$path = "D:\DesDemo\Emu\dev_hdd0\game\NPUB30910\USRDIR\EBOOT.BIN"
$size = (Get-Item $path).length

$bigendian = $true

$ba = [System.IO.File]::ReadAllBytes($path)
##########################################
Function RBytes
{
	Param (
		$addr,
		$size
	)
	[byte[]] $rb = [byte[]]::new(4)
	[System.Buffer]::BlockCopy($ba, $addr, $rb, 0, $rb.Length)
	$rb
}
##########################################
Function RUInt32
{   
	Param (
        $addr
    )
	[bitconverter]::ToUInt32($ba,$addr)
}
##########################################
Function WBytes
{
	Param (
		$addr,
		$wb
	)
	[System.Buffer]::BlockCopy($wb, 0, $ba, $addr, $wb.Length)
}
##########################################
Function WStrA
{
	Param (
		$addr,
		$str
	)
	$wb = [System.Text.Encoding]::UTF8.GetBytes($str)
	[System.Buffer]::BlockCopy($wb, 0, $ba, $addr, $wb.Length)
}
##########################################
Function WStrU
{
	Param (
		$addr,
		$str
	)
	
	$wb = [System.Text.Encoding]::Unicode.GetBytes($str)
	if ($bigendian) {
		for ($i = 0; $i -lt $str.Length; $i++)
		{
			$a = $wb[$i * 2]
			$b = $wb[$i * 2 + 1]
			$wb[$i * 2 + 1] = $a
			$wb[$i * 2] = $b
		}
	}
	
	[System.Buffer]::BlockCopy($wb, 0, $ba, $addr, $wb.Length)
}
##########################################
Function WUInt32
{
	Param (
		$addr,
		$val
	)
	$wb = [bitconverter]::GetBytes($val)
	[System.Buffer]::BlockCopy($wb, 0, $ba, $addr, $wb.Length)
}
##########################################
Function XorBytes
{
	Param (
		[byte[]] $b1,
		[byte[]] $b2
	)
	[byte[]] $b3 = [byte[]]::new($b1.count)
	for($i=0; $i -lt $b1.count ; $i++)
	{
		$b3[$i] = $b1[$i] -bxor $b2[$i]
	}
	$b3
}
##########################################
Function AreArraysEqual($a1, $a2) {
    if ($a1 -isnot [array] -or $a2 -isnot [array]) {
      throw "Both inputs must be an array"
    }
    if ($a1.Rank -ne $a2.Rank) {
      return $false 
    }
    if ([System.Object]::ReferenceEquals($a1, $a2)) {
      return $true
    }
    for ($r = 0; $r -lt $a1.Rank; $r++) {
      if ($a1.GetLength($r) -ne $a2.GetLength($r)) {
            return $false
      }
    }

    $enum1 = $a1.GetEnumerator()
    $enum2 = $a2.GetEnumerator()   

    while ($enum1.MoveNext() -and $enum2.MoveNext()) {
      if ($enum1.Current -ne $enum2.Current) {
            return $false
      }
    }
    return $true
} 
##########################################







cls

[byte[]] $newcode1 = 0x60, 0x00, 0x00, 0x00		#SDAT
[byte[]] $oldcode1 = 0x40, 0x9e, 0x01, 0x20

[byte[]] $newcode2 = 0x4b, 0xff, 0xfe, 0xe8		#SDAT
[byte[]] $oldcode2 = 0x41, 0x9e, 0xfe, 0xe8


[byte[]] $newcode3 = 0x60, 0x00, 0x00, 0x00		#DCX
[byte[]] $oldcode3 = 0x40, 0x9e, 0x00, 0xcc

#----------------------------
#dbgA hooks to call RInt
$dbgAloc = 0x4392f0 -0xF700
[byte[]] $dbgAhook = 0x49, 0x70, 0xd4, 0xc2, 0x60, 0x00, 0x00, 0x00
[byte[]] $dbgAorig = 0x38, 0x60, 0xff, 0xff, 0x4e, 0x80, 0x00, 0x20

#rename GetDbgRandomA to RInt
$dbgAorigNameULoc = 0x16e0fe0 - 0xF700
[byte[]] $dbgAnewNameU = 0x00, 0x52, 0x00, 0x49, 0x00, 0x6e, 0x00, 0x74, 0x00, 0x00, 0x00
[byte[]] $dbgAorigNameU = 0x00, 0x47, 0x00, 0x65, 0x00, 0x74, 0x00, 0x44, 0x00, 0x62, 0x00
$dbgAorigNameALoc = 0x16e3aa0 - 0xF700
[byte[]] $dbgAnewNameA = 0x52, 0x49, 0x6e, 0x74, 0x00
[byte[]] $dbgAorigNameA = 0x47, 0x65, 0x74, 0x44, 0x62

$RIntLoc = 0x170d4c0 - 0xF700
[byte[]] $RIntCode = 0x3c, 0x60, 0x01, 0xb4, 0x60, 0x63, 0x9c, 0x38, 0x80, 0x63, 0x00, 0x00, 0x80, 0x63, 0x00, 0x00, 0x4e, 0x80, 0x00, 0x20, 0x60, 0x00, 0x00, 0x00
[byte[]] $RIntOrig = 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
#-------------------------------------------
#$dbgB hooks to call WInt
$dbgBloc = 0x4392f8 - 0xF700
[byte[]] $dbgBhook = 0x49, 0x70, 0xd5, 0x02, 0x60, 0x00, 0x00, 0x00
[byte[]] $dbgBorig = 0x38, 0x60, 0xff, 0xff, 0x4e, 0x80, 0x00, 0x20

$dbgBorigNameULoc = 0x16e1000 - 0xF700
[byte[]] $dbgBnewNameU = 0x00, 0x57, 0x00, 0x49, 0x00, 0x6e, 0x00, 0x74, 0x00, 0x00, 0x00
[byte[]] $dbgBorigNameU = 0x00, 0x47, 0x00, 0x65, 0x00, 0x74, 0x00, 0x44, 0x00, 0x62, 0x00
$dbgBorigNameALoc = 0x16e3ab0 - 0xF700
[byte[]] $dbgBnewNameA = 0x57, 0x49, 0x6e, 0x74, 0x00
[byte[]] $dbgBorigNameA = 0x47, 0x65, 0x74, 0x44, 0x62

$WIntLoc = 0x170d500 - 0xF700
[byte[]] $WIntCode = 0x3c, 0x60, 0x01, 0xb4, 0x60, 0x63, 0x9c, 0x38, 0x80, 0x63, 0x00, 0x00, 0x3c, 0x80, 0x01, 0xb4, 0x60, 0x84, 0x9c, 0x3c, 0x80, 0x84, 0x00, 0x00, 0x90, 0x83, 0x00, 0x00, 0x4e, 0x80, 0x00, 0x20, 0x60, 0x00, 0x00, 0x00
[byte[]] $WIntOrig = 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
#-------------------------------------------
#$ShowRankingDialog hooks to call SLoc
$srdLoc = 0x0043e740 - 0xF700
[byte[]] $srdHook = 0x49, 0x70, 0xd5, 0x42, 0x60, 0x00, 0x00, 0x00
[byte[]] $srdOrig = 0x7c, 0x83, 0x23, 0x78, 0x7c, 0x08, 0x02, 0xa6

$srdOrigNameULoc = 0x016dfd08 - 0xF700
[byte[]] $srdNewNameU = 0x00, 0x53, 0x00, 0x4c, 0x00, 0x6f, 0x00, 0x63, 0x00, 0x00, 0x00
[byte[]] $srdOrigNameU = 0x00, 0x53, 0x00, 0x68, 0x00, 0x6f, 0x00, 0x77, 0x00, 0x52, 0x00
$srdOrigNameALoc = 0x016e3038 - 0xF700
[byte[]] $srdNewNameA = 0x53, 0x4c, 0x6f, 0x63, 0x00
[byte[]] $srdOrigNameA = 0x53, 0x68, 0x6f, 0x77, 0x52

$SLocLoc = 0x170d540 - 0xF700
[byte[]] $SLocCode = 0x3c, 0x60, 0x01, 0xb4, 0x60, 0x63, 0x9c, 0x38, 0x90, 0x83, 0x00, 0x00, 0x4e, 0x80, 0x00, 0x20, 0x60, 0x00, 0x00, 0x00
[byte[]] $SLocOrig = 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
#-------------------------------------------
#$ShowRankingDataModel hooks to call SVal
$srdmLoc = 0x00444598 - 0xF700
[byte[]] $srdmHook = 0x49, 0x70, 0xd5, 0x82, 0x60, 0x00, 0x00, 0x00
[byte[]] $srdmOrig = 0xf8, 0x21, 0xff, 0x81, 0x7c, 0x08, 0x02, 0xa6

$srdmOrigNameULoc = 0x016dfd58 - 0xF700
[byte[]] $srdmNewNameU = 0x00, 0x53, 0x00, 0x56, 0x00, 0x61, 0x00, 0x6c, 0x00, 0x00, 0x00
[byte[]] $srdmOrigNameU = 0x00, 0x53, 0x00, 0x68, 0x00, 0x6f, 0x00, 0x77, 0x00, 0x52, 0x00
$srdmOrigNameALoc = 0x016e3068 - 0xF700
[byte[]] $srdmNewNameA = 0x53, 0x56, 0x61, 0x6c, 0x00
[byte[]] $srdmOrigNameA = 0x53, 0x68, 0x6f, 0x77, 0x52

$SValLoc = 0x170d580 - 0xF700
[byte[]] $SValCode = 0x3c, 0x60, 0x01, 0xb4, 0x60, 0x63, 0x9c, 0x3c, 0x90, 0x83, 0x00, 0x00, 0x4e, 0x80, 0x00, 0x20, 0x60, 0x00, 0x00, 0x00
[byte[]] $SValOrig = 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
#-------------------------------------------
#GetSummonBlackResult hooks to call GetChrInsFrom Id
$gsblNameULoc = 0x16dfaf0 - 0xF700
$gsblNameALoc = 0x16e2f10 - 0xF700
$gsblCodeLoc = 0x4128c0 - 0xF700

[byte[]] $gsblCode = 0x3c, 0x60, 0x01, 0xb4, 0x60, 0x63, 0x9c, 0x3c, 0x80, 0x83, 0x00, 0x00, 0x3c, 0x60, 0x01, 0xb3, 0x60, 0x63, 0xd6, 0xe0, 0x80, 0x63, 0x00, 0x00, 0x48, 0x29, 0x6b, 0xba
[byte[]] $gsblOrig = 0xf8, 0x21, 0xff, 0x81, 0x7c, 0x08, 0x02, 0xa6, 0xf8, 0x01, 0x00, 0x90, 0x80, 0x63, 0x00, 0x14, 0x38, 0x00, 0xff, 0xff, 0x2f, 0x83, 0x00, 0x00, 0x78, 0x63, 0x00, 0x20
#-------------------------------------------
$dbgMenuCodeLoc = 0x16f444 - 0xf700
[byte[]] $dbgMenuCode = 0x4b, 0xfe, 0xd4, 0x35
[byte[]] $dbgMenuOrig = 0x48, 0x01, 0xc3, 0x8d
#-------------------------------------------






cls
if ($size -eq 9602848) {
	"EBOOT.BIN size too small, decrypt and decompress before running this script."
} else {
	if ((RUint32 (0x66af08 - 0xF700)) -eq [UInt32]"0x20019e40") {
		"Original bytes found, patching in new code."
		WBytes (0x66af08 -0xF700) $newcode1
		WBytes (0x66b024 -0xF700) $newcode2
		WBytes (0x66aefc -0xF700) $newcode3
		
		WBytes $dbgAorigNameULoc $dbgANewNameU
		WBytes $dbgAorigNameALoc $dbgANewNameA
		WBytes $dbgAloc $dbgAhook
		WBytes $RIntLoc $RIntCode
		
		WBytes $dbgBorigNameULoc $dbgBNewNameU
		WBytes $dbgBorigNameALoc $dbgBNewNameA
		WBytes $dbgBloc $dbgBhook
		WBytes $WIntLoc $WIntCode
		
		WBytes $srdOrigNameULoc $srdNewNameU
		WBytes $srdOrigNameALoc $srdNewNameA
		WBytes $srdLoc $srdHook
		WBytes $SLocLoc $SLocCode
		
		WBytes $srdmOrigNameULoc $srdmNewNameU
		WBytes $srdmOrigNameALoc $srdmNewNameA
		WBytes $srdmLoc $srdmHook
		WBytes $SValLoc $SValCode
		
		WStrU $gsblNameULoc ("GetChrFromId" + [char]$null)
		WStrA $gsblNameALoc ("GetChrFromId" + [char]$null)
		WBytes $gsblCodeLoc $gsblCode 
		
		WBytes $dbgMenuCodeLoc $dbgMenuCode
		
		[System.IO.File]::WriteAllBytes($path, $ba)
		"Bytes written successfully"
		""
		pause
	} else {
		if ((RUint32 (0x66af08 - 0xF700)) -eq [UInt32]"0x00000060") {
			"Patched bytes found, restoring original code."
			WBytes (0x66af08 -0xF700) $oldcode1
			WBytes (0x66b024 -0xF700) $oldcode2
			WBytes (0x66aefc -0xF700) $oldcode3
			
			WBytes $dbgAorigNameULoc $dbgAOrigNameU
			WBytes $dbgAorigNameALoc $dbgAOrigNameA
			WBytes $dbgAloc $dbgAorig
			WBytes $RIntLoc $RIntOrig

			WBytes $dbgBorigNameULoc $dbgBOrigNameU
			WBytes $dbgBorigNameALoc $dbgBOrigNameA
			WBytes $dbgBloc $dbgBorig
			WBytes $WIntLoc $WIntOrig

			WBytes $srdOrigNameULoc $srdOrigNameU
			WBytes $srdOrigNameALoc $srdOrigNameA
			WBytes $srdLoc $srdOrig
			WBytes $SLocLoc $SLocOrig
			
			WBytes $srdmOrigNameULoc $srdmOrigNameU
			WBytes $srdmOrigNameALoc $srdmOrigNameA
			WBytes $srdmLoc $srdmOrig
			WBytes $SValLoc $SValOrig
			
			WStrU $gsblNameULoc ("GetSummonBlackResult" + [char]$null)
			WStrA $gsblNameALoc ("GetSummonBlackResult" + [char]$null)
			WBytes $gsblCodeLoc $gsblOrig 
			
			WBytes $dbgMenuCodeLoc $dbgMenuOrig
			
			[System.IO.File]::WriteAllBytes($path, $ba)
			"Bytes written successfully"
			""
			pause
		} else {
			"Unrecognized bytes found hook at location, no changes made."
			"Has EBOOT.BIN been resigned as NONDRM?"
			""
			pause
		}
	}
}