(

Pages: [1]