Talk:Dev Tools
sputnik - Cell/SPU Pipeline viewer
http://www.ps3hax.net/2011/08/sputnik-build-3-cellspu-pipeline-viewer/
- Windows (will also need QT runtime files)
- MAC OSX
netrpc
git://gist.github.com/1041214.git
https://gist.github.com/1041214
Objdump
If you, for whatever reason, need to disassemble non-x86 binary files, you usually look out for a disassembler. If there's nothing free available for your platform (e.g.: ARM) one of the few solutions may be buying something like IDA Pro.
But wait, if you only need to "analyze" a small portion (boot-sector, single routine, ...) and someone already ported GNUs GCC and bintools to your platform, using OBJDUMP may do the trick...
If "raw.bin" is your binary file, just typing
objdump -d raw.bin objdump: raw.bin: File format not recognized
will not work. Objdump needs a file system object or file.
Just do it like this:
# create an empty file touch empty.c # compile this empty file gcc -c -o empty.o empty.c # add binary as a raw section objcopy --add-section raw=raw.bin empty.o # remove ".comment" section to join objcopy -R .comment empty.o # now run objdump on it objdump -d empty.o
Source: http://askrprojects.net/software/objdump.html
Several handy scripts
Most of the scripts are using graf's ps3dm-utils, so make sure you have them in your /bin directory. Also make sure you are using graf's kernel (graf_chokolo kernel 2.6.39).
panic1.sh
This script will panic lv1 and get you back to petitboot, without exiting to GameOS.
ps3hvc_hvcall /dev/ps3hvc panic 1
usb_dongle_auth.sh
This script will get you into Factory/Service mode, without using dongle:
echo Generating a challenge ps3dm_usb_dongle_auth /dev/ps3dmproxy gen_challenge echo Generating a response '(0xAAAA)' ps3dm_usb_dongle_auth /dev/ps3dmproxy gen_resp 0xAAAA echo Verifying response '(0xAAAA)' ps3dm_usb_dongle_auth /dev/ps3dmproxy verify_resp 0xAAAA echo Checking if 'Product Mode is enabled The returned value shouldn't be 0xff ps3dm_um /dev/ps3dmproxy read_eprom 0x48C07
dump_EID0.sh
This script will dump your EID0.
echo Dumping EID0 ps3dm_iim /dev/ps3dmproxy get_data 0x0 > EID0.bin
dump_EID4.sh
This script will dump your EID4.
echo Dumping EID4 ps3dm_iim /dev/ps3dmproxy get_data 0x4 > EID4.bin
get_EID0_size.sh
This script will get the size of your EID0.
echo EID0 size: ps3dm_iim /dev/ps3dmproxy get_data_size 0x0
get_EID4_size.sh
This script will get the size of your EID4.
echo EID4 size: ps3dm_iim /dev/ps3dmproxy get_data_size 0x4
get_metldr_size.sh
This script will get the size of metldr.
echo metldr size: ps3dm_iim /dev/ps3dmproxy get_data_size 0x1000
nor_dump.sh
echo Dumping nor dd if=/dev/ps3nflasha of=nor.bin
dump_ram.sh
This script will dump your ram.
echo Dumping ram dd if=/dev/ps3ram of=ps3ram.bin
dump_vram.sh
This script will dump your vram.
echo Dumping vram dd if=/dev/ps3vram of=ps3vram.bin
Payloader3
- http://git.dashhacks.com/payloader3/payloader3/trees/master (down)
- 2011-06-22 backup: http://gotbrew.org/payloader3.tar.gz / payloader3.tar.gz (55.55 MB)
- Up including last commit before dashhacks went down : payloader3.tar.bz2 (45.49 MB) (full git backup, also includes : payloader3-src-only.rar (2.08 MB))
Howto
- Set firmware version in Makefile
- Compile with "./build.sh"
- Copy pkg file to usb stick
- Install pkg on PS3
Notes
- Loading ps3load after the payload will execute the appropriate ps3load.self, after your self exits you will be returned to the XMB.
- Loading 'ethdebug' will load ArielX's Kammy self, after it executes you will be returned to the XMB.
- Loading 'ethdebug/ps3load' will load ethdebug, then ps3load.
Limitations
- ps3load will not work on 3.50/3.55 (¨sysProcessExitSpawn2¨ won't work proper), use 3.41 instead.
- Note: latest version seem to address/fix the issues seen on 3.50/3.55