@CelesteBlue-dev this is the patch i use in my homebrew "(uint16_t )(kbase + 0x237F3B) = 0x01C1;"
and after dumping the kernel and testing my homebrew i realised this patch is already in his Kernel.js but its WRONG
mine is E9,C1,01,00,00,90,48,8B
his is: E9,00,00,00,00,90,48,8B
Flatz in his write up: E9,C1,01,00,00,90,48,8B
I have tested his orig code with my homebrew and i get "page not found" and "freeze" when resolving libSceSysUtil.sprx for Notifications but my Patch works fine and doesn't freeze the app and shows notifications
So since he already has E9 he just need C1,01 witch byte swapped is 01C1 i also test this new patch i added to his kernel.js and now the resolving works without my homebrew patches just the exploit.. (after rebooting and trying ofc)
*His Patch
My Patch
In conclusion my is right and tested and works based of Flatz write up..
@CelesteBlue-dev this is the patch i use in my homebrew "(uint16_t )(kbase + 0x237F3B) = 0x01C1;" and after dumping the kernel and testing my homebrew i realised this patch is already in his Kernel.js but its WRONG
mine is E9,C1,01,00,00,90,48,8B his is: E9,00,00,00,00,90,48,8B Flatz in his write up: E9,C1,01,00,00,90,48,8B
I have tested his orig code with my homebrew and i get "page not found" and "freeze" when resolving libSceSysUtil.sprx for Notifications but my Patch works fine and doesn't freeze the app and shows notifications
So since he already has E9 he just need C1,01 witch byte swapped is 01C1 i also test this new patch i added to his kernel.js and now the resolving works without my homebrew patches just the exploit.. (after rebooting and trying ofc)
*His Patch
My Patch
In conclusion my is right and tested and works based of Flatz write up..
ALSO
e9 c1 01 00 00 jmp 0x1c6 90 nop
And his is
e9 00 00 00 00 jmp 5 90 nop