lui v0, $8008 lb v1, $8900(v0) bne v1, zero, 7 nop addiu v1, zero, 1 sb v1, $8900(v0) call _main /*I replaced 'call _main' with the rapid fire code; lui t1, $0034 sw zero, $7e8c(t1) */ lui v0, $8008 sb zero, $8900(v0)
Tweet
u32 EngineStore = 0x80078000;
u32 EngineRead = (void*)Engine;
for (i = 0; i < sizeof(Engine); i += 4)
{
scr_printf("A");
ee_kmode_enter();
*(u32*)EngineStore = *(u32*)EngineRead;
ee_kmode_exit();
EngineStore += 4;
EngineRead += 4;
}
ee_kmode_enter();
*(u32*)0x800002FC = 0x0C01E000;
ee_kmode_exit();
address $00078000 _start: addiu sp, sp, $FFF0 sq ra, $0000(sp) jalr k0 nop call _engine lq ra, $0000(sp) jr ra addiu sp, sp, $0010 _engine: addiu sp, sp, $FE00 sq at, $0000(sp) sq v0, $0010(sp) sq v1, $0020(sp) sq a0, $0030(sp) sq a1, $0040(sp) sq a2, $0050(sp) sq a3, $0060(sp) sq t0, $0070(sp) sq t1, $0080(sp) sq t2, $0090(sp) sq t3, $00a0(sp) sq t4, $00b0(sp) sq t5, $00c0(sp) sq t6, $00d0(sp) sq t7, $00e0(sp) sq s0, $00f0(sp) sq s1, $0100(sp) sq s2, $0110(sp) sq s3, $0120(sp) sq s4, $0130(sp) sq s5, $0140(sp) sq s6, $0150(sp) sq s7, $0160(sp) sq t8, $0170(sp) sq t9, $0180(sp) sq k0, $0190(sp) sq k1, $01a0(sp) sq fp, $01b0(sp) sq gp, $01c0(sp) sq ra, $01d0(sp) //Some random codes lui t0, $0017 addiu t1, zero, $7FFF sw t1, $1B40(t0) lui t2, $0034 sw zero, $7e8c(t2) lq at, $0000(sp) lq v0, $0010(sp) lq v1, $0020(sp) lq a0, $0030(sp) lq a1, $0040(sp) lq a2, $0050(sp) lq a3, $0060(sp) lq t0, $0070(sp) lq t1, $0080(sp) lq t2, $0090(sp) lq t3, $00a0(sp) lq t4, $00b0(sp) lq t5, $00c0(sp) lq t6, $00d0(sp) lq t7, $00e0(sp) lq s0, $00f0(sp) lq s1, $0100(sp) lq s2, $0110(sp) lq s3, $0120(sp) lq s4, $0130(sp) lq s5, $0140(sp) lq s6, $0150(sp) lq s7, $0160(sp) lq t8, $0170(sp) lq t9, $0180(sp) lq k0, $0190(sp) lq k1, $01a0(sp) lq fp, $01b0(sp) lq gp, $01c0(sp) lq ra, $01d0(sp) jr ra addiu sp, sp, $0200
Comment