Hacking Mario galaxy hack possibilities

[om123]

FIRST OF ALL, NO WHINERS,TROLLS OR CRY BABIES. Keep this a discussion about Mario galaxy hacking; respect all ideas.

WE should compile a list of all possible hack techniques so people with iso's can try them. First thing is DONT use the mario galxy update until we gather enough info.

What we know:
=mario galaxy doesnt show intro screen without updating (similar to mp3)
=Hacked wii's can reach intro screen but on boot it fails.
=intro screen is the inter mingling between disk code and firmware code,Firmware can read region+disk id, firmware runs the intro program,intro program needs some firmware code(see mp3's 10% hack), intro program boots main binary.
=Code is encrypted on wii disks except disk info and partion table.
=moded wii's get the 001 error but can still run the game
=other backups run fine, not mario galaxy (game id check? or is it intro code)

Conclusions:
Modchip detection is during the firmwrae - intro communication stage
update controls some of this communication

steps to take:
replace intro screen code withanother games intro screen:
=find intro screen code section in mario galaxy + other game
=transplant code.

This hack may not work after mario galxy update since if it detects mario galxay game id; so change the id since the firmware start the disk check with only mario galaxy.

Please add more ideas, iso people please help implement these hacks.

 

[Frankdux]

Ok I dont have the game. But., did we not have this same problem or similar one, when the Wii update 3.0 came out and Wiikeys and others were being detected.

Was it not just a simple Gcos boot loader disc that was used to load the games until new Wiikey firmware came out or somthin?

Has anyone tried using a Gcos boot disc ?

 

[om123]

Thats game cube game id detection, im talking about a wii game.

 

[spyke]

Ok I dont have the game. But., did we not have this same problem or similar one, when the Wii update 3.0 came out and Wiikeys and others were being detected.

Was it not just a simple Gcos boot loader disc that was used to load the games until new Wiikey firmware came out or somthin?

Has anyone tried using a Gcos boot disc ?

wiikey runs in gamecube mode, so it wont help with galaxy to get around it using gcos.

 

[saygun]

this technic doesn't work i have already test dat whis jap game working on wii pal and wii game don't working on wii pal

the console say error

 

[Frankdux]

YES and if u use the Wiikey setup disc with has the Gcos on it, u can load Wii backups. I had to do that when I did an update to 3.0u so I could load the Wiikey firmware cd and other games..

im going to get the game right now, and try it,, back in a while

 

[om123]

Once again Super mario galaxy talk please, btw there could be a hardware side to this hack since the original detects mods.

People should try the iso on a D2c with d2C key since its a new hack that nintendo might have not planned for.

 

[Mr_Grinch]

I've got a couple of things to try other than swapping the update partitions

Firstly, someone with an original, boot the original and get in to the game. Hit home and then press eject. Replace the original with the backup. Press home to go back in to the game. Play for a bit and see if it has any trouble accessing the disc.

Secondly, someone with an original NTSC copy and a Pal Wii (modded). Obviously not gonna be many of those about, but try running the original game on the modded Pal Wii. The chip will NEED to be active to patch the region code.

 

[om123]

GCOS CANT BOOT WII SOFTWARE!!!!

 

[Shinji1989]

I've got a couple of things to try other than swapping the update partitions

Firstly, someone with an original, boot the original and get in to the game. Hit home and then press eject. Replace the original with the backup. Press home to go back in to the game. Play for a bit and see if it has any trouble accessing the disc.

Secondly, someone with an original NTSC copy and a Pal Wii (modded). Obviously not gonna be many of those about, but try running the original game on the modded Pal Wii. The chip will NEED to be active to patch the region code.

Really interessting, if the game works with the burned version after starting it with the original...
I've a modded PAL Wii and I'm downloading it right now.. I'll try to start it when it finished downloading

 

[Mr_Grinch]

I've got a couple of things to try other than swapping the update partitions

Firstly, someone with an original, boot the original and get in to the game. Hit home and then press eject. Replace the original with the backup. Press home to go back in to the game. Play for a bit and see if it has any trouble accessing the disc.

Secondly, someone with an original NTSC copy and a Pal Wii (modded). Obviously not gonna be many of those about, but try running the original game on the modded Pal Wii. The chip will NEED to be active to patch the region code.



Really interessting, if the game works with the burned version after starting it with the original...
I've a modded PAL Wii and I'm downloading it right now.. I'll try to start it when it finished downloading

Nah, I meant the original on a Pal. Copy on a Pal will likely have the same affect as a copy on NTSC.

 

[Bruinbaard]

They should make some kind of ID changing keygen also

 

[unr]

If I understand how drivechips work, it is something like that (anybody can confirm?):

Drivechip   DVD
 \      Â|
  \     Â\/ Unmodified game date
   \    Â|
   Â_|   Â|
     \  Â|
      \ Â\/
       \|
       Â|
       Â|
       \/ Modified game data
       Â|
       Â|
       \/
       Â|
   ÂWii motherboard

Then drivechips can be detected only by checking modified values. Region patching is done by modifying one hex value (AFAIK) and Ninty might be checking for that.

Drivechips also send a signal that disk is indeed valid. Nintendo could be trying to execute a bit of unsigned code at first (e.g. to display the error message) and if it is executed properly, everything else stalls.

Also notice how error message is only displayed after running the game, not in Wii`s menu. This means that nintendo is probably utilizing DVD drive for modchip detection.

 

[om123]

The only data that is moded is region data, ntsc's cant un the backup. Drive chips modify drive controller memory something seen as off limits to the main cpu until now...

 

[Mr_Grinch]

Replacing update partition with the Metroid Prime 3 pal update partition did little. it did the update from the partition I replaced, rebooted and then just gave me a black screen when booting Mario Galaxies (like it does if you remove the partition with Brickblocker)

 

[om123]

Seems the games intro need sthat update, if we could find and replace the intro code that should do it (assuming all intros boot the main disk in the same way).

 

[om123]

Id be grateful if some ISO collector would compare jap,us,pal iso's of mp3/other games.

i would assume a chunk of code should be on its own and pop up as similar in all the isos is the intro (with jap version being the most changed).

 

[raulpica]

No no... We can't just replace code like that. We need to understand if there's actually something against modchips or not.

The first thing to do is to try the game on a D2CKey, because that's different from the all other modchips, and so it might work.

If it works, we have some more hints to work on.

 

[Mr_Grinch]

Yeah, you can't just replace code. The code is signed,altering it will break the signature. The most we can do it swap around the update partitions it seems.

Personally I see it as something is being missed when it's ripped.

 

[raulpica]

Yeah, you can't just replace code. The code is signed,altering it will break the signature. The most we can do it swap around the update partitions it seems.

Personally I see it as something is being missed when it's ripped.

Yeah,... But if something is really missing, it shouldn't show that message, but it should just hang.

I don't think that an effectively copy-protection method is relying on a file.

Or it's a support check, and they have started using new supports that aren't compatible with standard DVDs, or they can really detect modchips by seeing if RAM is modified on the support check.