(adsbygoogle = window.adsbygoogle || []).push({});

PS3IDA Released!

PS3IDA Project released, useful *only* for developers! It's a collection of IDA scripts and plugins, includes PPCJT :

Open spoiler to read KaKaRoTo's long post

It’s been a while since my last post! A lot has been happening lately, I’ve mostly kept my followers updated on what’s new through my Twitter account, but I think that this deserves a post of its own!

I’ve been reversing some PPC code in IDA and unfortunately, it doesn’t handle the PS3 files very well, so I wrote a lot of scripts in order to make it parse the files properly! There was one thing missing though that I couldn’t do with an .idc script : handling of jump tables.

Yesterday, I took on the task of writing an IDA plugin in order to parse the ppc code and find jump tables and define them in IDA’s kernel so the analysis is done properly! It was a very fun and exciting challenge that I enjoyed doing, and I’m happy to say that I succeeded and it works very well (on the files I tried anyways).

The IDA API is extensive and easy to use, and allows you to do pretty much anything! I also found the IDA Pro Book to be extremely well written and very useful! I would suggest to anyone who likes tinkering to try and write an IDA plugin, because it was a challenging but fun experience!

I initially wrote the plugin thinking that the jump table instruction patterns was always the same, but when I started testing, I found out that some instructions could have a different order, there might be inserted instructions in the middle of the pattern, or different registers being used, etc.. so I eventually had to rewrite my plugin and ended up using a class that comes from IDA’s SDK which takes care of “instruction rescheduling” and “intermingling of the jump sequence with other instructions”, at least I learned from my first try and it made my second try a lot easier. I also realized that I haven’t done any C++ in maybe 5 or 6 years, and I really forgot all about how to write C++ code. It was a bit embarassing to google “how to derive from a class in C++”, lol!

Anyways, I am now releasing my scripts and my PPCJT plugin for IDA under a new project : PS3IDA.

I’ve created the ps3ida repository on git-hacks.com (Thanks again to @dashhacks for providing us with this safe haven for all our legal tools). The repository contains many files, I suggest you read the README file for a description of each, but the most important ones are analyze_self.idc and analyze_sprx.idc. I’ve also ported my lv2_dump_analyzer.idc script to work with IDA 6.0.

There are two plugins in ps3ida, the first one is the well known PPCAltivec released by xorloser, I’ve decided to add it to the project so the source code stays available for anyone who needs it. I also slightly modified the source code so it compiles correctly on Linux using gcc 4.x. The second plugin is PPCJT that I wrote yesterday, it will find jump tables and define them in IDA’s kernel so the functions get properly analyzed. Just install it, and when you see a switch/case in the code, put the cursor on the ‘bctr’ instruction and press ‘C’ so it can parse the jump sequence and fix it, or just go to ”Options->General->Analysis->Reanalyze program” and it will fix them for all the file.

I have built the PPCJT plugin for Windows and Linux for IDA v6.0, you can download it here.

My personal suggestion, since IDA could screw up the analysis in its initial run, would be to completely undefine the file (Ctrl-PageUp + Alt-L + Ctrl-PageDown + U), then run the analyze_self.idc or analyze_sprx.idc.. it will take some time, but then you’ll get a beautiful file loaded Especially with the correctly named imports, this should help a lot any reverse engineer out there!



p.s.: To every stupid person in the planet : If you have no idea what I’m talking about, then this is not for you, this does not lead to any ‘CFW’ or jailbreaking of 3.60 or whatever else you might hope for.. so shut up and don’t comment if you’re not a user of IDA or if you don’t know what IDA is.

For all of you wondering what this is, straight outta KaKaRoTo's post:





DOWNLOAYou must login or register to view this content.

Source: KaKaRoTo

Thanks for the news although idk what it is:p

Also youre goldy rep star is looking you good:y:

whats IDA :carling:

i understand what this is but what does this has to do in the playstation hacking section?

nice post clutchlikemelo

More like what doesn't this have to do with the PS3 hacking scene.

This is IDA with special scripts written by kakarotoks to do things and find out things about the files and stuff from the PS3.. like that analyze_self script thing I can imagine gives a lot more information than readself from his PS3tools thing he released ages ago.

Atleast read the article/information before asking a question...



It isn't IDA on PS3.. it's scripts for IDA.

thanks for clearing that up i didnt know how it was gonna work but i saw kakarotoks so i thought it was lol.

im sure its used to dump the hv ect, not 100% on that tho

lol EnVy_AsTrO has the most -rep ever

some serious shit that haah
You must login or register to view this content.