Messages

16

Kits / Hidden Boot Parameters & Other CP Flags.

« on: August 01, 2020, 05:42:39 AM »

So you may be aware of certain "Boot Parameters" on DevKit as "development_mode" or "memory_size_switch"
what you likely didnt know is that these settings are acturally stored on CP Itself under /work/settings.xml
(you can even dump this file from your devkit uisng psp2ctrl settings-xml C:\path\to\output.xml)

with the recent CP Firmware Dump i could finally take a look at how this works,
and what i found was quite interesting.



as you can clearly see, there is alot more options there than just "development_mode"
you can also see an entry for "kernel:" and "none:" when before i only knew of "bootparam:" and "registry:"

One that caught my eye was "enable_extra_tty" so i gave it a try- using that psp2ctrl command that was discovered earlier by Mathieulh

Code: [Select]

psp2ctrl set-setting integer bootparam:/enable_extra_tty 1and oh! bingo!



More debug output is now printed!

A list of extra (untested) parameters to try are as follows:
(note, ive only tested enable_extra_tty i have NOT tried any of the others, use them at your own risk dont come to me if you break your CP. in theroy you can reset them from CP Recovery thou)

Code: [Select]

/bootparam
/bootparam_status
/usbdirect
/log_via_cttyp
/log_via_nttyp
/timer_en
/dl_recovery
/clear_settings
/clear_cache
/development_mode
/memory_size_switch
/release_check_mode_console
/enable_extra_tty
/platform_emulation_dolce
and potential strings to put infront of them are

Code: [Select]

none:
kernel:
registry:
bootparam:

As always, Blessed Be. and have a great Lughnasadh

17

General / Re: Is there Any debugger plugin Project?

« on: July 26, 2020, 02:37:54 PM »

For cheats, this wiki can be read: https://github.com/r0ah/vitacheat

For a proper debugger, you will most likely need a Devkit.

The closest thing to a Debugger for retail is Davee's: https://github.com/DaveeFTW/kvdb

However, if you are willing to do RE:

You can decompile a game to find offsets here:
https://forum.devchroma.nl/index.php/topic,88.0.html

Dump information from hooking at runtime here:
https://forum.devchroma.nl/index.php/topic,18.0.html

These require stdout:
Use USB logging here:
https://forum.devchroma.nl/index.php/topic,136.0.html

Or net logging here:
https://forum.devchroma.nl/index.php/topic,80.0.html

There is some more information regarding Unity games around the forums.


Beyond all of this, I am not aware of any Debuggers in the works. Sorry.

even though devkits have a 'debugger' im not quite sure how to acturally use it out side of visual studio and debugging your own code soo..

18

Kits / Understanding and using the Content Downloader.

« on: July 06, 2020, 11:30:21 AM »

Some of you may have noticed a "content downloader" option under "Henkaku settings",
OG scene members will remember this from "IDU Mode", but it also exists under ★Debug Settings,


infact because its possible to have IDU Flag and Testkit flag all at the same time-
its possible for this settings option can appear twice inside the settings app. one in idu, and the other in debug
(note you have to hold L when booting settings app in IDU mode, because henkaku actually hijacks the "idu_settings.xml" file..)

but enough trivia. what does it do?
well its quite like the name implies, it allows you to download PSVita apps from an HTTP source.

Specifically the following formats:

Applications:
    .PKG (fPKG and PSM Only for some reason, its possible VITA pkg works with idu flag, but i haven't tested)
    .PUP (PlaystationUPdate files.)
Images:
    .JPEG/JPG (PNG files do not show up for some reason, despite the vita being able to download them from Browser)
Videos:
    .MP4 (Does not check if its a valid video file)
Content Downloader will HTTP GET whatever url you enter, and attempt to read <a href=""> html tags from the response,
it will list any that .endswith() any of the supported file types, giving you multiple choice selections



upon clicking on the download button the PSVita will go through that list and append whats specified in <a href=""> to the base URI.
it will then send an HTTP HEAD request to that in order to get information on the file (Content-Length mainly)
and then start downloading the same URI with HTTP GET.
Introducing: Meme HTTP (mHTTP):
Content Downloader implements HTTP incorrectly, and includes spaces and special characters directly in file paths UNESCAPED so no %20 on spaces,
this breaks alot of web servers >_<

Content Downloader ASSUMES relative URIs in href tags, if for example your base URI is https://example.com/example-filelist.html
and it contains <a href="http://example.com/example.pkg">when attempting to download this file, the URI that gets requested will be
"https://example.com/example-filelist.html/http://example.com/example.pkg" BECAUSE WHY THE HELL NOT!!
Because of all these annoyances i opted to write my own "Content Downloader" server:

https://github.com/KuromeSan/ContentServer/releases
https://bitbucket.org/SilicaAndPina/contentserver/downloads



However careful usage of existing HTTP server software (making sure not to include spaces in filenames, having file lists inside directories as "index.html" etc) should work i guess?
- Blessed Be

19

PS Vita / Re: [Release] Princess Silly Mini Log USB - a USB logger using PSM drivers

« on: July 04, 2020, 06:59:39 PM »

Sorry godaddy the domain registar of psmreborn.com is being an asshole atm,

please use http://psm.cbps.xyz/devtools.php?type=psm-drivers instead.

20

PS Vita / [Release] ScoreHax - Submit ANY game using Leaderboards via SceScore

« on: June 16, 2020, 12:14:44 PM »

Become an Instant pro at any game!

Install under *ALL then load up the game and submit your score to the leaderboards a IME dialog will pop up asking you to enter your REAL score, enter whatever you want and click enter- this score will be submitted to PSN Leaderboards.

NOTE: Sometimes PSN Leaderboards take a bit to update, and you might have to wait about a min for the score to show up.

Github: https://github.com/KuromeSan/ScoreHax

Blessed Be~

21

PS Vita / LiveArea™ UI

« on: May 23, 2020, 11:03:03 PM »

I'd just like to interject for a moment.  What you're referring to as LiveArea™,
is in fact, LiveArea™ UI, or as I've recently taken to calling it, LiveArea™ plus UI.
LiveArea™ is not a User Interface unto itself, but rather another properitary component
of the fully functioning LiveArea™ UI made useful by the Home Screen, Index screen
and vital LiveArea™ UI components comprising a full User Interface

All PSVita users run the LiveArea™ UI system every day,
without realizing it.  Through a peculiar turn of events, LiveArea™ UI
which is widely used today is often called "LiveArea™", and many of its users are
not aware that it is basically the LiveArea™ UI system, developed by Sony Computer Entertainment

There really is a LiveArea™, and these people are using it, but it is just a
part of the system they use. LiveArea™ is the app start screen the one with
the buttons at the top, that looks like a peice of paper, that allow the vita
to start the other programs that you run. The LiveArea™ is an essential part of the PSVita,
but useless by itself; it can only function in the context of the complete LiveArea™ UI.
LiveArea™ is normally used in combination with the UI system: the whole system
is basically UI with LiveArea™ added, or LiveArea™ UI. All the so-called "Shell"
plugins are really plugins for LiveArea™ UI.

22

PS Vita / Re: Vita Babe Of The Week

« on: May 06, 2020, 01:26:23 PM »

Estelle Bright, of course.



W-what do you mean Trails in The Sky is a PSP game??

23

PS Vita / Re: [Release] RinnSim

« on: May 03, 2020, 10:43:34 AM »

Type the psvita f00d root key to sign exclusivity deal with the CBPS DB app store.

24

Kits / psp2ctrl.exe hidden commands

« on: April 23, 2020, 08:50:26 AM »

i decided to take a look inside psp2ctrl to try work out what all the hidden commands are,
like the psp2ctrl set-setting command i mentioned in earlier posts.

turns out psp2ctrl.exe is acturally a .NET executable. SN Systems seems to have made it pretty modular with "PlugIns"
Sony even provides src for some of it inside the

Code: [Select]

%SCE_ROOT_DIR%\PSP2\Tools\Target Manager Server\samples\tmapi\psp2cui\psp2ctrlfolder, however this src is incomplete (doesnt even contain "HelpPlugin.cs")

but because this is .NET it is Very easy to decompile using tools such as DNSpy

After doing this we can easily see all classes!
so i had a look at the HelpPlugIn class thinking maybe i could just
get all the hidden stuff to show by patching something in there..
and then i saw something.. quite interesting:


It checks if arg1 to the help command is "internal" then gets a list from true as an argument to PlugInStore.PlugIns

So lets have a look what happens when you pass "true" to arg1 of PlugInStore.PlugIns

Hm arg1 is a boolean called "IncludeInternal" and if its set
then it removes all IPlugin with "Hidden" set to true from the list of plugins..

So, what does this mean? well basically it means that we dont even need to patch anything.

Code: [Select]

psp2ctrl help internalwill list ALL the commands. and give a breif description of what they do.

here is a list of all the extra commands that appear when you pass the "internal" argument to psp2ctrl help

Code: [Select]

  breakpoints             {pid|name} [devkit]                 

                          List breakpoints for processes on the DevKit.


  cache-size              size [devkit ...]                   

                          Set the capacity of the DevKit(s) console output cache.  If size is less than the minimum cache size the cache will be set to it's minimum
                          size.


  coredump-object-summary file                                 

                          Disaplays a summary of process objects in the corefile.


  fsinfo                                                       

                          Get the file serving options.


  get-logging-level                                           

                          Get the logging level used by TM.


  get-setting             setting [devkit]                     

                          Get the value of the DevKit registry setting.


  get-swinfo              key [devkit]                         

                          Get the value of the DevKit software info setting.


  kernelthreads           [devkit]                             

                          List the kernel threads running on the DevKit.


  monitor                 hwid [hwid] ...                     

                          Monitor notifications from the specified DevKit(s).


  mv                      src dest                             

                          Rename the specified file or directory from the file system of the default DevKit.


  netlog                  file                                 

                          Start logging DevKit comms to file.


  pmemory                 {pid|name} address size [devkit]     

                          Dump process memory for the process running on the DevKit.


  pobjects-summary        {pid|name} [devkit]                 

                          Dumps the kernel objects owned by the process.


  power                                                       

                          Poll the default DevKit for it's power consumption.


  presume                 {pid|name} [devkit]                 

                          Revive the specified process from the Application Suspended state.


  protocol-info           protocol [devkit]                   

                          Display information about the specified protocol.


  protocol-register       protocol [devkit]                   

                          Register the specified protocol.


  psuspend                {pid|name} [devkit]                 

                          Put the specified process into the Application Suspended state.


  recover-cp              file [devkit]                       

                          Updates the firmware of the DevKit with the cpupdater.bin file specified.


  set-logging-level       level                               

                          Set the logging level used by TM.


  set-setting             string|integer setting value [devkit]

                          Set the value of the DevKit registry setting.  Use "" for an empty string value.


  settings                [devkit]                             

                          Get the values of the DevKit registry.


  settings-xml            file [devkit]                       

                          Get the settings XML file of the DevKit.


  stat                    path                                 

                          Stat the specified file.


  swinfo                  [devkit]                             

                          Get the values of the DevKit software info.


  threadlist              [devkit]                             

                          List threads running on the DevKit.


  touch                   [path]                               

                          Touch the specified file.


  update-cp               file [devkit]                       

                          Updates the firmware (only) of the DevKit with the PUP file specified.


  voltages                                                     

                          Poll the default DevKit for it's voltages.

as you can see the psp2ctrl set-setting command that i mention in earlier posts is listed here.

anyway- this is nice to know. i bet that extra "internal" argument works on other platforms SDK's too.
perhaps orbisctrl help internal exists?

Blessed Be~

25

PS Vita / [Release] MakePsmGreatAgain v1.5

« on: April 19, 2020, 02:10:39 AM »

PSMGreatAgain is a plugin that patches parts of the PSM Developer Assistant and PSM Developer Assistant for Unity.
it gives you things like Auto-PSM+ (basically an infinite publishing license), makes all the apps run at SecurityCritical level so they
can use "unsafe" api calls. Adds a function to exit games running in PSM Dev w START+UP makes USB Serial work and so on.


In v1.5 i  patched out the "project_name" checks in PSM Dev and PSM Dev for Unity. basically before MPGA 1.5 the project_name set in app.info had to match that defined in the publishing keys, ("*" for PSM, "_PSM_DEFAULT_" for PSM Unity.) however in this new version
this check is patched so it'll allways *try* to boot into the game.

though note, this patch is ONLY at runtime, at install-time it still checks. which means the only way to really use
apps with a custom project_name is to just extract the PSDP contents into ux0:/cache/PCSI0000(9/7)

Download here: https://bitbucket.org/SilicaAndPina/makepsmgreatagain

Blessed Be~

26

Kits / Reinstalling/Updating firmware from Safe Mode on PDEL1001

« on: April 16, 2020, 04:29:31 PM »

So just wanna say, if your devkit is working fine w no problems
i highly reccomend opening up Debug Settings, heading to "System Update"
and setting "Update Server URL" to anything (eg, http://192.168.1.2/p.xml) perferably somewhere
you can setup an HTTP server, but as long as its not blank, QCMA will handle the rest.
This will ensure you can reinstall the usual way if anything happens ^

However.. if this is not the case and you can only access SafeMode or something, there are still some options!

Note: Having a offical *sony* memory card and another console to write to it with is required for most of this,
that and/or a PC with sony's software development kit installed.

Lets go over some options!


DevKit is in Release Mode (Select [Development Mode] under [Release Check Mode].)
In release mode, the DevKit will not allow you to install any updates,
its possible to change this from within Safe Mode, using undocumented psp2ctrl commands,
to do this. simply connect a micro-usb cable to the device and using psp2ctrl run the following commands:

Code: [Select]

psp2ctrl set-setting integer bootparam:/release_check_mode_console 0
psp2ctrl set-setting integer bootparam:/development_mode 1
(credit to Matheluth for finding these commands)
Now fully power cycle the devkit and you should be able to access update funcitions now,


No Update Server Set (One or more settings is Invalid)
So your console IS in development mode, and you go to "Update via Connecting to PC"
only to receive the error message "One or more settings is invalid!" this is because DevKit requires
you to specify where to download updates from in settings, and this address is used even when downloading via CMA.
Luckily though there is an undocumented way to override the Update Server setting
by placing a .TXT file simply containing the server URL you want in either

Code: [Select]

ux0:/data/PSP2/UPDATE/SERVER_URL.TXT
host0:/PSP2/UPDATE/SERVER_URL.TXT
Creating these files will override the consoles setting and download the updatelist.xml file from the URL specified in these TXT files, rather than using the settings provided in the registry. if using QCMA this is all you need to do, but if your using anything else, you'll have to host a HTTP server, that can serve an updatelist.xml to the vita,

Note that psp2-updatelist.xml on DevKit must have a region id of "257" and "258" on testkits.
heres an example psp2-updatelist.xml:

Code: [Select]

<update_data_list>
<region id="257">
<np level0_system_version="01.600.000" level1_system_version="03.730.000" level2_system_version="03.730.000" map="03.730.000"/>
<np_d level0_system_version="01.600.000" level1_system_version="03.730.000" level2_system_version="03.730.000" map="03.730.000"/>
<version system_version="03.730.000" label="3.73">
<update_data update_type="full">
<image size="133770752">
http://dus01.psp2.update.playstation.net/update/psp2/image/2019_0924/rel_034ab948bbf1a002e0a058c602184b32/PSP2UPDAT.PUP?dest=us
</image>
</update_data>
</version>
<recovery spkg_type="systemdata">
<image spkg_version="01.000.010" size="56768512">
http://dus01.psp2.update.playstation.net/update/psp2/image/2019_0924/sd_8b5f60b56c3da8365b973dba570c53a5/PSP2UPDAT.PUP?dest=us
</image>
</recovery>
<recovery spkg_type="preinst">
<image spkg_version="01.000.000" size="128788480">
http://dus01.psp2.update.playstation.net/update/psp2/image/2019_0924/pre_41106d513f9683d69b4233867d81fa1f/PSP2UPDAT.PUP?dest=us
</image>
</recovery>
</region>
</update_data_list>


Update via Storage Media
This feature doesnt care about the Server URL location or anything it just attempts to use the the PSP2UPDAT.PUP located in
the following locations in the following order:

Code: [Select]

sd0:/PSP2/UPDATE/PSP2UPDAT.PUP
gro0:/PSP2/UPDATE/PSP2UPDAT.PUP
grw0:/PSP2/UPDATE/PSP2UPDAT.PUP
ux0:/data/PSP2/UPDATE/PSP2UPDAT.PUP
xmc0:/data/PSP2/UPDATE/PSP2UPDAT.PUP
host0:/PSP2/UPDATE/PSP2UPDAT.PUP
if any are found it is used for updating instead. obviously you could write a PSP2UPDAT.PUP to either ux0, or grw0 using another console and offical memory card. or just simply use host0.

Blessed Be~

27

Kits / Fix Release-Mode & PSTV Mode Soft-Brick

« on: April 03, 2020, 07:44:49 AM »

Its possible to semi-brick a PDEL-1001 just by enabling two of its offical features:

PSTV Emulation Mode and Release Mode.

in PSTV Emulation Mode, all input is disabled and you have to pair a ds3 or ds4 controller via Neighbourhood
and in Release Mode, most CP Functions are disabled. and so you cant use Neighbourhood
Also note, downgrading to a firmware before pstv emulation mode is not possible because the firmware cannot be "Updated".while in release mode, even from Safe Mode.

So if Release Mode is enabled AND PSTV Emulation Mode is enabled, AND you have no controller linked to your DevKit.
then you will effectively have a brick since you cannot goto settings to disable PSTV Emulation Mode or Release Mode, and you cant link a controller in release mode.

However it turns out there are some hidden commands for psp2ctrl.exe to disable PSTV Emulation
and to enable Development Mode, these work even if Release mode is enabled.

Code: [Select]

psp2ctrl set-setting integer bootparam:/platform_emulation_dolce 0
psp2ctrl set-setting integer bootparam:/release_check_mode_console 0
psp2ctrl set-setting integer bootparam:/development_mode 1(internal commands discovered by Mathieulh)

and then rebooting your PSVita. you will disable PSTV Emulation and Enable Development Mode. thus booting up as normal. and fixing the brick.

psp2ctrl is part of Target Managment Server (TMServer-3_60_0_2.msi package) which is part of the Offical SIE SDK.
Blessed Be~

28

Tutorials / Restore automatic save backups (PSVita)

« on: March 30, 2020, 02:46:39 AM »

So some may not be aware that the vita automatically makes backups of your savefiles- there stored in ux0:/user/xx/savedata_backup

However there in an unknown format. So it was mostly useless

But just caz we dont know the format doesnt mean it ain't useful, a few years ago I was messing with my save and managed to get the option from the system to restore an automatic backup

Someone was asking about it on reddit and I just remembered this was an option so now I'm gonna tell you all how to restore from here. It could be useful if you accidentally delete your save or something.

If you prefer videos:


0) Verify an automatic backup exists. Check ux0:/user/xx/savedata_backup for a file starting with the TITLEID of the game.

1) Backup the existing savefile for this game.
just copy it out from ux0:/user/savedata/xx/savedata/TITLEID

2) open your save folder (ux0:/user/xx/savedata/TITLEID) then goto sce_sys and delete sdslot.dat and keystone

3) Exit vitashell and try start your game. You should see a message saying the save is corrupt asking if you want to restore



Blessed Be~

29

PS Vita / [UPDATE] GayMaker 1.7.5 and GayMaker-Studio 1.2!

« on: January 13, 2020, 05:06:59 PM »

Due to the bitbucket page being DMCA'd by yoyogames you have to manually install the new version:

1) Fixed A Bug where "Short Circuit Evaluations" setting was allways = FALSE regardless of what the setting acturally is
(this should fix compatibility for non-yyc projects!)
2) Fixed auto updater
3) Fixed Version Manager


GayMaker-Studio (Ps4 Export) https://github.com/KuromeSan/GayMaker-Studio/releases/download/v1.2/GayMaker-Studio.1.2.zip
GayMaker (Psv Export) https://github.com/KuromeSan/GayMaker/releases/download/V1.7.5/GayMaker.1.7.5.zip

Thanks and Blessed Be~

30

PS Vita / [RELEASE] DolcePolce - PSTV Blacklist Patch that just WORKS

« on: December 19, 2019, 02:25:48 PM »

DolcePolce is here!


A native PSTV blacklist hack- Game UPDATES and DLC all working of course- persists on DB rebuild and everything.
The old whitelist hacks did not enable all games and even broke core features of including DLC and updates through its primitive nature of spoofing applications as system apps.

However, this new hack enables all games (ATTRIBUTE_MINOR and list_launch_vita.dat) along with PSM, PSP, Updates, and DLC.
This also allows you to use BGDL (system downloader) in PKGJ on a PSTV.

If you are having issues, any previous whitelist must be uninstalled: https://vitadb.rinnegatamante.it/#/info/11

Finally, to install this plugin:
Install this plugin under the *main in your config.txt.

Downloads:
Github: https://github.com/KuromeSan/DolcePolce/releases
Bitbucket: https://bitbucket.org/SilicaAndPina/dolcepolce


Developers:
SilicaAndPina

Beta Testers:
Zodasaur
marburg
IcySon55
froid_san
kirilldevchroma
SilicaAndPina