Moreover, monitoring syscalls would not be enough to fully secure the system, data like the idps can be found in userland memory without using syscalls therefore any mitigation system would have to monitor more than syscalls. There are other syscalls than the sys_storage ones that may leak sensitive data, they could be monitored in the same way too.īut that's the theory, in practice someone needs to be interested & willing to develop such a solution. Accesses to specific nor/nand regions or offsets where sensitive information is stored could be monitored & blocked or whatever when a custom sprx is trying to access it. If sys_storage_read is used on the Flash memory, the code is extracting data from nor/nand. There are syscalls that no prx game mod should ever need to use or at least not along with specific arguments.įor instance, if sys_storage_open is called with the first argument indicating the Flash memory, it means some code is going to attempt to read/write or otherwise mess with Flash memory data. Having said that though, it would probably be possible to make a real time protection solution by modding Cobra, adding hooks & making a vsh plugin sprx to monitor access to the syscalls that may extract sensitive system data & block/allow/warn. IDPS stealing with homebrew code is the easiest thing in the world to do & unfortunately there are many ways to do it so it would probably be quite complicated to make a scanner app (like an antivirus of sorts) to detect malicious code signatures in custom executables.
Most homebrew projects are open source & safe but closed source game mods prx menus could be risky, using them on your console is no different from running some executable from unknown source with admin permissions on a PC without any protection of any kind.
0 kommentar(er)
