Author Topic: [UNOFFICIAL TUTORIAL] Compiling HENKaku.  (Read 1621 times)

Offline nik

  • End User
  • *
  • Posts: 1
    • View Profile
« on: July 12, 2020, 06:19:11 PM »
Hello. In this tutorial I'll explain how to compile and run your own version of HENKaku.

First, make sure you have installed Dolce SDK

Also make sure you have Git, node-uglify, Python 3, some kind of a webserver, and crc32 (the program).

Then, make a directory somewhere where you'll do all the stuff, and change to it.

Clone the HENKaku and hentai taiHEN repos from Nekohaku (the reason why we're using Nekohaku is because original repositories are old, and they don't work with Dolce SDK):

Code: [Select]
git clone && git clone --recurse-submodules
Let's build taiHEN first, cd to taiHEN folder and execute the following:

Code: [Select]
mkdir build && cd build && cmake .. && make
It should build taihen.skprx, copy it somewhere.

Then let's build HENKaku, cd to henkaku directory and copy as (any config name you want).config,

you should see something like this:
Code: [Select]
# use bash syntax

# whether we're building in debug or release mode, debug has a lot of sceClibPrintf logging, release has none of it

# nekohaku.local exists only for me as I have an OpenWrt router where I can edit hosts file to point to my PC :p
# package files/taiHEN/HENkaku plugin files will be downloaded from here
# place them in the `pkg` directory: eboot.bin, head.bin, param.sfo
# the directory structure will be created by the exploit

# Url to henkaku.bin

# Version to show in Settings

# CRC of taihen.skprx, will redownload if mismatch, prefix with 0x

# CRC of molecularShell eboot.bin, will redownload if mismatch, prefix with 0x

# PSN "X-I-5-Passphrase" for spoofing, leave empty to disable, obviously "CBPSCBPS..." is not a valid passphrase, you must find it yourself.
# hint: it's the same length as the sample one.

Change nekohaku.local to url/ip/domain of your webserver.

In TAIHEN_CRC32 change 0 to the crc32 of taiHEN.skprx file, it should look something like this (don't copy mine!):
Code: [Select]
In VITASHELL_CRC32 change 0 to the crc32 of the molecularShell's eboot.bin, you can get it from henkaku's GitHub (link below). (prefix it with 0x too)
To use VitaShell you should replace any MLCL00001 references to VITASHELL, and comment line
Code: [Select]
GET_FILE("sce_sys/livearea/contents/install_button.png"); in bootstrap/bootstrap.c

Also you can change PSN_PASSPHRASE if you know the right one. CBPSCBPSCBPS... is a dummy one and it won't work. Which means PSN won't function. But who cares about PSN duh.

After that, type
Code: [Select]
./ [your config filename]
And after some time it should finish, go to output/web, copy all three files to your webserver root, and rename exploit.html to index.html

Then make a pkg folder in your webserver's root and copy henkaku.suprx/henkaku.skprx/taihen.skprx to that folder.

Then copy molecularShell files to the pkg folder, you can get them from (don't copy henkaku/taihen files as you made your own!!!)

After that, run your webserver and go to the url you've set in the config file on your PSVita. If it works then congratulations.

that's it, have fun.

thanks to:
yifan lu - making henkaku
that hacker known as cbps - making dolce sdk
Microsoft - making wsl 2 and breaking hwclock in it. >:(