from the code pastie here: http://pastie.org/4365689
just added some fprint to his code to output the results:
dumps eid0_dump.bin (still encrypted) and debug.rtf
the debug log:
(replaced some with X's)
it's the eid0 section of flash same result as graf's ps3dm_iim or with flash dump and eidsplitter or hex editor.
source and binary/package
must have access to Indi Info Manager(rebug toolbox option) or else prolly locks up
(tested on rebug 4.21 with all patches applied in toolbox)
Code:
#include <ppu-types.h>
#include <ppu-lv2.h>
/*! IIM interface syscall. */
#define SYSCALL_IIM_IF 868
/*! IIM interface. */
#define IIM_IF(cmd, a1, a2, a3, a4) \
do{ lv2syscall5(SYSCALL_IIM_IF, (u64)(cmd), (u64)(a1), (u64)(a2), (u64)(a3), (u64)(a4)); }while(0)
/*! IIM_GET_DATA. */
#define IIM_GET_DATA 0x17002
/*! EID0 index. */
#define EID0_IDX 0
int main(int argc, const char **argv)
{
u8 eid0[0x1000];
u64 size;
FILE *fp;
//Get EID0.
IIM_IF(IIM_GET_DATA, EID0_IDX, eid0, sizeof(eid0), &size);
//Dump to usb or wherever you like...
return 0;
}just added some fprint to his code to output the results:
Code:
#include "ppu-types.h"
#include "ppu-lv2.h"
#include <stdio.h>
#include <sys/process.h>
/*! IIM interface syscall. */
#define SYSCALL_IIM_IF 868
/*! IIM interface. */
#define IIM_IF(cmd, a1, a2, a3, a4) \
do{ lv2syscall5(SYSCALL_IIM_IF, (u64)(cmd), (u64)(a1), (u64)(a2), (u64)(a3), (u64)(a4)); }while(0)
/*! IIM_GET_DATA_SIZE */
#define IIM_GET_SIZE 0x17001
/*! IIM_GET_DATA. */
#define IIM_GET_DATA 0x17002
/*! EID0 index. */
#define EID0_IDX 0
/*! File to save data */
#define FILENAME "/dev_usb/eid0_dump.bin"
SYS_PROCESS_PARAM(1001,0x10000)
int main(int argc, const char **argv)
{
u8 eid0[0x1000];
u64 size;
FILE *fp;
int i;
//Get EID0 size......
IIM_IF(IIM_GET_SIZE, EID0_IDX, &size, 0, 0);
//Get EID0......
IIM_IF(IIM_GET_DATA, EID0_IDX, eid0, sizeof(eid0), &size);
//Dump to usb or wherever you like.......
if ((fp = fopen(FILENAME, "w")) == NULL)
return -1;
fwrite(eid0, sizeof(u8), 0x1000, fp);
fclose(fp);
// print debug log.......
if ((fp = fopen("/dev_usb/debug.rtf", "a")) == NULL)
return -1;
fprintf(fp,"\nIIM_GET_SIZE: %#x", IIM_GET_SIZE);
fprintf(fp,"\nIIM_GET_DATA: %#x", IIM_GET_DATA);
fprintf(fp, "\nEID0_IDX: %d", EID0_IDX);
fprintf(fp, "\n\nsize of eid0: %#x", sizeof(eid0));
fprintf(fp, "\nsize of u64: %d", sizeof(u64));
fprintf(fp, "\nsize of u8: %d", sizeof(u8));
fprintf(fp, "\n\naddress of size: %p", &size);
fprintf(fp, "\nsize: %#x\n\n", size);
for (i=0;i<48;i++)
{
fprintf(fp, "%.2X",eid0[i]);
if ((i==15) || (i == 31))
fprintf(fp, "\n");
}
fclose(fp);
return 0;
}dumps eid0_dump.bin (still encrypted) and debug.rtf
the debug log:
Code:
IIM_GET_SIZE: 0x17001
IIM_GET_DATA: 0x17002
EID0_IDX: 0
size of eid0: 0x1000
size of u64: 8
size of u8: 1
address of size: d0010ca8
size: 0x860
000000010084000XXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXit's the eid0 section of flash same result as graf's ps3dm_iim or with flash dump and eidsplitter or hex editor.
source and binary/package
must have access to Indi Info Manager(rebug toolbox option) or else prolly locks up
(tested on rebug 4.21 with all patches applied in toolbox)
