Join Us and become a Member for a Verified Badge to access private areas with the latest PS4 PKGs.
Status
Not open for further replies.
Proceeding Illusion's Directory of PS4 Game Patches recently PS4Scene developer @Backporter (aka Kernel_Panic___ on Twitter) added a repository on Github for his PlayStation 4 tools and custom game patches with details of a PS4 PRX to unlock all trophies for the game / app its loaded in following his PS4 Texture Tools and the previous GODMODE.PRX and xDPx PS4 Trophy Unlocker releases. :geek:

Download: PS4-Game-Patcher.7z / PS4-Game-Patcher.exe / PS4-Game-Patcher.zip / Backporter's PS4 Game Patches Repository GIT

:question: Last month he also asked the community What homebrew would you like to see on the PS4? via Twitter, with responses ranging from a Nintendo 64 Emulator (there's currently a Mupen64Plus N64 Emulator on PS4 Pro via PSXITArch Linux v2, a Nintendo 64 PS2 on PS4 Emulator Port Demo and a Super Mario 64 (SM64) Native Port PS4 PKG) to a PS4 Media Player (currently there's the PopcornTime Source Code That Works Locally on PS4, BiteYourPlayer v1.0 Beta PS4 Media Player HTML Mod, several PS4 Video Player PKGs by Lapy and the official PS4 Media Player (VR) Patched Version with the latest Ps4.Media.Player.v4.01-CyB1K.rar update fully backported).

Those interested in learning more can join his Official PS4 Game Modding Server Discord Channel, and from the README.md to quote: What is this?

This Repo Will Host Tools/Custom Patches For Games I've Done.

How Do I Use this?

For patches I post in plain text, you will need HxD and have a basic understanding of how to use a Hex Editor, for apps that automatic apply patches you will need to follow the instructions and have requirements.

Can I Request A Custom Patch?

While I would love to be able to do this, I can't do custom patches.

Will You Post The Source Code Of The Patches?

Yes.

Can I Undo Any Of The Patches?

Yes, just replace the eboot.bin (or any other ELF that was patched) with the original.

Patches:

Fallout 4 Custom PRX Patch (Patch To Load a User Created PRX)


This does use Address based patching, so if you do not have the proper game update and or version of the game as shown below, it likely won't work

Requirements:
  • CUSA: CUSA02557
  • Version: 1.22
Example of what you could do:

Custom Fallout 4 Patch to Load a Custom PRX and Outputting Audio

Source Code (ASM):
Code:
call    sceSystemServiceHideSplashScreen
mov     eax, 1E38634h ; 1E38634h => memory adress to the custom PRX path(/app0/prx.prx)
lea     edi, [eax]
mov     esi, 0
mov     edx, 0
mov     ecx, 0
mov     eax, 0
call    sceKernelLoadStartModule
retn
Manual (Hex Editing):

Go to these addresses in a Hex (like HxD) Editor and replace the Original Bytes with the Replace With ones:

0x9A1385
  • Original Bytes: 0x9F, 0x7C, 0x2A, 0x01
  • Replace With: 0x47, 0x69, 0xE2, 0x00
0x17C7CD0
  • Original Bytes: 0xC3, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x2E, 0x0F, 0x1F, 0x84, 0x00, 0x00, 0x00
  • Replace With: 0xE8, 0x53, 0x13, 0x48, 0x00, 0xB8, 0x34, 0x86, 0xE3, 0x01, 0x67, 0x8D, 0x38, 0xBE
0x17C7CE0
  • Original Bytes: 0xC3, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x2E, 0x0F, 0x1F, 0x84
  • Replace With: 0x00, 0x00, 0xBA, 0x00, 0x00, 0x00, 0x00, 0xB9, 0x00, 0x00, 0x00
0x17C7CEC
  • Original Byes: 0x00
  • Replace With: 0xB8
0x17C7CF0
  • Original Bytes: 0xC3, 0x66, 0x66, 0x66, 0x66, 0x66, 0x66, 0x2E, 0x0F, 0x1F, 0x84, 0x00, 0x00, 0x00, 0x00, 0x00
  • Replace With: 0x00, 0xE8, 0x82, 0x25, 0x48, 0x00, 0xC3, 0x90, 0x90, 0x00, 0x90, 0x90, 0x90, 0x90, 0x90, 0x90
Coding a PRX for this:

First thing, make sure you have module_start and module_stop inside your PRX, should looks something like this:
Code:
extern "C" int module_start(size_t argc, const void* argv)
{
}

extern "C" int module_stop(size_t argc, const void* argv)
{
}
Once Done, stick the code inside module_start that way it gets executed, like so:
Code:
#include <stdio.h>
#include <string>
#include <pthread.h>
#include "Notify.h" // this can be found in my fork of OSM's PS4-Notify repo aka https://github.com/Backporter/PS4-Notify/blob/main/Notify.h

void *keep(void*n) {
    int64_t runtime = 0;
    while (true) {
        Notify("Still Running");
        runtime++;
        sceKernelSleep(60);
    }
}
 
extern "C" int module_start(size_t argc, const void* argv)
{
    ScePthread thread;
    scePthreadCreate(&thread, NULL, keep, NULL, "injection thread");
    Notify("Test! {loaded code via prx} {module_start}");
    return 0;
}

extern "C" int module_stop(size_t argc, const void* argv)
{
}
Notes (I could very well be wrong on these, so do not take them as 100% fact):

Now, First thing to note is the fact that in the example above, my code, its running on a separate thread, and not the main thread, so all functions need to be thread-safe, if you want to use non-thread safe functions they would be required to be ran directly inside module_start (this means they must be able to be ran at run time).
PS4 Trophy Unlocker PRX
PS4 Game Patches Repo & PRX to Unlock All Trophies Details via Backporter.jpg
 

Comments

@Backporter You can modify sceKernelIsNeoMode to sceKernelLoadStartModule (Replace the nid string WslcK1FQcGI to wzvqT4UqKX8), most games have sceKernelIsNeoMode call
 
The issue is not every game has sceKernelLoadStartModule lol, unless custom PRX's (made by the developers) are used by the game (like mad max) than its highly unlikely you will find sceKernelLoadStartModule in the games.

@jocover also already tried that FYI, it still does not work (in this case anyway).

Added a patch that supports DriveClub :)
 
@Backporter

I wrote an example of sceKernelIsNeoMode replacement

1. patch sceKernelIsNeoMode call (xor eax,eax or xor eax,eax;inc eax)

2. Replace WslcK1FQcGI to wzvqT4UqKX8

3. write loader code

4. call load prx

5. (optional) modify the param.sfo file to turn off neo support
modified address is in the README file :)
 
@jocover I tried swapping the NID's of sceKernelGetModuleInfo to sceKernelLoadStartModule and it didn't work, but again, I really don't want to touch main calls to main functions (like sceKernelIsNeoMode).

also just tried it, cause my system to kernel panic as soon as the game boots
 
Status
Not open for further replies.
Back
Top