JKPatch: PS4 4.05 Jailbreak Kernel Patches, Process Memory View Tool

Process Memory View is a cool little memory tool! Do not press backspace in the Hex View, it will delete a byte so when you poke it messes it all up.. idrc to fix it. If anyone wants it, I can make a much much better tool later.

Edit the ip file and change it to your PlayStation's ip address, make sure you have jkpatch loaded first. If your console goes into rest mode, then doing anything with RPC may crash it.

Download: memview-r4.zip (45.57 KB)

Look at the release page for payload.bin and kpayload.bin!

Use the send.sh bash script to easily send it to the console!

To be honest, this is not about the Memory View tool... This is about jkpatch! A little project I have been working on. I want the community to help me develop this, so please send some pull requests or open an issue!

The RPC networking is light speed! On LAN there is basically no latency.

Please help commit to my project!

https://github.com/xemio/jkpatch

And from the README.md: Jailbreak Kernel Patches

Spoiler

Update: Here is a new version with a reboot function, peek/poke unlimited length, and save view bytes to file. Also the hex view will now prevent you from inserting/deleting bytes. Oh also the memory map view looks 100x better, and you can see all the mappings now.

I have also build the latest version of librpc and jkpatch for you all:
https://github.com/xemio/jkpatch/releases/tag/1

golden

 

[DeathRGH]

If someone wants to make a post with a list of tested and untested peek / poke offsets we'll move it to a new thread here.

Its getting late for me, if no one has made one untill tomorrow, I will make one with everything I got so far.

 

[PSXHAX]

Sounds like a plan!

 

[Pretinaverse]

i see , check ip not wrong , maybe is my win7 64 system language (BIG5) problem

memoryview r3 ver still can't appear

The only other thing I can think about is: Have you checked your firewall? Maybe it's blocking the connection.

Nothing else comes to my mind.

 

[ioritree]

no lucky ,closed all firewall still can't appear memview screen.
i can see memview.exe appear on task manager and after ten seconds will disappear

 

[endojunky]

Tried every version from memview, but none of them even start (no matter how i'm injecting the payloads, which IP i'm using and stuff).

Any Clues?

 

[Pretinaverse]

If after sending payload.bin and kpayload.elf the debug settings appear in the ps4, then everything should be fine on the console side. The problem then should be with the memview settings. But all it needs to work is for the ip in the file to be the same as the ps4. If it still doesn't open, I can't think of anything that might be the culprit.

Maybe you're missing some files? This are the files in my folder:

​

And how are you editing the ip? I use the notepad

​

 

[uaegangster111]

If someone wants to make a post with a list of tested and untested peek / poke offsets we'll move it to a new thread here.

That is an amazing plan since we cant copy and modify save on a unactivated ps4. the next step is memory editing.

The app works. the only thing left is to know which executable belong to the game. I am trying to mod yakuza but i dont know which executable it is ?

 

[g991]

eboot.bin

​

Hehe, git commit coming right now...

JKPatch now supports function calling!

There are now infinite possibilities for real time modding!
Check out the github release page for latest version of librpc!
I am working on some super dope Black Ops 3 mods now!

Example:

ulong stub = ps4.InstallRPC(pid);
ProcessInfo pi = ps4.GetProcessInfo(pid);
ProcessInfo.VirtualMemoryEntry vme = pi.FindEntryByName("libSceLibcInternal.sprx");

// dissasemble libSceLibcInternal.sprx and you will see 'getpid' import stub is at offset 0xE0
int sys_getpid = (int)ps4.Call(pid, stub, vme.start + 0xE0);
Console.WriteLine("sys_getpid: " + sys_getpid);

 

[uaegangster111]

Ok i got it. memory editing is different for editing the eboot.bin(file) directly right ? and for the length is it max at 1000 or it can go for more? I remember modding a eboot.bin directly involved decrypting then changing a pattern in hex. In terms of memory, it is finding where the game loads the value and changing the value right ? Also the ps4 save wiszerd has a list of cheats , can we implement them in memory editing for example for items.

 

[g991]

You are editing the boot in real time as it is loaded in memory. If you can reverse engineer the game, you can modify anything you want and do anything you want.