Show Posts

This section allows you to view all posts made by this member. Note that you can only see posts made in areas you currently have access to.

Topics - dots_tb

Pages: 1 2 [3] 4
News / CBPS Week Report [11/24/2019]
« on: November 25, 2019, 09:51:56 AM »
Since there are multiple posts that are being made now, I will now try to summarize them the best I can.

volume_profile was updated by cuevavirus [11/21/2019],46.msg56.html#msg56

Volume_profile of course is the plugin that allows the speaker and headphones to have their own volume settings. It automatically switches between the two when the headphones are plugged in or unplugged. I find it kind of funny that with the plugins being released this month on CBPS, this one is getting minimal attention. Please help it out.

This update includes bug fixes such as fixes a boot time crash that was caused by a stack overflow due to size being battered by the OS. I did not ask about the headphone detection being fixed or recall how it was accomplished, but its a nice improvement.

UPDATE: I think the headphone detection has patched issues with LOLIcon since it no longer uses the input buffer. I am not sure how I didn't see this.

Definitive proof that Samilop "Cimmerian" Iter is a gigga homo homo by dots_tb[11/21/2019],47.0.html
Following my ban on twitter, I have found proof that Samilop Iter is a gigga homo homo. This is very important, I hope you take a look at this damning evidence. I will not back down on Samilop Iter and delete the post, you guys should already know this with how I handled my banning from VitaDB.

ShowInfo Lite by Yoti [11/23/2019],49.0.html

It seems Yoti has made a program to view information about games installed:
Simple plugin that shows title_id, stitle and app_ver of the running application.

This is quite helpful when you have many games installed and are trying to modify resources like with rePatch. Finding title ids can be quite troublesome, I usually always ended up googling them.

He has also posted some RE information pertaining to the creation of this plugin that maybe helpful to some in the future:,50.0.html

I was personally surprised by this release being CBPS forums. Thank you for your support Yoti!

reScreeny by dots_tb [11/24/2019],51.msg63.html

I also had a release this week. This plugin helps make finding screenshots a little easier by saving them to folders named after the game it was taken it. I personally always found it hard finding screenshots for those stupid teasers that people do on twitter. I used to sort it by date and transferred them one by one until I found the right one. Ironically, this might be hard to do without an updated libftpvita, as Unicode support may not enabled for some reason. This was fixed by cuevavirus.

Anyways, I'm going to start doing these weekend reports if it is warranted by many releases. I will try to get better.

I hope this was helpful and please subscribe to the RSS... I'm not going back to Twitter.

Please continue to have fun with CBPS.

PS Vita / [Release] reScreeny - screenshots in folders that make sense
« on: November 25, 2019, 09:05:29 AM »

When the vita saves a screenshot, it randomly creates a folder name composed of two letters. This makes finding screenshots frustrating as you would have to search through a maze of folders with no coherent structure.

reScreeny fixes this issue by redirecting the screenshot to a folder named after the game it was taken in.

Code: [Select]
  • Supports Unicode (Japanese and other non-ASCII characters)
  • When an illegal character is found, it is replaced with a space
  • If path is too long, the game name will be truncated
  • If no game name is found, it will be stored in the "Other" folder
  • Adrenaline will save to PspEmu folder.
  • The Photo app will work as normal, however the title of the image given by the vita will be different than the title given by reScreeny. This is because reScreeny uses a uniform naming system that include microseconds, it also is generated a few seconds after the vita's title. So keep this in mind.
  • cuevavirus has tested with pngshot and it works fine

NOTE: Vitashell FTP may not support Unicode characters, a commit by cuevavirus was made to libftpvita.

config.txt should have as follows
Code: [Select]


Amazing Cleanup by Amazing Princess of Sleeping

With help from folks at the
CBPS discord:

Idea by cuevavirus

Testing team:

As you can see by the evidence placed here, Samilop Iter is a gigga homo homo:

He not only is cruising for autist pee pee, he wants to see girls die due to his hatred of the female form. He also then openly flirts with Nkekev.

Twitter may try to censor this fact, but I am for FUN and TRUTH!

News / Suspended by Twitter
« on: November 17, 2019, 11:28:00 PM »
My @dots_tb account has been suspended by Twitter for a shitpost.

I will try to appeal it, I personally believe I did nothing wrong.

I called Samilop Iter a homo (which he is), but where did I infer that it is negative to be a homo?
If I called Hitler an artistic murderer, do I infer that artists are all murderers?

The only negative comes from the person being called a homo, him having the perception that being a homo is bad. Its 2019, how is it bad?

This belief can be further seen in how I said: "what is wrong with being gay?"

You may ask, how do I know Samilop Iter is a homo? Well his own logic was "calling someone gay makes you gay". Using his own logic, he called me a homosexual, thus he is a homosexual.

In fact, it seems Samilop Iter is the one causing violence against homosexual by perpetuating that homosexuality is a bad thing.

I cannot believe that Twitter would allow such a hateful bigot homophobe on Twitter.

So thus, I made an appeal:

PS Vita / [UPDATE][FAPS] reF00d keys.bin update
« on: November 16, 2019, 04:03:59 AM »
The launch ref00d keys.bin had a limit of 3.69 because of an artificial range hard coded into it. 3.69+ is out of this range, so thus games with newer updates such as Hell Diver did not run.

While the keys themselves have not changed as reported by SilicaAndPina, because of the version selector built into ref00d rare updates such as these would cause incompatibilities. This list of incompatibilities will just grow, thus this posted one is raised to 3.99.

For installation, follow the readme of ref00d except replace keys.bin with the one provided here.

Thanks to OLDSKOOL978 for testing.

the French - @CelesteBlue123
the American - @dots_tb
the 【Princess of Sleeping】 - @PoSsvkey
With @juliosueiras and TheRadziu - @AluProductions

Download in the attachments.

PS Vita / [Release]chovy-trans
« on: October 22, 2019, 10:54:51 AM »
Chovy Project tool 4: Chovy-trans

This program automates the transferring of legally obtained games from your PSP that are digitally downloaded to your PSV.

The tool simply:
  • Finds the AID from CMA
  • Copies game from PSP
  • Generates __sceebootpbp for game
  • Transfers it to PSV using CMA.

Some games are deemed unsupported by the PSN store on the vita, thus this trick allows you to get around that. Such as Spyro shown in screenshot:

Heres an example of Spyro The Dragon running on a USA account by using chovy-trans:

Credits and testing team:
  • SilicaAndPina
  • dots-tb
  • Motoharu
  • SteelWolf89
  • Cloud Strife

          il2cpp_thread_get_all_attached_threads: 0x00E1A8B2
          il2cpp_set_data_dir: 0x01C2F78E
          il2cpp_current_thread_get_stack_depth: 0x022B097F
          il2cpp_exception_from_name_msg: 0x032615B0
          il2cpp_class_has_parent: 0x0410953A
          il2cpp_unhandled_exception: 0x04DDD0C7
          il2cpp_thread_current: 0x057C3A84
          il2cpp_add_internal_call: 0x06918886
          il2cpp_method_get_object: 0x0B130E92
          il2cpp_field_get_type: 0x0BA7F2D5
          il2cpp_class_get_parent: 0x0D0E5F76
          il2cpp_class_from_system_type: 0x0E308588
          il2cpp_string_chars: 0x0EF44DCF
          il2cpp_thread_get_stack_depth: 0x0FDCD6C2
          il2cpp_set_commandline_arguments: 0x0FEB81DA
          il2cpp_monitor_enter: 0x10590878
          il2cpp_class_is_enum: 0x13AE775C
          il2cpp_thread_walk_frame_stack: 0x160C470F
          il2cpp_class_get_flags: 0x1BB83839
          il2cpp_monitor_try_enter: 0x1D068E45
          il2cpp_thread_detach: 0x1D6961D2
          il2cpp_runtime_invoke_convert_args: 0x1F3B8663
          il2cpp_api_register_symbols: 0x2016A56B
          il2cpp_thread_get_top_frame: 0x210ED664
          il2cpp_class_is_inflated: 0x243738EA
          il2cpp_gchandle_new: 0x253AF2AC
          il2cpp_method_get_declaring_type: 0x28961E49
          il2cpp_monitor_try_wait: 0x2927C894
          il2cpp_method_get_class: 0x29574A66
          il2cpp_field_get_offset: 0x297EA052
          il2cpp_object_get_virtual_method: 0x2B23AC27
          il2cpp_method_is_generic: 0x2C951B1E
          il2cpp_array_new_full: 0x2D829F45
          il2cpp_image_get_assembly: 0x2F0A5DD0
          il2cpp_class_num_fields: 0x2F16E9DE
          il2cpp_field_get_parent: 0x2F266370
          il2cpp_property_get_get_method: 0x2F328588
          il2cpp_field_get_value_object: 0x2FE27624
          il2cpp_class_is_valuetype: 0x305C8439
          il2cpp_string_new: 0x320A6ADC
          il2cpp_class_from_il2cpp_type: 0x33ABD186
          il2cpp_image_get_filename: 0x33D26618
          il2cpp_method_get_name: 0x3630A877
          il2cpp_monitor_pulse: 0x39C7D321
          il2cpp_class_get_methods: 0x39FE780A
          il2cpp_runtime_invoke: 0x3A66B97B
          il2cpp_class_get_method_from_name: 0x3AE69181
          il2cpp_class_get_assemblyname: 0x3B020A39
          il2cpp_profiler_set_events: 0x3DAC5F85
          il2cpp_delegate_begin_invoke: 0x3DBF4BD7
          il2cpp_unity_liveness_calculation_end: 0x3DD80635
          il2cpp_property_get_flags: 0x40B68B82
          il2cpp_domain_get_assemblies: 0x4350820D
          il2cpp_property_get_set_method: 0x449F8F4A
          il2cpp_profiler_install_gc: 0x44AC7B85
          il2cpp_current_thread_get_frame_at: 0x45CDBBC5
          il2cpp_api_lookup_symbol: 0x46F3ED2C
          il2cpp_class_get_declaring_type: 0x473BDFC7
          il2cpp_field_get_flags: 0x48AB7848
          il2cpp_set_config_dir: 0x4C1DF4C9
          il2cpp_array_element_size: 0x4DEE3360
          il2cpp_method_is_instance: 0x4EE92948
          il2cpp_class_get_element_class: 0x50A3602B
          il2cpp_init: 0x50B6D63A
          il2cpp_profiler_install_enter_leave: 0x525CE7FE
          il2cpp_class_enum_basetype: 0x52F70DFF
          il2cpp_bounded_array_class_get: 0x57851219
          il2cpp_object_get_class: 0x5D09DA08
          getenv: 0x5EB65777
          il2cpp_gchandle_get_target: 0x5ECE1A79
          il2cpp_free_captured_memory_snapshot: 0x639F6E02
          il2cpp_delegate_end_invoke: 0x67B14D5F
          il2cpp_property_get_parent: 0x6968BD71
          il2cpp_class_has_references: 0x69972E5E
          il2cpp_type_get_object: 0x6C34E1C3
          il2cpp_unity_liveness_calculation_begin: 0x6E28A1E2
          il2cpp_method_is_inflated: 0x6F8AADC1
          il2cpp_class_get_interfaces: 0x6FDDFA60
          il2cpp_class_get_fields: 0x7071DAE5
          il2cpp_domain_assembly_open: 0x7122F6FD
          il2cpp_alloc: 0x71C49D01
          il2cpp_free: 0x76499711
          il2cpp_class_get_bitmap: 0x78886C04
          il2cpp_method_has_attribute: 0x7A3EDF04
          il2cpp_gchandle_free: 0x7AD5A2BF
          il2cpp_string_new_wrapper: 0x7E19877D
          il2cpp_class_get_properties: 0x81638550
          il2cpp_get_corlib: 0x81F1D072
          il2cpp_method_get_flags: 0x83284B12
          il2cpp_string_new_utf16: 0x849E1978
          il2cpp_raise_exception: 0x854D65E8
          il2cpp_array_class_get: 0x85DB6472
          il2cpp_class_get_bitmap_size: 0x87669AED
          il2cpp_field_get_value: 0x87D18DDF
          il2cpp_class_get_field_from_name: 0x8A13982E
          RegisterModule: 0x8ACC9429
          il2cpp_string_length: 0x8CBFEA94
          il2cpp_thread_attach: 0x8DE4C657
          il2cpp_class_get_type: 0x8E5D4976
          il2cpp_runtime_class_init: 0x8E6432F6
          il2cpp_runtime_unhandled_exception_policy_set: 0x8EBD7690
          il2cpp_class_has_attribute: 0x8EE01DE4
          il2cpp_class_is_interface: 0x9112DAE7
          il2cpp_value_box: 0x95166A75
          il2cpp_class_is_generic: 0x9519A39F
          il2cpp_shutdown: 0x95A92A72
          il2cpp_array_length: 0x96E4C053
          il2cpp_array_new_specific: 0x96F0DEA3
          il2cpp_field_static_get_value: 0x985BAB20
          il2cpp_field_get_name: 0x9A59E051
          il2cpp_type_get_name: 0x9B19A148
          il2cpp_object_unbox: 0x9B6528F1
          il2cpp_monitor_pulse_all: 0x9B9212C1
          il2cpp_class_from_name: 0xA2709382
          il2cpp_method_get_token: 0xA3D3E149
          il2cpp_gchandle_new_weakref: 0xA41C1F40
          il2cpp_unity_liveness_calculation_from_statics: 0xA53E27DC
          il2cpp_unity_liveness_calculation_from_root: 0xA5FBBF2D
          il2cpp_profiler_install: 0xA7102401
          setenv: 0xA7C286AB
          il2cpp_monitor_wait: 0xA863F75A
          il2cpp_stats_dump_to_file: 0xAA0F1DBD
          il2cpp_array_new: 0xAAA6BE65
          il2cpp_current_thread_get_top_frame: 0xAD5087E2
          il2cpp_object_new: 0xAF1706CA
          il2cpp_method_get_return_type: 0xB0B2E13D
          il2cpp_class_is_subclass_of: 0xB1F4F9CD
          il2cpp_stats_get_value: 0xB24E0D37
          unsetenv: 0xB24E6623
          il2cpp_method_get_param: 0xB49271AB
          il2cpp_thread_get_frame_at: 0xB562C452
          il2cpp_class_get_property_from_name: 0xB6F5EB69
          il2cpp_class_from_type: 0xB7EC9C29
          il2cpp_thread_get_name: 0xBD3BEC24
          il2cpp_is_vm_thread: 0xBFA65A87
          il2cpp_get_exception_argument_null: 0xC08EFEC3
          il2cpp_string_is_interned: 0xC23C5E57
          il2cpp_gc_get_heap_size: 0xC2968AB8
          il2cpp_monitor_exit: 0xC736ABE4
          il2cpp_class_get_name: 0xC8D61D5D
          il2cpp_gc_collect: 0xC9CD8402
          il2cpp_array_get_byte_length: 0xCD27733D
          il2cpp_property_get_name: 0xCF7553BE
          il2cpp_class_get_image: 0xCFFFA658
          il2cpp_runtime_object_init: 0xD1763D00
          il2cpp_field_has_attribute: 0xD1B311D8
          il2cpp_class_value_size: 0xD51ADCFD
          il2cpp_class_get_events: 0xD56E5EA2
          il2cpp_class_is_abstract: 0xD5E2ACED
          il2cpp_string_new_len: 0xD7E06A7A
          il2cpp_class_get_namespace: 0xD8D5C16C
          il2cpp_format_stack_trace: 0xDA5D942D
          il2cpp_current_thread_walk_frame_stack: 0xDAD7FB2C
          il2cpp_class_instance_size: 0xDB569097
          il2cpp_field_static_set_value: 0xDB65122D
          il2cpp_assembly_get_image: 0xDF3CEDF1
          il2cpp_string_intern: 0xE546EE48
          il2cpp_type_get_class_or_element_class: 0xE861CF6C
          il2cpp_object_get_size: 0xE86468C4
          il2cpp_class_is_assignable_from: 0xE8F6C601
          il2cpp_set_memory_callbacks: 0xE9628DBB
          il2cpp_image_get_entry_point: 0xEA13A3C3
          il2cpp_method_get_param_name: 0xED3CEF5F
          il2cpp_capture_memory_snapshot: 0xF011114E
          il2cpp_method_get_param_count: 0xF10A2027
          il2cpp_resolve_icall: 0xF129763F
          _Z43il2cpp_set_dlopen_sce_commandline_argumentsjPv: 0xF2FAAAB6
          il2cpp_profiler_install_allocation: 0xF3C73A8B
          il2cpp_domain_get: 0xF64E0F90
          il2cpp_class_array_element_size: 0xF7456A66
          il2cpp_gc_get_used_size: 0xF86168DA
          il2cpp_image_get_name: 0xF98135A4
          il2cpp_format_exception: 0xFA22341A
          il2cpp_field_set_value: 0xFB7AF2FE
          il2cpp_type_get_type: 0xFBFEA0B7
          il2cpp_runtime_object_init_exception: 0xFE9BDF0D
          g_PSP2TitleNPCommsId: 0x338B0BD1
          g_PSP2TitleTrial: 0x3A451B91
          g_PSP2TitleNPCommsPassphrase: 0x550DFE23
          g_PSP2TitleNPServiceId: 0x56354517
          g_PSP2FileCount: 0x5EF67445
          g_PSP2TitleNPHasTrophyPack: 0x6ACA1D57
          g_PSP2TitleId: 0x71A78083
          g_PSP2TitleNPCommsSig: 0x79F9DB75
          g_PSP2TitleNPAgeRating: 0xAA0340C3
          g_PSP2HasPSArc: 0xF9A1DE92

I got this request a while back (by MarioMasta on the SilicaServer), and I thought it'd be fun to make this the first goal of the cLiveArea Project.

The goal is to place the title id (on retail) in the dialog you get by pressing "Information" from the pop up menu that appears when hitting the three dots when rearranging icons on Live Area.

sub_833daad4 - seems to handle the opening of the info dialog.
ScePafWidget_82515E71(ctx, 0x00000000, 0x00000000, number of lines?) - within the span of this syscall, the text seems to be set.

sub_83709114(shell_string_thing  *r1 , char *str, int length) - generates the following structure, it seems these structures are used within paf widget stuff. It also seems this sub is unhookable.
Code: [Select]
typedef struct shell_string_thing {
char *string;
uint32_t length;
} shell_string_thing;

ScePafWidget Syscalls starting with ScePafWidget_82515E71:

Code: [Select]
ScePafWidget_417201D9(0x819F9C10, 0x00000000, 0x819FAA50, 0x819DE2A0)
ScePafWidget_417201D9(0x819F9C10, 0x00000000, 0x819FAA50, 0x819DE2A0): 0x819F9C10
ScePafWidget_1316E7E8(0x819F9C10, 0x819DD210, 0xAE5A2D39, 0xAE5A2D39)
ScePafWidget_1316E7E8(0x819F9C10, 0x819DD210, 0xAE5A2D39, 0xAE5A2D39): 0xAE5A2D39
ScePafWidget_6381B5FA(0x819F9C10, 0x00000000, 0x00000001, 0x00000032)
ScePafWidget_6381B5FA(0x819F9C10, 0x00000000, 0x00000001, 0x00000032): 0x819E3448
ScePafWidget_A2061BF4(0x819F9C10, 0x00000000, 0x815A6EB0, 0x815A6EB0)
ScePafWidget_A2061BF4(0x819F9C10, 0x00000000, 0x815A6EB0, 0x815A6EB0): 0x00000000
ScePafWidget_B3FA381F(0x819F9C10, 0x00000000, 0x00000002, 0xAE5A2D39)
ScePafWidget_B3FA381F(0x819F9C10, 0x00000000, 0x00000002, 0xAE5A2D39): 0xAE5A2D39
ScePafWidget_82515E71(0x819F9C10, 0x00000000, 0x00000000, 0x00000001)

ScePafWidget_7DFC7EE6(0x819FBD20, 0x819FA340, 0x00000000, 0x00000000)
ScePafWidget_7DFC7EE6(0x819FBD20, 0x819FA340, 0x00000000, 0x00000000): 0x819FBD20 //step 1 on text chain, r1 0x2d0 size,  3 args -> ScePafWidget_F49CC5B3
strlen PlayStation®Store @819dd2c0 12

ScePafWidget_DBB6B37A(0x819FBD20, 0x819FDAB0, 0x00000000, 0x81479BF0)
ScePafWidget_DBB6B37A(0x819FBD20, 0x819FDAB0, 0x00000000, 0x81479BF0): 0xAE5A2D39 //no args?
ScePafWidget_5B742AD2(0x815A6930, 0x819FBD20, 0x819FBD68, 0x819FDBB8)
ScePafWidget_5B742AD2(0x815A6930, 0x819FBD20, 0x819FBD68, 0x819FDBB8): 0x00000004 //7 args?
ScePafWidget_7EA5A99F(0x819FDAB0, 0xAE5A2D39, 0xAE5A2D39, 0x00000032)
ScePafWidget_7EA5A99F(0x819FDAB0, 0xAE5A2D39, 0xAE5A2D39, 0x00000032): 0xE04ADF30 //final on the text chain (it repeats starting at step 1 when adding another item), return list_item, 0 args

ScePafWidget_93057A6C(0x819DD210, 0x815A6D64, 0x8154B86C, 0x814796F0)//executed after all text is added  0 args?
ScePafWidget_93057A6C(0x819DD210, 0x815A6D64, 0x8154B86C, 0x814796F0): 0x819DD210

ScePafWidget_82515E71(0x819F9C10, 0x00000000, 0x00000000, 0x00000001): 0x00000000

ScePafWidget_7DFC7EE6 - r2[0][1] seems to be destruct or callback?

So far the issue is that the section of code relating to this dialog does not get decompiled.

Reverse Engineering / cLiveArea (Main Thread)
« on: September 20, 2019, 10:25:13 AM »
I'll be documenting information related to reverse engineering LiveArea in hopes to create a more customized shell experience in the likeness of the PSP.

All information will be for retail 3.60 firmwares. If you find any information please let me know! Thanks.

Topics Related to this:
Custom Info Dialog [IN PROGRESS]:,27.0.html

Reverse Engineering / Unity mono-vita.suprx Nids [UPDATE 9/28/2019]
« on: September 09, 2019, 12:45:28 AM »
This is a list of mono-vita.suprx NIDs that were found in order to inject a DLL into a Vita Unity game, however I never finish bypassing the signature check.
[UPDATE 9/28/2019] I forgot silica was silica and we had the stubs....
[UPDATE] Added 6 more
[UPDATE 9/27/2019] Thanks to celesteblue I was able to bruteforce some of the names. We will post a tutorial on how to do so on a later date.

Thanks to @Nkekev, @coburn64, @nyaaasen for help

Originally from kancolle trans project and <>f_this() project.

mono_profiler_install_code_chunk_new: 0x09D7D05B
mono_threads_clear_cached_culture: 0x179BB38C
mono_profiler_install_string_allocation: 0x19CC3655
mono_global_regalloc: 0x1CBFF0F5
mono_set_env: 0x1F994A5E
mono_thread_abort_all_other_threads: 0x28FA235E
mono_profiler_coverage_get: 0x340AEA49
MonoCreateMainThread: 0x422AE097
mono_get_jit_tls_key: 0x4FDBA5D6
mono_profiler_install_code_chunk_destroy: 0x5343D08A
mono_gc_disable: 0x541FD221
mono_get_lmf_tls_offset: 0x54F267A3
module_exit: 0x599029F8
getenv: 0x5EB65777
mono_verifier_class_is_valid_generic_instantiation: 0x8020AF2D
mono_array_new: 0x80B7D7B2
mono_assembly_open_full: 0x80DBB718
mono_verifier_is_sig_compatible: 0x811E6548
mono_class_get_methods: 0x81340CF3
mono_metadata_type_hash: 0x8429F26C
mono_compile_create_var: 0x843A1324
mono_get_exception_arithmetic: 0x84451146
mono_field_static_set_value: 0x847F7334
mono_find_spvar_for_region: 0x84876060
mono_get_root_domain: 0x8488DD38
mono_assembly_load_with_partial_name: 0x84942DE7
mono_class_get_field_token: 0x84B8DCE5
mono_profiler_install_appdomain: 0x8509C63E
mono_thread_interruption_requested: 0x850AAAB8
mono_get_exception_stack_overflow: 0x85EBFE8E
mono_image_get_strong_name: 0x86149E4A
mono_print_code: 0x86307F7F
mono_reflection_get_custom_attrs_data: 0x864495DC
mono_thread_current: 0x8682D761
mono_assembly_close: 0x871AE634
mono_assembly_load_references: 0x871D4450
mono_property_get_flags: 0x8741903B
mono_install_assembly_load_hook: 0x877787EC
mono_get_uint32_class: 0x8797CF89
mono_value_box: 0x87A25D00
mono_verifier_verify_standalone_signature: 0x8834969B
mono_metadata_generic_class_is_valuetype: 0x88A8EC67
mono_type_size: 0x88E9F9ED
mono_get_config_dir: 0x892BC519
mono_profiler_install_iomap: 0x89B53ED8
mini_cleanup: 0x8A20628D
mono_profiler_install: 0x8A940C82
mono_image_get_table_info: 0x8ABF79D9
mono_class_enum_basetype: 0x8ADA0876
mono_profiler_install_class: 0x8AE39EEC
mono_image_get_entry_point: 0x8AE4B8B5
mono_compile_assembly: 0x8B2ECD9A
mono_custom_attrs_from_field: 0x8B5C3A08
mono_unity_liveness_calculation_from_root: 0x8B68E2D3
mono_gc_invoke_finalizers: 0x8BE00382
mono_set_defaults: 0x8CD18C0F
mono_get_exception_bad_image_format: 0x8D490CAA
mono_jit_info_table_find: 0x8ECB2B80
mono_profiler_get_events: 0x8EFBD51D
mono_gc_collection_count: 0x8F0A2480
mono_trace_leave_method: 0x8FEEC4B5
mono_domain_owns_vtable_slot: 0x9049A2F6
mono_string_equal: 0x90DFC4DA
mono_unity_liveness_calculation_begin: 0x90E38D35
mono_field_get_type: 0x921409DC
mono_get_exception_appdomain_unloaded: 0x925BC949
mono_security_set_core_clr_platform_callback: 0x9281791A
mono_get_exception_not_supported: 0x930664F9
mono_method_has_marshal_info: 0x930704A9
mono_exception_from_token_two_strings: 0x938E252B
mono_type_get_array_type: 0x93B6C2E9
mono_get_method: 0x9401551D
mono_image_load_file_for_image: 0x9470D6D4
mono_class_get_nesting_type: 0x95B7DB8E
mono_context_set: 0x95FC31BD
mono_metadata_parse_array: 0x960FC0B9
mono_method_get_header: 0x96B7AAB7
mono_store_remote_field_new: 0x9705353C
mono_get_jit_tls_intrinsic: 0x97731CD2
mono_class_inflate_generic_type: 0x9797B7C1
mono_signature_get_params: 0x97A68419
mono_runtime_exec_main: 0x97D1B5A7
mono_image_ensure_section_idx: 0x985282E9
mono_print_method_from_ip: 0x995E6DE4
mono_profiler_install_gc: 0x9988731F
mono_thread_get_name: 0x99AFF0C9
mono_add_patch_info: 0x99E63A63
mono_thread_new_init: 0x9A143DE5
mono_field_get_parent: 0x9A37548A
mono_runtime_delegate_invoke: 0x9A741315
mono_image_open: 0x9A912E48
mono_verifier_verify_typespec_signature: 0x9CEDDC19
mono_get_method_constrained: 0x9D2E5835
mono_class_get_event_token: 0x9DA6C4F2
mono_field_set_value: 0x9E028879
mono_class_get_fields: 0x9E9D4618
mono_get_lmf_addr: 0x9EF738C6
mono_property_get_parent: 0x9F4D65A9
mono_bblock_insert_before_ins: 0x9FAE9EDF
mono_assemblies_cleanup: 0xA0B89806
mono_event_get_object: 0xA114833D
mono_add_seq_point: 0xA12FF186
mono_class_get_interfaces: 0xA17E88D2
mono_method_get_unmanaged_thunk: 0xA1891527
mono_get_exception_security: 0xA1C847BD
mono_verifier_verify_full_table_data: 0xA1FB2977
mono_install_assembly_search_hook: 0xA2584BF2
GC_setMonoHeapBehaviours: 0xA269193F
mono_gc_get_generation: 0xA321D22D
mono_get_array_class: 0xA3B79841
mono_get_exception_synchronization_lock: 0xA4157A98
mono_profiler_load: 0xA4445419
mono_pe_file_open: 0xA47B5CD7
mono_type_get_type: 0xA4BEBFFD
mono_get_exception_argument: 0xA597DEF4
mono_get_single_class: 0xA6438EAF
mini_method_verify: 0xA68508BA
mono_metadata_free_array: 0xA695F0E7
mono_get_object_class: 0xA6D80B78
mono_profiler_install_method_free: 0xA74A63F6
mono_remote_class: 0xA752FF55
mono_field_from_token: 0xA7835B8A
mono_class_from_generic_parameter: 0xA79F8684
mono_jit_cleanup: 0xA82994FB
mono_thread_get_main: 0xA88EE2DD
mono_get_exception_divide_by_zero: 0xA8E32ECD
mono_threads_is_shutting_down: 0xA935990A
mono_image_open_full: 0xA95F7C16
mono_custom_attrs_from_assembly: 0xA9BD8DA1
mono_analyze_liveness: 0xA9DBCE68
mono_get_exception_io: 0xA9DFDC2E
mono_get_lmf_addr_tls_offset: 0xAA19AE5A
mono_images_init: 0xAA5FDC8F
mono_thread_manage: 0xAA7B9293
mono_array_element_size: 0xAAFE5E23
mono_config_parse: 0xAC498E17
mono_get_exception_file_not_found: 0xAD03FBD6
mono_unity_set_embeddinghostname: 0xAD229E59
mono_exception_from_name_domain: 0xAD3B86D6
mono_field_static_get_value: 0xADC05EC6
mono_thread_request_interruption: 0xAF63ABE3
mono_metadata_parse_field_type: 0xB02956D4
mono_image_open_from_data_full: 0xB05F615D
mono_object_new_fast: 0xB061831E
mono_field_get_offset: 0xB0A28856
mono_assembly_get_image: 0xB0B22C43
mono_class_get_type: 0xB0E052B9
mono_profiler_install_transition: 0xB1A0456D
mono_unity_liveness_calculation_end: 0xB1C040F4
mono_aot_init: 0xB245E3F2
mono_profiler_install_method_invoke: 0xB27868EC
mono_verifier_verify_memberref_signature: 0xB31AAF0E
mono_thread_get_and_clear_pending_exception: 0xB3C2E45E
mono_find_jit_opcode_emulation: 0xB3EFBBD6
mono_verifier_verify_string_signature: 0xB42D88A0
mono_gc_enable: 0xB486BB4E
mono_get_exception_argument_out_of_range: 0xB5A1131E
mono_verifier_verify_cli_data: 0xB5F4C82A
mono_lookup_pinvoke_call: 0xB608DBCB
mono_set_lmf: 0xB625A33E
mono_class_name_from_token: 0xB73AEB50
mono_unity_liveness_calculation_from_statics: 0xB764E385
mono_thread_get_abort_signal: 0xB792E7CC
mono_gc_get_heap_size: 0xB7F12960
mono_get_exception_invalid_operation: 0xB7FF3E3C
mono_get_lmf: 0xB868E4D2
mono_method_verify_with_current_settings: 0xB87CE98E
mono_class_get_field_from_name: 0xB89AF9C0
mono_thread_cleanup: 0xBA1DCCBA
mono_assembly_get_object: 0xBA44F102
mono_property_set_value: 0xBAF3A1EC
mono_profiler_install_enter_leave: 0xBAF4C9D5
mono_stringify_assembly_name: 0xBB1D3B23
mono_verifier_verify_pe_data: 0xBB620EA2
mono_domain_finalize: 0xBBB6BD9F
mono_thread_interruption_checkpoint: 0xBBD5E83D
mono_get_domain_intrinsic: 0xBC280B1E
mono_class_from_mono_type: 0xBC3EE500
mono_metadata_signature_equal: 0xBDD5D09F
mono_array_class_get: 0xBEB37A1E
mono_unity_write_to_unity_log: 0xBED71A9C
mono_image_has_authenticode_entry: 0xBF1FF0E6
mono_thread_suspend_all_other_threads: 0xBFF3D25E
mono_thread_has_appdomain_ref: 0xBFF62831
mono_get_exception_index_out_of_range: 0xC0579848
mono_register_bundled_assemblies: 0xC078499B
mono_property_get_value: 0xC0BCC936
mono_object_castclass_mbyref: 0xC16A6BAA
mono_thread_force_interruption_checkpoint: 0xC26B7DF3
mono_reflection_get_custom_attrs: 0xC2B3AE15
mono_class_get_property_from_name: 0xC2E977B4
mono_exception_from_name: 0xC393D8BC
mono_patch_info_dup_mp: 0xC3CA6AA4
mono_get_exception_file_not_found2: 0xC47D9CCE
mono_metadata_parse_method_signature: 0xC5DBDA1F
mono_aot_register_globals: 0xC630DB11
mono_trace_set_level_string: 0xC697C579
mono_bblock_add_inst: 0xC6A39A68
mono_object_new: 0xC6A97AFC
mono_jit_set_aot_only: 0xC6BAE7E1
mini_method_compile: 0xC6BCFD1C
mono_print_ins_index: 0xC758FF1E
mono_profiler_install_statistical_call_chain: 0xC8A379B3
mono_type_from_stack_type: 0xC9519EC1
mono_class_array_element_size: 0xC965110E
mono_object_isinst: 0xC9CE6BE7
mono_thread_interruption_request_flag: 0xCA1E54E2
mono_jump_info_token_new: 0xCA4B1755
mono_verifier_is_method_full_trust: 0xCA73716D
mono_jit_thread_attach: 0xCA8E1CE0
mono_get_double_class: 0xCB7D4E79
mono_thread_init: 0xCBB458D2
mono_profiler_install_thread: 0xCBC5341B
mono_context_init: 0xCBD857C9
mono_array_new_full: 0xCBE4923D
mono_jit_parse_options: 0xCE586848
module_stop: 0xCEE8593C
mono_destroy_compile: 0xD086D195
mono_compile_method: 0xD09DE022
mono_unity_socket_security_enabled_set: 0xD0BCDD81
mono_field_get_flags: 0xD0D065F4
mono_get_exception_thread_abort: 0xD1B113DB
mono_get_machine_config: 0xD24881FA
mono_unity_set_vprintf_func: 0xD2C839D6
mono_jit_find_compiled_method: 0xD32626B0
mono_class_instance_size: 0xD376C2FF
mono_install_assembly_refonly_search_hook: 0xD396810B
mono_get_exception_argument_null: 0xD3F2E0D1
mono_verifier_verify_field_signature: 0xD460DC6D
mono_method_get_flags: 0xD4DC7E88
mono_type_create_from_typespec: 0xD4F67A8C
mono_object_new_from_token: 0xD51EE7DA
mono_string_is_interned: 0xD561FBAC
module_start: 0xD632ACDB
mono_profiler_install_monitor: 0xD6F4F4DE
mono_alloc_preg: 0xD7FC277A
mono_image_strong_name_position: 0xD8141678
mono_type_to_store_membase: 0xD95718BE
mono_get_exception_out_of_memory: 0xD96C2615
mono_install_runtime_cleanup: 0xD975AD87
mono_event_get_remove_method: 0xD9CD1177
mono_profiler_install_coverage_filter: 0xDA502E6B
mono_profiler_install_code_buffer_new: 0xDAAD35D6
mono_domain_create: 0xDBFE53A6
mono_get_exception_bad_image_format2: 0xDCB75AD4
mono_runtime_object_init: 0xDCFAED43
mono_string_new_wrapper: 0xDD1DB80F
mono_install_assembly_refonly_preload_hook: 0xDD573E16
mono_runtime_get_main_args: 0xDD61FA09
mono_get_delegate_invoke: 0xDD84E8BF
mono_domain_try_type_resolve: 0xDE2DF623
mono_unity_class_is_interface: 0xDE3734E5
mono_get_uint64_class: 0xDE5BA375
mono_bblock_insert_after_ins: 0xDE8B872D
mono_context_get: 0xDE937C8D
mono_verifier_verify_table_data: 0xDECA57E2
mono_method_get_marshal_info: 0xDF87B492
mono_get_exception_not_implemented: 0xDFAA6F1C
mono_custom_attrs_from_property: 0xDFDCCC86
mono_class_num_methods: 0xDFDE78DB
mono_method_can_access_field: 0xE01B41EC
mono_array_clone: 0xE06BDF97
mono_trace_enable: 0xE0D010C1
mono_monitor_exit: 0xE14E2BD0
mono_gc_get_used_size: 0xE1563123
mono_metadata_parse_custom_mod: 0xE1AFEEEE
mono_get_exception_null_reference: 0xE1D13E56
mono_class_is_assignable_from: 0xE2245981
mono_get_exception_execution_engine: 0xE255D49B
mono_get_exception_reflection_type_load: 0xE279982C
mono_assembly_get_assemblyref: 0xE36F7FC9
mono_verifier_is_enabled_for_image: 0xE4768BE6
mono_main: 0xE4D135D0
mono_get_int16_class: 0xE5426B18
mono_method_get_signature: 0xE5565601
mono_type_is_byref: 0xE5DA1DA9
mono_threads_set_default_stacksize: 0xE70EBC05
mono_profiler_install_module: 0xE7530D0A
mono_type_get_name: 0xE805443E
mono_get_thread_class: 0xE819E044
mono_method_body_get_object: 0xE8361D58
mono_class_num_events: 0xE867A90F
mono_class_value_size: 0xE95CF932
mono_lookup_internal_call: 0xE9B7E882
mono_image_loaded_by_guid: 0xE9EC0951
mono_profiler_install_jit_compile: 0xEB5823AE
mono_class_get_image: 0xEB8D03C1
mono_runtime_unhandled_exception_policy_set: 0xEC231B14
mono_domain_unload: 0xECD3AFB6
mono_domain_try_unload: 0xED207857
mono_image_ensure_section: 0xED445BF4
mono_class_is_subclass_of: 0xEDB2E0D7
mono_event_get_flags: 0xEDF9AC1D
mono_class_from_typeref: 0xEE938D1D
mono_image_get_filename: 0xEEDEE354
mono_trace_set_mask_string: 0xEEE96427
mono_monitor_try_enter: 0xEF1D1D9D
mono_image_get_name: 0xEF6CFCF5
mono_class_inflate_generic_method: 0xEF6E02DE
mono_assembly_invoke_load_hook: 0xEFCB8DA5
mono_profiler_install_statistical: 0xF0E8544F
mono_method_get_index: 0xF1C0D9A9
mono_assembly_load: 0xF1C750BA
mono_class_get_method_from_name: 0xF26BC9AB
mono_thread_detach: 0xF2DE34CF
mono_type_get_signature: 0xF3E721E1
mono_loader_error_prepare_exception: 0xF46E6A01
mono_class_num_fields: 0xF4F2D8A5
mono_runtime_quit: 0xF7434F77
mono_field_get_name: 0xF76DF0CD
mono_install_assembly_postload_refonly_search_hook: 0xF7B41B88
mono_assemblies_init: 0xF7C5D57F
mono_domain_get_id: 0xF838984C
mono_method_get_last_managed: 0xF8EA906D
mono_profiler_install_runtime_initialized: 0xF90CDEDD
mono_metadata_signature_dup: 0xF97226BF
mono_get_jit_tls_offset: 0xF974F251
mono_get_exception_class: 0xF984EFCB
mono_runtime_set_shutting_down: 0xF9E71715
mono_ldstr: 0xF9F0FC89
mono_get_exception_method_access: 0xFA28B3DF
mono_domain_set_internal: 0xFA32AF8D
mono_class_is_blittable: 0xFAC88D9B
mono_gc_max_generation: 0xFB1BA879
mono_set_dirs: 0xFD77E36D
mono_runtime_cleanup: 0xFDC576CE
mono_array_new_specific: 0xFE5BCF0F
mono_security_get_mode: 0xFF03FDF8
mono_profiler_install_assembly: 0xFF1EACFC
mono_inst_set_src_registers: 0xFF40D44C
mono_image_rva_map: 0xFFCE8142
mono_aot_only: 0x01A5C609
mono_break_on_exc: 0x06EF1E48
mono_use_imt: 0x1740B086
disable_vtypes_in_regs: 0x1FB1D2BF
mono_do_x86_stack_align: 0x2A4844D9
check_for_pending_exc: 0x341068C7
mono_break_at_bb_method: 0x6E712DA5
mono_jit_tls_id: 0x86472ABA
mono_inject_async_exc_method: 0x8D542174
mono_compile_aot: 0x9930F4E9
mono_exc_esp_offset: 0xA3575287
mono_ficall_flag: 0xCCEF853A
mono_jit_trace_calls: 0xD6D79767
mono_use_llvm: 0xF83855A4
mono_loader_get_last_error: 0x4085C08E
mono_set_find_plugin_callback: 0x218214F7
mono_unity_class_is_abstract: 0x379E33A4
mono_class_is_generic: 0x4E898F6C
mono_class_is_inflated: 0x5BC78438
mono_unity_get_embeddinghostname: 0x66506975
mono_thread_pool_cleanup: 0x6996E71F
mono_assembly_load_reference: 0x008E290A
mono_method_header_get_num_clauses: 0x00C5C070
mono_alloc_ireg: 0x012391DE
mono_get_exception_thread_state: 0x018261D9
mono_get_exception_field_access: 0x0194A9F9
mono_assembly_load_module: 0x01A6A259
mono_array_addr_with_size: 0x01B38F1A
mono_register_config_for_assembly: 0x01C6B724
mono_class_get_rank: 0x020AD452
mono_signature_is_instance: 0x0310D629
mono_metadata_free_mh: 0x031AB80B
mono_image_open_from_data: 0x0326F394
mono_varlist_insert_sorted: 0x03A2D4C4
mono_constant_fold_ins: 0x03D65C72
mono_get_exception_cannot_unload_appdomain: 0x044CE5EF
mono_class_get_byref_type: 0x04E9730A
mono_class_get: 0x05477DD7
mono_class_get_method_from_name_flags: 0x054DCCDA
mono_verifier_is_enabled_for_class: 0x05B9AB16
mono_domain_free: 0x06CA6144
mono_get_runtime_build_info: 0x072D6B03
mono_reflection_get_custom_attrs_by_type: 0x07C3EF21
mono_raise_exception: 0x087838A7
mono_object_get_class: 0x0957CAF7
mono_string_to_utf8: 0x0A130E3A
mono_get_string_class: 0x0AB75746
mono_object_new_specific: 0x0B2B6BFB
mono_string_new_size: 0x0B575A25
mono_signature_get_return_type: 0x0BE39A69
mono_type_get_object: 0x0BE69753
mono_security_enable_core_clr: 0x0D7A5F4C
mono_type_to_unmanaged: 0x0DBAD239
mono_ptr_class_get: 0x0DE0BFCA
mono_gchandle_free: 0x0E37447B
mono_print_unhandled_exception: 0x0F1DB395
mono_trace_set_level: 0x0F4D93ED
mono_domain_get_by_id: 0x0F7D1E93
mono_assembly_invoke_search_hook: 0x0FC11704
mono_load_remote_field: 0x104D3A84
mono_runtime_invoke: 0x106402FE
mono_type_stack_size: 0x10DCDACA
mono_verifier_verify_methodspec_signature: 0x1159DCA9
mono_get_int64_class: 0x11ABBB7B
mono_type_get_class: 0x1274A59B
mono_domain_is_unloading: 0x12E7AE31
mono_assembly_load_full: 0x12E963E1
mono_class_get_flags: 0x1349A962
mono_object_clone: 0x13C8495B
mono_assembly_get_main: 0x148DD6BA
mono_module_file_get_object: 0x14C97805
mono_aot_register_module: 0x15C8BACF
mono_runtime_class_init: 0x15D6DFD2
mini_assembly_can_skip_verification: 0x15E257FD
mono_object_get_size: 0x163707B2
mono_monitor_enter: 0x16F23C8D
mono_patch_info_list_prepend: 0x1753A072
mono_metadata_parse_mh: 0x178BD969
mono_image_strerror: 0x17A3D3E9
mono_exception_from_name_two_strings: 0x17A7C75E
mono_config_parse_memory: 0x17CB2647
mono_method_get_class: 0x1893ECBB
mono_jit_init_version: 0x19994F2A
mono_event_get_name: 0x19ACF475
mono_gchandle_is_in_domain: 0x19B83773
mono_class_data_size: 0x19E1ADE3
mono_threads_abort_appdomain_threads: 0x1A8255A8
mono_reflection_get_custom_attrs_blob: 0x1B079B39
mono_get_uintptr_class: 0x1B6F84EA
mono_class_get_properties: 0x1BB64093
mono_get_boolean_class: 0x1C4FBD52
mono_thread_create: 0x1C54E255
mono_runtime_run_main: 0x1CECCD80
mono_class_get_events: 0x1E11E919
mono_profiler_install_exception: 0x1E6B5018
mono_unhandled_exception: 0x1E8E031C
mono_class_get_name: 0x1F5EFC4C
mono_signature_get_call_conv: 0x2081134A
mono_store_remote_field: 0x20CB5213
mono_assembly_loaded: 0x2105B42D
mono_class_num_properties: 0x214190C1
mono_load_membase_to_load_mem: 0x216F0DA6
mono_security_set_mode: 0x218C4F8E
mono_get_exception_array_type_mismatch: 0x2198726E
mono_check_corlib_version: 0x21DFE3F3
mono_verify_cfg: 0x22A3BD03
mono_add_internal_call: 0x231753C3
mono_domain_create_appdomain: 0x23A03126
mono_runtime_is_shutting_down: 0x23BC16C6
mono_thread_stop: 0x24329AB3
mono_image_loaded: 0x24661882
mono_custom_attrs_get_attr: 0x246932BD
mono_image_loaded_by_guid_full: 0x2482AF38
mono_domain_has_type_resolve: 0x24BF6B69
mono_image_load_module: 0x25A3A841
mono_images_cleanup: 0x261AE9F4
mono_field_get_object: 0x2694C3F8
mono_image_get_public_key: 0x28D79C89
mono_image_add_to_name_cache: 0x296B8A83
mono_assembly_loaded_full: 0x2A081AA8
mono_verifier_enable_verify_all: 0x2A915AB9
mono_property_get_set_method: 0x2C4352BF
mono_jit_find_compiled_method_with_jit_info: 0x2C692090
mono_method_get_object: 0x2D457A04
mono_gchandle_new: 0x2DDA7B0B
mono_custom_attrs_from_index: 0x2E0417BC
mono_assembly_names_equal: 0x2F158C47
mono_gc_collect: 0x2F2B052F
mono_thread_attach: 0x2F7B5E8F
mono_reflection_get_token: 0x2F886047
mono_get_exception_overflow: 0x2FC34E3E
mono_string_new_utf16: 0x300FC630
mono_precompile_assemblies: 0x3044BA54
mono_string_new: 0x30522283
mono_metadata_free_method_signature: 0x30930E4A
mono_print_ins: 0x31250D13
mono_trace_is_enabled: 0x3127B5CE
mono_class_get_namespace: 0x315EC2E1
mono_table_info_get_rows: 0x316C7488
mono_type_get_underlying_type: 0x31A2ECB2
mono_init: 0x320E861E
mono_get_exception_missing_method: 0x3211009C
mono_type_to_load_membase: 0x325B5D18
mono_get_char_class: 0x32983863
mono_get_method_full: 0x331A2E8E
mono_custom_attrs_from_class: 0x33763AD5
mono_get_exception_invalid_cast: 0x337916B5
mono_verify_bblock: 0x33AD9D82
mono_aot_get_method: 0x33DBE7C9
mono_threads_get_default_stacksize: 0x34E2FE4C
mono_gchandle_free_domain: 0x351C25D7
mono_get_exception_serialization: 0x373269BE
mono_class_get_type_token: 0x3784B23D
mono_bounded_array_class_get: 0x37CCF521
mono_get_void_class: 0x38EBC671
mono_create_jump_table: 0x3970BE8D
mono_assembly_setrootdir: 0x397DE02E
mono_object_new_alloc_specific: 0x39A60403
mono_method_header_get_code: 0x39BFA0FD
mono_verifier_is_enabled_for_method: 0x39C152FB
mono_config_for_assembly: 0x39C55EDB
mono_reflection_type_from_name: 0x39EC624F
mono_class_min_align: 0x3A7983F1
mono_set_config_dir: 0x3B4EBD86
mono_op_imm_to_op: 0x3BAB68A1
mono_property_get_name: 0x3C933BEC
mono_image_lookup_resource: 0x3CCC31A4
mono_load_remote_field_new: 0x3CD40D17
mono_reverse_branch_op: 0x3CEC838B
mono_register_machine_config: 0x3D4E3BF6
mono_get_enum_class: 0x3DB2D1F6
mono_assembly_getrootdir: 0x3DC918F3
mono_patch_info_hash: 0x3E04BEB0
mono_verifier_verify_method_header: 0x3E2E520F
mono_string_to_utf16: 0x3ECA268B
mono_class_vtable: 0x3EF4FBC7
mono_method_get_signature_full: 0x3F07C52B
mono_value_copy: 0x3F15F9D2

Reverse Engineering / MOVED: Debugging Some Unity Games
« on: September 09, 2019, 12:21:57 AM »

Reverse Engineering / Debugging Some Unity Games
« on: September 08, 2019, 09:07:26 PM »
unity_debug - debug logging tool for UNITY on the PS VITA (originally for the kancolle translation project)
Slaves: @dots_tb, @Nkekev, @coburn64, @nyaaasen
Nkekev - sleep deprivation, token french for this project, testing, and further NID exploration
Coburn - Unity advisor and C# programmer
Sys (Yasen) - bringing the team together and """PR"""

Special thanks to Team_molecule (esp davee for his valiant effort.)

When looking into Unity games, you may want to get the debug output or logs. These are usually nullified and will not log to stdout. This plugin re-enables that function.

You will need:

Set up logging software.
You must setup Shiplog 2.0 or similar logging software, quick tutorial here:

It must be net mode or file logging mode. You cannot use buffer mode as it will fill up quickly depending on how many times the function is called. I recommend net logging, however some information may be lost in any of the methods due to Shiplog being trash.

Some notes:
You need both backdoor_exe.skprx and ShipLog.vpk installed. You must reboot once after installing the kernel plugin portion before attempting to open the application installed by the VPK.

Make sure you set up your network config on Shiplog and SAVE IT! The IP you are entering is the IP of your PC, Shiplog will attempt to connect to it on vita boot or when Henkaku activates.

To setup a server on the PC, use netcat command:
Code: [Select]
nc -l -p 3333
Then reboot the vita, you should see a message pop up on the PC when your vita connects.

Install the plugin.
Transfer the unity_debug.suprx to your vita and add it to the taihen config.txt under the title of the software the function you want to get unity logs from.

Code: [Select]
You should already know how to do this...

Reload taihen configuration. You may do this through Henkaku settings or Vitashell.

Launch the game and get the output.
Shiplog should now receive the output of the plugin:

NOTE: This plugin may not work on some games and especially games that utilize Il2CPP. You will know if it works if you see:
  • MONO was executed
  • hook[0]: <positive number when signed>

Reverse Engineering / Simple offset hooking to dump arguments
« on: August 31, 2019, 02:44:05 PM »
When looking into applications it will be desirable to look into what is being passed to each function. One of Yifan Lu's greatest contributions is the Taihen framework which make accomplishing this much easier. This is just an introduction...

You will need:

Set up logging software.
You must setup Shiplog 2.0 or similar logging software, quick tutorial here:

It must be net mode or file logging mode. You cannot use buffer mode as it will fill up quickly depending on how many times the function is called. I recommend net logging, however some information may be lost in any of the methods due to Shiplog being trash.

Some notes:
You need both backdoor_exe.skprx and ShipLog.vpk installed. You must reboot once after installing the kernel plugin portion before attempting to open the application installed by the VPK.

Make sure you set up your network config on Shiplog and SAVE IT! The IP you are entering is the IP of your PC, Shiplog will attempt to connect to it on vita boot or when Henkaku activates.

To setup a server on the PC, use netcat command:
Code: [Select]
nc -l -p 3333
Then reboot the vita, you should see a message pop up on the PC when your vita connects.

You need to find a function to hook.
You do this by decompiling an elf. Then once you find a function to hook, you must determine its offset, on VitaDecompiler-mod we added the Offsets to the header of each function:

On other software, you just get the subroutine address and subtract the base segment address. Other words, you usually just have to take off the first few digits:

I cannot tell you what functions to hook, just find things that look interesting.

Edit the base_hooker to match the offset.
Open up base_hooker.c from base_hooker source from PSVita-RE-tools. Locate "taiHookFunctionOffset". It will have an offset set to 0x0. Change this to reflect the offset/function you wish to hook:

Build the base_hooker.suprx
Navigate to the folder containing the source within your build environment with vitasdk setup.

Then type the following to build the plugin:
Code: [Select]
mkdir build
cd build
cmake ../

There should be a base_hooker.suprx in the build directory.

Install the plugin.
Transfer the base_hooker.suprx to your vita and add it to the taihen config.txt under the title of the software the function you are hooking is from.

Code: [Select]
You should already know how to do this...

Reload taihen configuration. You may do this through Henkaku settings or Vitashell.

Launch the game and get the output.
Shiplog should now receive the output of the plugin:

You can see here that the hook is successful:
Code: [Select]
hook_uid[0]: 4001011dIf it is not successful, then the number when cast as a signed integer will be negative.

By looking at the source code, you can see what the rest means. But in summary...
You will see hook_func1 is called with these arguments. However, you can see some of these arguments are memory addresses. So we can look at the following memory dumps. These are fairly unpleasant to look at since I did not format them nicely.

You can copy and paste that information into a hex viewer:

You may also notice it is dumped twice, one before the function is called. Then after to see the modification like r3.

You can also see how trash Shiplog is with some of the data being lost in the arguments list...

You may now edit the source again to perform more tests.

With this hook, every time the hooked subroutine is called it will call the hook_func1 function instead. You can then modify these arguments before it is sent to the original function, but at the moment we are just using this hook to peak at the data being sent. The arguments are then forwarded using TAI_CONTINUE. You can completely remove this line to prevent the original function from being called.

Just rebuild and upload the suprx to the vita. You do not have to reload taihen config after doing it the first time.

Testing / [BETA][FAPS][8/28/2019] ref00d Testing Thread
« on: August 28, 2019, 06:56:22 AM »
[8/28/2019]Latest test build: reF00D (6).skprx

[8/28/2019][PREV] reF00D (5).skprx
See attachments for files.

Purpose of new update: We aim to increase stability and speed of the overall vita operating system by running every module through ref00d. This means module decryption is also subject to over/underclock.

For this build, please test (WITH reF00D!):
  • PSPemu and/or PSM Dev assistant
  • Any other Systems application you can think of.
  • Games that utilize Unity engine (not PSM)
  • A rePatch translation mod without modded eboot.bin
  • A rePatch translation mod with modded eboot.bin
  • A rePatch translation mod with modded eboot.bin and modded DLC
  • A rePatch translation mod without modded eboot.bin and modded DLC
  • A rePatch without modded eboot.bin and modded DLC
  • A rePatch with modded eboot.bin and modded DLC
  • Try to suspend the Vita with ref00d running.
  • Try ref00d without Enso/Coldboot exploit.
  • Compare differences with existing ref00d build from the official repository in terms of speed and stability.
  • Try to suspend the Vita with ref00d in conjunction with previous tests (such as suspending with a Unity Game).
  • Try to suspend the Vita while game is loading after tapping on the thumbnail to start it.
  • Try to break ref00d though daily activities.

NOTE: rePatch has not been ported to 3.70 and above. Do not do rePatch related tests these firmwares.

When submitting testing info:

  • You may use the discord (ask for testing role):
    Or you may post your findings here.
  • Please describe in great detail what you have tested, preferably referencing the test number if applicable.
  • Please state the file name of the build you are testing.
  • Please state what exploit you are using (ENSO, H-ENCORE, TRINITY, WEBSPLOIT, etc)
  • Please state what Firmware you are on!

Please keep in mind that this is a BETA build, it may have errors (obviously report those if you find them)!

Do not leak or spread these files, we wish end-users to have the most stable experience possible and to have as much information about builds being tested.

If you do, please get testing feedback...

Reverse Engineering / #ChovyProject - Road to PS1 support
« on: August 24, 2019, 09:31:32 PM »
Goal is to get PS1 support that is hard to patch.

We will probably use the current chovy-sign method.

A PS1 base game will provide a RIF and a version key. The version key will be used to encrypt another PSN PS1 eboot. The Content ID does not seem to be found twice in the file along with the Vita prompting an corruption error when replaced with another eboot.pbp off of NPS (with regenerated __sceebootpbp) this leads me to believe that the DATA.PSP's content id is used to get the correct RIF and may have a Vita side check?


Pages: 1 2 [3] 4