Commit d8d0e68b authored by PoroCYon's avatar PoroCYon
Browse files

working example code

parent 599d0d8e
......@@ -81,9 +81,9 @@ int main(void) {
" (user and game data)\n"
"- Y to restore the EEPROM\n"
" (UNTESTED! DATA LOSS HAZARD!)\n"
"- L to run code on the walker\n"
"- R to run code on the walker\n"
" (sd:/pwcode.bin)\n"
"- R to dump the IR cartridge\n"
"- L to dump the IR cartridge\n"
" internal FLASH ROM\n"
);
......@@ -244,7 +244,7 @@ END:;
else iprintf("no scan results\n");
}
if (run && (keys & KEY_R) && !(oldkeys & KEY_R)) {
if (run && (keys & KEY_L) && !(oldkeys & KEY_L)) {
FILE* fff = fopen("sd:/cartflash.rom", "wb");
if (!fff) {
iprintf("can't open file :(\n");
......@@ -265,7 +265,7 @@ END:;
Lnop3:;
}
if (run && (keys & KEY_L) && !(oldkeys & KEY_L)) {
if (run && (keys & KEY_R) && !(oldkeys & KEY_R)) {
if (pw_scan()) {
iprintf("ping!\n");
......@@ -278,21 +278,30 @@ END:;
iprintf("can't open file pwcode.bin\n");
goto LnopL;
}
uint8_t stuff[0x80];
uint8_t stuff[0x200];
size_t blobsize;
if ((blobsize = fread(stuff, 1, sizeof stuff, fff)) <= 0) {
iprintf("can't read file pwcode.bin\n");
close(fff);
fclose(fff);
goto LnopL;
}
close(fff);
fclose(fff);
if (!pw_write_mem(sessid, 0xf956, blobsize, stuff)) {
iprintf("can't install code\n");
goto LnopL;
uint16_t org = 0xf8f0+0x180;
uint16_t orgBE = ((org&0xff)<<8)|((org>>8)&0xff);
while (blobsize != 0) {
size_t chunk = ((blobsize > 0x7e) ? 0x7e : blobsize);
if (!pw_write_mem(sessid, org, chunk, stuff)) {
iprintf("can't install code 0x%x\n", org);
goto LnopL;
}
blobsize -= chunk;
org += chunk;
}
if (!pw_write_mem(sessid, 0xf7e0, sizeof sploit_trigger,
sploit_trigger)) {
&orgBE)) {
iprintf("can't install trigger\n");
goto LnopL;
}
......
......@@ -15,7 +15,7 @@ PHDRS {
main PT_LOAD FLAGS(7);
}
ORIGIN_SPLOIT = 0xf956;
ORIGIN_SPLOIT = /*0xf956*/ 0xf8f0 + 0x180;
SECTIONS {
. = ORIGIN_SPLOIT;
......
......@@ -11,33 +11,100 @@ _start:
jsr common_prologue
jsr wdt_pet
/* first, disable any chipsel stuff */
/*mov.b #0xff, r0l
mov.b r0l, @PDR1
mov.b r0l, @PDR9*/
# SSU TX only
# mov.b #0x80, r0l
# mov.b r0l, @SSER
/*# lcd chipsel
bclr #0, @PDR1:8
# lcd cmds
bclr #1, @PDR1:8*/
# above is done by this fn
jsr lcdExitPowerSaveMode
# mov.w #0x0808, r0 /* x, y */
sub.w r0, r0 /* x, y */
mov.w #POKEWALKER_LARGE_IMAGE, e0 /* img data */
mov.w #0x2020, r1 /* w, h */
jsr drawImageToScreen
mov.w #cmd_data, r2
6: mov.b @er2, r0l
jsr lcdSendSingleByteCommand
inc.w #1, r2
cmp #cmd_data_end, r2
bne 6b
mov.w #0x0380, r3 /* color (3), iters (0x80) */
1: jsr smallDelay
jsr wdt_pet
# lcd data
bset #1, @PDR1:8
mov.w #ttnlogo, r2
8: mov.b @er2, r0l
jsr lcdSendSingleByteCommand
mov.b @er2, r0l
jsr lcdSendSingleByteCommand
inc.w #1, r2
cmp #ttnlogo_end, r2
bne 8b
push.w r3
/* color (ugh) */
sub.w r0, r0
mov.b r3h, r0l
push.b r0
/* sub.w r0, r0 */
mov.w #0x0808, r0 /* x, y */
mov.w #0x1010, r1 /* w, h */
jsr lcdFillRectangle
pop.w r3
xor.b #3, r3h /* negate color */
/* mov.w #0xf000, r3
4: mov.b r3h, r0l
jsr lcdSendSingleByteCommand
mov.b r3h, r0l
jsr lcdSendSingleByteCommand
dec.b r3h
# xor #0xff, r3h
dec.b r3l
bne 1b
bne 4b*/
mov.w #irCommsEventLoop, r0
mov.b #0xc0, r0l
3: push.w r0
jsr smallDelay
jsr wdt_pet
pop.w r0
dec.b r0l
bne 3b
2: mov.w #irCommsEventLoop, r0
jsr setEventLoopFunc
jmp common_epilogue
/*send_byte:
mov.b @SSSR, r0h
bld #2, r0h
bcc send_byte
mov.b r0l, @SSTDR
rts*/
cmd_data:
.byte 0x00
.byte 0x10
.byte 0x18
# .byte 0x40,0x00
# .byte 0x44,0x00
.byte 0xaf
.byte 0xb0,0x00
.byte 0xa4
cmd_data_end:
ttnlogo:
# pre-t
# .byte 0x40,0x60,0x60,0,0
.byte 0x02,0x06,0x06,0/*,0*/
# t
# .byte 0x60,0x60,0x7f,0x7e
.byte 0x06,0x06,0xfe,0x7e
# i
# .byte 0x60,0x60,0xe6,0xee
.byte 0x06,0x06,0x67,0x77
# t
# .byte 0x60,0x60,0x7f,0x7e
.byte 0x06,0x06,0xfe,0x7e
# a
# .byte 0x60,0x62,0x7f,0x32,0x1a,0x0e
.byte 0x06,0x46,0xfe,0x4c,0x58,0x70
# n
# .byte 0x46,0x7e,0x7e,0x30,0x18,0x0a,0x7e,0x7f,0x40
.byte 0x62,0x7e,0x7e,0x0c,0x18,0x50,/*0x7e,*/0xfe,0xfe,0x02
ttnlogo_end:
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment