-
Notifications
You must be signed in to change notification settings - Fork 7
/
Copy pathbuild_boot.dat_hekate.py
72 lines (55 loc) · 1.44 KB
/
build_boot.dat_hekate.py
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
###############################################
# TX SX Pro Custom Payload Packer - by CTCaer #
###############################################
import struct
import hashlib
from os import unlink
"""
typedef struct boot_dat_hdr
{
unsigned char ident[0x10];
unsigned char sha2_s2[0x20];
unsigned int s2_dst;
unsigned int s2_size;
unsigned int s2_enc;
unsigned char pad[0x10];
unsigned int s3_size;
unsigned char pad2[0x90];
unsigned char sha2_hdr[0x20];
} boot_dat_hdr_t;
"""
def sha256(data):
sha256 = hashlib.new('sha256')
sha256.update(data)
return sha256.digest()
boot_fn = 'boot.dat'
# Custom payload filename.
stage2_fn = 'hekate_ctcaer.bin'
boot = open(boot_fn, 'wb')
with open(stage2_fn, 'rb') as fh:
stage2 = bytearray(fh.read())
stage2 = bytes(stage2)
# Re-create the header.
header = b''
# Magic ID.
header += b'\x43\x54\x43\x61\x65\x72\x20\x42\x4F\x4F\x54\x00'
# Version 2.5.
header += b'\x56\x32\x2E\x35'
# Set sha256 hash of stage2 payload.
header += sha256(stage2)
# Set stage2 payload destination to 0x40010000.
header += b'\x00\x00\x01\x40'
# Stage2 payload size.
header += struct.pack('I', len(stage2))
# Disable Stage2 encryption.
header += struct.pack('I', 0)
# Add padding. Stage3 size is 0.
header += b'\x00' * 0xA4
# Add header's sha256 hash.
sha256 = hashlib.new('sha256')
sha256.update(header)
header += sha256.digest()
# Write header and the plaintext custom payload.
boot.write(header)
boot.write(stage2)
boot.close()