Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Reputation Activity

  1. Like
    Nanashi3 got a reaction from iKiritoCy in Data extraction thread   
    Hello there,
    The engine is WillPlus/AdvHD, so you'll have best luck looking for compatible tools (Pulltop)
    There are numerous people who worked on both scenario (retranslation) and graphics patches for If My Heart Had Wings (IMHHW) or koirizo DAT is probably just the extension for bitmap files. ARC is the extension for archives (but it is NOT required to repack modded files IIRC, you just put them in the EXE directory) [1] See thread
    and (WillPlus)
    [2] https://github.com/ZudoMC/AutoSpriter
    [3] https://github.com/Inori/FuckGalEngine/tree/master/AdvHD
    [4] https://github.com/Amarillys/MaikzJsRepo/blob/master/advhd-mkz.js
    [5] https://github.com/marcussacana/WillPlusManager
    MeruP has private tools apparently, so you may want to ask (nicely).
  2. Thanks
    Nanashi3 got a reaction from thrae in Data extraction thread   
    Hello there,
    The engine is WillPlus/AdvHD, so you'll have best luck looking for compatible tools (Pulltop)
    There are numerous people who worked on both scenario (retranslation) and graphics patches for If My Heart Had Wings (IMHHW) or koirizo DAT is probably just the extension for bitmap files. ARC is the extension for archives (but it is NOT required to repack modded files IIRC, you just put them in the EXE directory) [1] See thread
    and (WillPlus)
    [2] https://github.com/ZudoMC/AutoSpriter
    [3] https://github.com/Inori/FuckGalEngine/tree/master/AdvHD
    [4] https://github.com/Amarillys/MaikzJsRepo/blob/master/advhd-mkz.js
    [5] https://github.com/marcussacana/WillPlusManager
    MeruP has private tools apparently, so you may want to ask (nicely).
  3. Thanks
    Nanashi3 reacted to pmrowla in Data extraction thread   
    I've been working on a tool for extracting and patching LiveMaker/LiveNovel games and figured I should post it here. It started out as a fork of tinfoil's irl which I guess was kickstarted and then abandoned a while back?
    Current status is:
    LiveMaker assets can be extracted from .exe or .dat files LiveMaker's binary .lsb format for their "chart" scripting can be dumped as text or xml LiveNovel scripts can be extracted from LiveMaker's binary .lsb format (Translated) LiveNovel scripts can be compiled and inserted back into a .lsb file Modified .lsb's can be patched back into a livemaker game and run with (cp932 encoded) english text, but currently the application will lock up when you try to exit. My current code is here: https://github.com/pmrowla/pylivemaker/tree/wip (you have to use the wip branch link since I'm not pushing anything into master until I figure out the crash on exit thing)
    The code itself is mostly fully commented but I haven't published any of the actual docs yet, so there's a github issue w/a summary of what works right now and what doesn't: https://github.com/pmrowla/pylivemaker/issues/1
    Honestly idk if there's even any livemaker games worth patching but I was bored and felt like reversing something so I picked an obscure engine that afaik hasn't been dug into very much before. I think GARbro supports viewing .gal CG's from LiveMaker archives, but that doesn't cover the text extraction and patching side of things.
  4. Thanks
    Nanashi3 got a reaction from thrae in Data extraction thread   
    You may download the v0.4 here: https://web.archive.org/web/20171201163843/https://tlwiki.org/index.php?title=File:Yuno_arctools.zip
  5. Like
    Nanashi3 got a reaction from Maddy in Extracting Ps2 Game Help   
    Hello @Maddy
    Here are a couple of scripts to pull data out of DATA.BIN.
    I have no idea how DATA0.BIN is referenced.
    1. Download and extract this archive on your PC: princess_nightmare_quickbms_scripts-2013-12-07.zip
    2. Download QuickBMS.zip from http://aluigi.altervista.org/quickbms.htm and extract it to the same folder.
    3. Open a Command Prompt and cd to the extract dir
    4. Enter the following command (replace H: with the letter of your DVD-ROM drive):
    quickbms.exe _princess_nightmare_extract_tag.bms H:\DATA\DATA.TAG  
    Script files are *.AS which is plain text *.PRS are compressed data, typically expanding into either *.TM2 (TIM2 playstation image) or *.TEX (collection of TIM2 images).
    You may extract a .PRS file using the second bundled bms script e.g.
    quickbms.exe _princess_nightmare_prs_unpacking.bms CHR041.PRS I haven't tried to differentiate output here (out of laziness), you will obtain "CHR041.PRS.unpacked" which should actually be renamed as "CHR041.TM2" Use the _convert_tm2.cmd batchfile to convert .TM2 files into pngs. It relies on the official GimConv tool for this and you may repack the other way with this same tool and an adequate set of commandline switches. Have fun!
  6. Like
    Nanashi3 reacted to Nosebleed in Toradora! Portable   
    A spin-off of the popular Toradora Anime.
    Unlike in the original story, this time Takasu Ryuuji finds himself in a hospital bed. Confused and dizzy he's suddenly greeted by a short girl who calls him by a strange name. Is this his name? Who is this girl? It's soon after that the shocking truth comes to the surface. Amnesia. Poor Ryuuji suffered an accident after christmas eve and forgot everything about his past, his friends, his likes, his relationships, even his own name. 
    As he leaves the hospital he meets up with all sorts of people who seem to be acquainted with him. A beautiful blonde girl who apparently lives with him. His best friends Kitamura and Minori. The popular model Kawashima Ami and even his pet parakeet Inko-chan. These people hold all of Ryuuji's memories and they are the key to unlocking his past.
    What will Ryuuji do? Will he be able to recover all of his past? An eventful journey awaits him as new year approaches and the new school semester comes closer by the day. Will he be able to remember everything before school starts? And if he does will anything in his new life change? It's all up to you to you decide.
     Ending Guideline / Suggested Route Order
    This novel has an enforced playing order so you will not be able to avoid bad endings straight away.
    Each ending is graded at the end of the game by Yuri, she'll score it from the worst possible (50 points) to the best possible (100 points).
    There's a lot of dialog choices that are only available if you pick certain items while cleaning/talking.
    The common route always branches at the exact same point and you'll get a different scenario based on the choices you made.
    The game is divided into 3 scenarios: Kitamura & Kano, Courage Test and Solution.
    Within each scenario you have several character routes that you can get into.
    This is an ending guide not a full walkthrough
    Following this entire guide will get you around 90% completition of the game.
    Why not 100%? There's numerous ways of getting into the same ending and each of those counts as a percentage of the game. Every single choice, item and path is a percetange. My goal here is to give you all the endings not every single path in the game.
    There is a list at the end with every single item if you want to know where to find a specific one. You can view your items in the extras option.
    All 21 endings in the game are listed below.
    If you want to complete the game 100% you can try and search for new paths by pressing L during dialogs in order to see the route diagram. 
    Make different choices, pick up all the items you can by cleaning and talking and see if you can go in all the paths.
    Game Mechanics
    Let's break down the mechanics of the game into 3 important ones.

    Item collecting:

    Moving around town:

    Route Guideline

    Aisaka Taiga
    Normal End (75 Points)

    True End (100 Points)
    Unlocked by completing both Minori's Normal End (70 Points) and Taiga's Normal End (75 Points)

    Bad End (65 Points)

    Kushieda Minori
    Normal End (70 Points)

    True End (100 points)
    Unlocked by completing both Minori's Normal End (70 Points) and Taiga's Normal End (75 Points)

    Bad End (60 Points)

    Kawashima Ami
    Normal End (90 Points)

    True End (100 Points)
    Unlocked by completing Ami's Normal End (90 Points)

    Bad End (50 points)

     Bad End (70 points)


    Kanou Sakura
    Requires all endings in the game to be completed
    When you begin a new game you will be prompted to a choice
    Choose "Play Bonus Story" and you'll be in this scenario
    Only End (100 Points)


    Kanou Sumire
    Good End (90 Points)

     Bad End (75 points)

    Aisaka Taiga and Kushieda Minori
    Only End (70 Points)

    Takasu Yasuko
    Only End (80 points)

    Koigakubo Yuri
    Only End ("Too priceless to grade")


    Kitamura Yuusaku
    Only End (80 Points)


    Hisamitsu Noto and Kouji Haruta
    Only End (85 points)

    Neutral Ends (65 Points)
    Unlocked by completing both Minori's Normal End (70 points) and Taiga's Normal End (75 points)


    Worst End (60 points)

    Item List

    Walkthrough made solely by me 
    Thanks to MottainaiVN for the help in quick checking the walkthrough and helping me add new endings to it and editing it.
    Also a thank you to all the users who put up with me and helped me grind the game for Sakura's ending. It took quite a while.
    You are free to use this guide anywhere as long as you credit it properly, I'd appreciate if you ask me though.
    If you have technical issues with the game go here
  7. Like
    Nanashi3 got a reaction from expelian in request for psp hackers   
    As requested, here is a Windows build of the latest source tree:
    hkki-3eaa1f6b3ebc3bf0dc04b17ee8cde478eb4ee264.7z  download link
    It was built using Qt's gcc compiler and http://gladewin32.sourceforge.net/ with this command line:

    g++ -I C:\GTK\include\gtk-2.0 -I C:\GTK\include\cairo -I C:\GTK\include\glib-2.0 -I C:\GTK\lib\glib-2.0\include -I C:\GTK\lib\gtk-2.0\include -I C:\GTK\include\pango-1.0 -I C:\GTK\include\atk-1.0 -mms-bitfields -c main.cpp compress.cpp action.cpp stcm2l_file.cpp text_entity.cpp g++ -o hkki main.o compress.o action.o stcm2l_file.o text_entity.o -LC:\GTK\lib -lgtk-win32-2.0 -lgmodule-2.0 -lglib-2.0 -lgobject-2.0 Edit: I also published the RSpec test suite I talked about earlier.
  8. Like
    Nanashi3 got a reaction from expelian in request for psp hackers   
    I'd say, it depends on your previous programming background?
    For absolute newcomers you may want to pick up a new language without too much complexity, and which will help you learn better software practices: Ruby or Python.
    If you need to find a job, C# and/or Java, with my preference for the former as it has superior debugging capacities and overall a more pleasant syntax.
    Later, after you have grasped the whys and hows, a lower-level language such as C++ and C.
    Nore re: hkki, I developed a small test suite in ruby to check various IdeaFactory scripts (script data structures)
    I think the author maybe erroneously interpreted how the file is divided, thus sometimes it works and other times not.
  9. Like
    Nanashi3 got a reaction from CaptainCepsa in Translation Project for Otome ga Tsumugu Koi no Canvas   
    Oh, and good luck for the project. Have always been wanting to play it cause the artwork is outright gorgeous.
  10. Like
    Nanashi3 got a reaction from Nayleen in Translation Project for Otome ga Tsumugu Koi no Canvas   
    I wrote that some time ago: http://wrttn.in/c03b7f
    And this packer might work (untested): https://gist.github.com/mchubby/7754610
    where did I get that from??? Some Japanese developer called "nota"apparently, but I can't remember, sorry
    Edit2: site is http://anime.geocities.jp/notazsite1/soft/ number 009
  11. Like
    Nanashi3 got a reaction from xyz in Tools for Yeti/Regista/Cyberfront console games   
    Hello everyone,
    I hereby proudly present a modest set of tools which aim at pulling out text from console VNs published by Yeti/Regista/Cyberfront.
    There was no identifiable name for the VN engine, and it is only one among many others Cyberfront etc. use.
    Tested titles are:
    Cross + Channel PSP and X360 Secret Game and its sequel Rebellion's PSP Kana Imouto PSP Hoshizora Planet PSP Ryuu-Koku PSP Konneko PSP Tamayura PSP Root Double X360  
    Those tools were written in Python 3 and may be freely used provided proper credit is given.
    Since it is a dynamic scripting language, sourcecode is freely available.
    How to use it:
    0- Install Python 3 (whatever version)
    1- Unzip archive contents. Edit all PS1 files to match your Python 3 path.
    2- Extract sn.bin from your game media and copy it into the same folder. Give it a significant name, e.g. sg2psp-sn.bin
    3- Open a Powershell prompt and change directory to the extract folder
    4- Run _1-extpak.ps1 ( C:\Mydir PS> .\_1-extpak.ps1 )
    It should generate a bunch of z__*.opcodescript files
    5- Run _2-extjis.ps1 ( C:\Mydir PS> .\_2-extjis.ps1 )
    For each opcodescript, a resource txt file may appear depending on whether strings were detected.
    6-Optionally you may want to convert those txt files to po for importing them into a Weblate project for instance
    You may also want to take a look at the presentation I created for installing Weblate on a cloud service: https://slid.es/mchubby/weblate-on-pythonanywhere
    I had no time to retest the whole process again though >_<
    Known Non-Bugs:
    The last item of each archive is not a game script. It certainly serves a purpose, but it does not matter as far as text extraction is concerned.  
    Known Bugs:
    Rebellion's SG script 002 won't be parsed correctly.. Not that it matters, it seems to be an orphan script.  
    Decode root double PS3 (BLJM-61100) 's sn.sdat, but I cannot find the corresponding klicensee even after bruteforcing. help?
      Figure out bitmap format of XTX graphics mode 1 and 2 
    asmodean's spc2bmp only supports 32bpp bitmaps (mode 0)
    only clue I have atm is http://tieba.baidu.com/p/2397878791  ; they have the same issue here http://tieba.baidu.com/p/2631815322  
    PS: @Ziddy, apologies for not answering PMs, I was horribly busy
  12. Like
    Nanashi3 reacted to Flutterz in Symphonic Rain   
    Symphonic Rain
        Summary Symphonic Rain takes place in a fictional city of apparently Italian heritage, where rain falls everyday. The locals there have adapted to this peculiar phenomenon, and carry on with their lives as if the rain was never there. No one takes an umbrella, no one wears a rain coat.   The main character of the story is 17 year old Chris, a Fortelle student of the famous Piova Communal School of Music (Scuola Comunale di Musica Piova, in Italian). Separated from his childhood sweetheart Arietta when he left his home town for the city, he keeps in touch with her through the means of weekly letters. Penning their thoughts on those letters, Chris treasures and keeps her weekly writings, for he had promised her that should his drawer become totally filled with them, he would return to her.   The game starts during Chris's third year as a student, a few months before he has to take the school's final graduation examination: a staged performance. As an instrumentalist, he is required to search for a vocalist partner before he is eligible for the examination.   Ending Guideline / Suggested Route Order The recommended route order is Fal -> Lise -> Torta -> Al Fine 1 -> Al Fine 2 -> Phorni. Fal and Lise can be completed in any order but you should only do Torta's route after the other two, and Al Fine 1 can be skipped but it is a bad idea to do so.   About the music minigame: The gameplay consists of pressing the right button when a note enters the column in rhythm with the song that is being played. Keep in mind that "+" is actually ";", "<" is actually "," and ">" is actually ".". There are three difficulty settings which can be selected in the options menu. On Easy you only need to worry about the "D", "F", "J" and "K" keys, Normal also adds "A", "S", "L" and ";", and Hard uses all the letters on keyboards. Alternatively you can turn Autoplay on, then the songs will be played for you which is the closest you can get to skipping them. Route Guideline  
    Falsita Fawcett
      Good End
      Bad End
    Liselsia Cesarini
      Good End
      Bad End
    Tortinita Fine
      Good End
      Bad End
    Al Fine
      End #1
      End #2
      Attribution This walkthrough is based on info attained on Gamefaqs.com with some adjustments made by me.
  13. Like
    Nanashi3 reacted to xyz in Toradora! Portable   
    It's released now.
  14. Like
    Nanashi3 reacted to xyz in Toradora! Portable   
  15. Like
    Nanashi3 reacted to xyz in Toradora! Portable   
    1. It's got much easier after PyCairo/PyGTK removal, all dependencies can be installed with pip. I don't think you can run it on shared hosting though, unless your hoster is nice enough to install all required deps and support Django and cron.
    2. Yes, there are external resources like user profiles, translation history (git history is a subset of it), glossaries, stats; so make sure to backup database as well.
    3. There are glossaries (example). I'm not sure what you meant by "guidelines w.r.t what and when to commit translations".
    4. When I was setting up Toradora! P translation I simply used wiki syntax and po2txt/txt2po. I don't think I have any examples of working with .po files apart from this one which treats source strings from the first .po as translations to source strings from the second .po file (I used it to merge some existing translations). It uses Translate Toolkit just like Weblate does.
  16. Like
    Nanashi3 reacted to xyz in Toradora! Portable   
    1. Not sure, 100 seconds of CPU time/day seems pretty low to me
    3. I'm not sure why do you refer to committing because that's what Weblate does, not translators. Regarding locks, I've disabled them (answering your question, there are no guidelines since we've only got one "full-time" translator).
  17. Like
    Nanashi3 got a reaction from Blue in request for psp hackers   
    It seems some UTF tables are encrypted.
    To extract from those archives, you may use CriToolpack from Falo ( http://forum.xentax.com/viewtopic.php?f=10&t=10646 )
    I have uploaded a modded version which has "extract all" and "extract selected" working correctly http://www.embedupload.com/?d=92EWH2YGVB
    Diabolik Lovers scripts @ http://www.embedupload.com/?d=4PL3GXQPIW
    Opening fine in hkki AFAICT.
    Edit: more info about XOR obfuscation in source, and here --> http://wrttn.in/04fb3f by [unknown]
    Edit2: another tool https://github.com/shinohane/cpktools
  18. Like
    Nanashi3 got a reaction from xyz in request for psp hackers   
    Hi xyz,

    The mods? they're a couple of assembly instructions that circumvent how the program originally runs. A "NoUmd" patch if you want.

    For instance, sceUmdCheckMedium and sceUmdActivate are typically called once in the whole game during the startup sequence.
    The C code (higher level) would be like this:

    if(sceUmdCheckMedium() != 0) { if(sceUmdActivate(1, "disc0:") >= 0) { sceUmdWaitDriveStat(PSP_UMD_READY); //... } } It translates to this: .text:088056A0 jal sceKernelRegisterExitCallback .text:088056A4 move $a0, $v0 .text:088056A8 jal sceUmdCheckMedium .text:088056AC nop .text:088056B0 bnez $v0, loc_88056C0 .text:088056B4 nop .text:088056B8 jal sub_8871B94 ; call to a subroutine @8871B94, which itself calls sceUmdWaitDriveStatCB .text:088056BC li $a0, 2 .text:088056C0 .text:088056C0 loc_88056C0: .text:088056C0 lui $a1, 0x88F .text:088056C4 li $a0, 1 .text:088056C8 jal sceUmdActivate .text:088056CC la $a1, aDisc0 # "disc0:" .text:088056D0 bgezl $v0, loc_88056E0 .text:088056D4 li $a0, 0x20 .text:088056D8 b loc_8805734 .text:088056DC li $v0, 0xFFFFFFFF .text:088056E0 # --------------------------------------------------------------------------- .text:088056E0 .text:088056E0 loc_88056E0: .text:088056E0 jal sub_8871B94 ; ditto above .text:088056E4 nop .text:088056E8 la $a0, unk_9CB2494 conversely sceUmdGetDriveStat, sceUmdWaitDriveStat and friends are called at several locations before a read is attempted. We don't need them, since we're not reading from UMD any longer. 1) So the first task is to reference all locations that want to read from disc0:, and somehow have them read from ms0: (hardcoded string modification) - this is done in a hex editor. If it is simply "disc0:", I lookup in IDA what uses such a string (1st: sceUmdActivate itself, 2nd: ADXT::SetDevice) - only 2nd requires "disc0:" be changed into "ms0:" 2) Then I blank out ("NOP") the whole code block after I checked out there was really nothing interesting inside. I switch between IDA View and Hex View to find patterns to locate code (or I am smarter and I compute where modifications should go) .text:088056A0 jal sceKernelRegisterExitCallback .text:088056A4 move $a0, $v0 .text:088056A8 nop .text:088056AC nop .text:088056B0 nop .text:088056B4 nop .text:088056B8 nop .text:088056BC nop .text:088056C0 nop .text:088056C4 nop .text:088056C8 nop .text:088056CC nop .text:088056D0 nop .text:088056D4 nop .text:088056D8 nop .text:088056DC nop .text:088056E0 nop .text:088056E4 nop .text:088056E8 la $a0, unk_9CB2494 3) Patching the remaining calls 3A) sceUmdGetDriveStat a quick google lookup says it returns an integer. pspUmdState { PSP_UMD_NOT_PRESENT = 0x01, PSP_UMD_PRESENT = 0x02, PSP_UMD_CHANGED = 0x04, PSP_UMD_INITING = 0x08, PSP_UMD_INITED = 0x10, PSP_UMD_READY = 0x20 } Um, okay. So we patch the call to always return 0x20. Return values are stored in $v0 and $v1 in MIPS. So when I see: .text:088AE15C jal sceUmdGetDriveStat .text:088AE160 nop I want this instead: .text:088AE15C li $v0, 0x20 .text:088AE160 nop I pay extra attention to the instruction after jal because it is executed before the call, I do not want it to have undesirable effects. Having checked all xrefs, I know all sceUmdGetDriveStat calls use a nop instruction in the delay slot, so no need for inversion. To get the 32-bit opcode for the load instruction ( "li $v0, 0x20" ), you either find the same instruction elsewhere in the program (this one is relatively easy to find), or you compile one. PPSSPP has a debugger window in which you can Assemble opcode Assemble opcode, value: "li v0,0x20", click OK Right click on assembled instruction => go in memory view and see corresponding 32-bit word To sum up: Search: 88B3230E (stub call jal sceUmdGetDriveStat) Replace all: 20000224 (li $v0, 0x20) 3B) sceUmdWaitDriveStatCB This is referenced in a single function that serves as wrapper & called from several locations. I should have the replacement code call the CB and return a >=0 value, but things seem to work just as well without, so I don't really care .text:08871B94 # =============== S U B R O U T I N E ======================================= .text:08871B94 .text:08871B94 sub_8871B94: .text:08871B94 addiu $sp, -0x10 .text:08871B98 sw $ra, 0x10+var_4($sp) .text:08871B9C sw $s0, 0x10+var_8($sp) .text:08871BA0 move $s0, $a0 .text:08871BA4 move $a0, $s0 .text:08871BA8 .text:08871BA8 loc_8871BA8: .text:08871BA8 jal sceUmdWaitDriveStatCB .text:08871BAC li $a1, 0x2710 After .text:08871B94 # =============== S U B R O U T I N E ======================================= .text:08871B94 jr $ra .text:08871B98 nop ; nop in delay slot

    substitution sequence is 0800E003 00000000

    3C) sceUmdWaitDriveStat calls were guarded behind a sceUmdGetDriveStat check. Since we replaced that in 3A), no need to patch anything

    I suggest you try to compile simple homebrews and see the assembly output. It is another useful way to learn how high-level constructs are translated into machine code.
    PPSSPP features a basic debugger so you can also see how tests, branches, etc. work out.
  19. Like
    Nanashi3 got a reaction from xyz in request for psp hackers   
    1/ Decrypting EBOOT.BIN
    - Download the PSP2PS3 package by szczuru which is a collection of PSP tools.

    or http://www.sendspace.com/file/888suf

    - Copy EBOOT.BIN to the tools/ subfolder and double-click eboot_decrypt.exe.
    The generated BOOT.BIN is a MIPS executable with an ELF header.

    If you dont want to use eboot_decrypt, there are alternatives, including several running as homebrews on the PSP

    2/ Prepare symbols file for IDA Pro
    - You will need prxtool 1.1 by TyRaNiD and the PSP PRX LibDoc describing function NIDs by SilverSpring.

    prx tool @ http://www.embedupload.com/?d=2PYEFZUTJJ
    500_psplibdoc.zip @ http://silverspring.lan.st/

    Sourcecode for the prxtool is available at

    Extract everything in a single folder and BOOT.BIN too.
    In a command prompt,

    prxtool -n 500_psplibdoc_191008.xml --idcout -o BOOT.IDC BOOT.BIN The generated BOOT.IDC is a script containing instructions for IDA Pro. 3/ Load ELF in IDA Pro I won't give info about how to obtain the software, but licenses for IDA Pro (support for Allegrex CPU -PSP-) start at a very affordable 1129 USD / 869 EUR rate. Since you are in russia (I believe?), you could ask around for a rebate I guess ;)/>/>/>/>/>/> But enough chatter. - Open IDA Pro, and click Go - Drag BOOT.BIN into the main window, and click OK to accept defaults - In the top menu, click "File > Script File ..." and point to your BOOT.IDC script. The "Functions" pane should list detected function prologues with help from the IDC script. The sceUmd* functions are entries of interest. Double-click on one of them, and you should land on some subroutine in the main view. Now type "Ctrl+X" and you should get all function calls to the library function. The Hex-View is a synchronized view that lets you see the corresponding opcodes for each instruction. After that is a matter of reversing MIPS asm, which is something I cannot teach you since my knowledge in this area is very limited. - NOP = 00 00 00 00 (all instructions are exactly 32-bit) - JR $ra is the RETURN instruction. Beware, all branch instructions in MIPS use the so-called delay-slot activation. For instance JR $ra LI $v0, 1 will first execute the LI instruction, THEN the JR one. 4/ Building an EBOOT.PBP Traditionally, the only PBPs a regular PSP user would see are official firmware update. However, it is very possible to create custom ones, and any CFW shall run them. Since the geohot leaks, it is even possible to sign them so that OFW from PSP-1000 to PS Vita will run them (theoretically, I have never tested). - Create a working directory, copy into it: PSP_GAME\ICON0.PNG PSP_GAME\PARAM.SFO PSP_GAME\PIC1.PNG PSP_GAME\SND0.AT3 your BOOT.BIN Edit PARAM.SFO with a hex editor (e.g. Free Hex Editor Neo or Madedit) When you see "UG" (bootable UMD game), replace it with "MG" (bootable memorystick game). Then save. - Download the latest version of minimalist PSPSDK and install it. from http://sourceforge.net/projects/minpspw/files/SDK%20%2B%20devpak/pspsdk%200.11.2/ Another option is to open the setup package using 7-zip and extract bin\pack-pbp.exe into the working folder. Create a batch file with the following contents and execute it: SET SOURCE=BOOT.BIN C:\pspsdk\bin\pack-pbp "EBOOT.PBP" "PARAM.SFO" "ICON0.PNG" NULL NULL "PIC1.PNG" "SND0.AT3" %SOURCE% NULL

    That's all folks!
    There are certainly ways to sign code using tools from PSP2PS3 but it doesn't matter at the moment!
    Have fun!

  • Create New...