Closed SecT0uch closed 6 years ago
I can answer the first question regarding why my script differs in output from the original script. The original script only outputs the p.write4(...);
lines (i.e., the body of the function, not a full-fledged JavaScript function), whereas, in mine, I added the function header and closing bracket as well (so the output is a full-fledged JavaScript function). If you take my output, remove all lines except for the p.write4(...);
lines, and remove the leading whitespace, it should be identical to the output of the original script
No clue regarding why you get output that's different than mira.js
and homebrew.js
Even ignoring the js function, I have not the same lines as output
Can you attach the output from each script generated from the same input bin file?
Hm, yeah, something is definitely off. It seems like the left side is all correct, so the issue is with computing byte
(lines 46 and 48 of the original, lines 33 and 34 of mine). I'll try to see if I can figure out the issue. Thanks for catching it!
EDIT: Actually, line 48 of the original is identical to line 34 of mine, so it must be line 46 of the original vs. line 33 of mine (or something that sets up the byteSet variable)
Crap, I had a small typo in the version that I pushed. I've fixed it and made a pull request: https://github.com/Cryptogenic/PS4-5.05-Kernel-Exploit/pull/9
Now, I can verify that the updated script's output (minus the function header, closing bracket, and leading spaces) matches the old script's output
Perfect, thanks.
Regarding your question "Doesn't matter the BLOCKSIZE argument, the output is always the same.", judging by the original script (as well as my modifications, as this aspect was unchanged), the blocksize
argument seems to just dictate how many bytes of the input .bin
file to read in the conversion process. In other words, the first blocksize
bytes of the input are converted. For example, if you set blocksize
to equal 1, the output will only have a single line (corresponding to the single byte that was converted). If blocksize
is >= the filesize of the .bin
file, the entire .bin
file will be converted (i.e., the output is identical for all values of blocksize
>= the filesize of the .bin
file).
I'm not sure why @Cryptogenic designed it like this, though, so perhaps he can clarify
I confirm that now we have exactly the same thing.
After a close look, I note that a line corresponds to a blocksize
of 4, so I deduce that the command who as been executed to obtain is python3 PS4-5.05-Kernel-Exploit/js_shellcode.py MiraFW_Orbis505.bin addr -o mira.js -b 49872
. With that, I obtain the same number of lines (with mira).
But I still notice some differences :
Maybe the used .bin
is not the official one, a pre-official release or a built from sources..
@niemasd Yeah the blocksize argument was just because I re purposed the script and didn't change it for whatever reason.
@SecT0uch Yeah it was built from sources, that's probably why :)
Glad issue is resolved, ty for the PR @niemasd.
No problem! I created one more PR to clean up the code given that blocksize is not needed
@Cryptogenic I confirm that your initial python script (an so the new version @niemasd) doesn't seem to work as expected :
.js
, it works properly ("You're all set!").js
, I got an JS exception ReferenceError: Can't find variable: writeMira
If you want to try : https://sect0uch.github.io/PS4-5.05-Kernel-Exploit/ Generated from my gh-pages branch
I have few questions regarding this script :
Is it normal that the output from theoriginal scriptdiffers from @niemasd'slast commit?→ Fixed with #9