Here's what I know.
From 0x00-0x100 it has a DOL header which is corrupted (likely ignored, gekko boots at 0x100)
Code: Select all
(Below is DOL header contents)
<small>
0x3 - Text 256
0x7 - Text 0
. . .
--------
0x1F - Data 0
. . .
--------
--------
0x4B - Text-A 2167406592 !!!
0x4F - Text-A 0
. . .
--------
0x67 - Data-A 0
. . .
--------
--------
0x93 - Text-S 2095072
0x97 - Text-S 0
...
--------
0xAF - Data-S 0
.... ... ..
0xDF - BSS Memory at 0 size of 0
0xE3 - Entry point at 2167406592 !!!
!! Cannot dump blocks, DOL header is corrupted.
I was exploring the file a bit when I found entries that look like gamecube FST, and sure enough it was, however I don't know where this FST starts. The IPL appears to setup the OS, with the main menu just being a rom that directly boots the game in the drive.
Within this filesystem are several files listed, there are gamecube stream format sounds
Code: Select all
/stream00.adp.../stream01.adp.../stream02.adp.../stream03.adp.../stream04.adp.../stream05.adp.../stream06.adp.../stream07.adp...
Code: Select all
ipl_0.aw
/Banks/.
......Banks/ipl.bnk (Just by manually checking the data surrounding these, it is indeed sequence data)
......Banks/ipl.ws
Code: Select all
/boot_demo_base_cube.1.SH
/boot_demo_cover_cube.base32
/cube_mat1
Code: Select all
"Pokemon Stadiummmmmm"
"Gameplay.Pokemon Stadiummmmmm"
"pokemon kingin.2000"
"The new PokeMon Stadium!"
Right, so I don't know where the filesystem in this rom is, or where to find the start of it. But here's a copy of the decrypted bios.
First, here's the XOR pad for decrypting the bios
http://xayr.ga/rom/ipl_xor.pox ( Does not include the first 0x100 bytes, if you're going to use this, remember to seek past! )
aaaand here's the bios.
http://xayr.ga/rom/ipl_decrypted.bin
If you'd like; take a crack at it, and see if you can locate the start of the filesystem. From here we should be able to locate the ROM for the IPL screen (main menu). If you'd like to find where its entry is in the FST, you can search for "iplrom.com" in the ipl_decrypted.bin
If you'd like to run this against, i've made a tool for making keys / decrypting a bios. Here's a small little tool I made called PadXOR. You can test it on another IPL.bin, but i'm not going to promise it will work.
To decrypt a bios you can use this "pxor <bios rom> ipl_xor.pox /o 256 /r"
Source code is included in the archive.
http://xayr.ga/rom/pxor.7z
I'll keep you all updated on my findings.