Hacking [Semi-working] NFS2ISO2NFS - convert nfs to iso and back

[victormr21]

Mario Kart Wii successfully injected

I use the "New Super Mario Bros. Wii" to do the template, the beginning is a black screen
Then I copied Xenoblade Chronicles' "fw.img" and "fw.tmd" to cover the code folder and worked well

Share The Meta Image

Did you use original MKWii's tik and tmd files?

 

[cucholix]

Still getting black screen after the Wii white logo, my copy of the game is 1:1 riped directly from the disc itself with CleanRip.
I followed all the steps:

• Get clean ISO from No More Heroes 2 Desperate Struggle
• Delete the update partition with Wiiscrubber
• Extracted the files with Wiiscrubber, renamed rvlt.tik/rvlt.tmd (made sure it wasn't rvlt.tik.bin/rvlt.tmd.bin)
• Got the code/content/meta/ from Xenoblade Chronicles
• nfs2iso2nfs the ISO, output 17 nfs files, copied them over content folder
• Packed with nuspacker from the OP (iHaveamac ver)
• Installed with WUP Installer Y mod
• Not a single warning during the whole process

The only things I modified was the meta.xml (to it to show the actual title name) and app.xml to change the title ID

 

[Tock46]

Same happened to me with an ISO which was a bad rip.

 

[Ponyboy]

Haven't tried this yet, but does multiplayer work with the injected Wii VC's? Can I connect extra Wii remotes for a game like Mario Kart Wii?

 

[TheKitof]

There are some informations about wiimote emulation in this thread : https://gbatemp.net/threads/hai-wii-vc-cmpt-hacking-thread.454557/

 

[cucholix]

Same happened to me with an ISO which was a bad rip.

I dumped an original copy with CleanRip

 

[Billy Acuña]

Hope @JaGoTu10 could return to help us with wiimote emulation.

 

[fejich]

Did you use original MKWii's tik and tmd files?

Extract From The ISO file,Everything follows the teaching operation

 

[sabykos]

Shouldn't it be possible to reduce the total size of the nfs files to something about as big as an wbfs without fucking up the signature? I mean the legit Wii VCs do this aswell, the header specifies how the game is compressed. As long as the WiiU gets a clean iso after decompressing according to the header and decrypting it should. Of course you would still need a clean iso as base, but you would save a lot of space.

--------------------- MERGED ---------------------------

And concerning the tmd file corresponding to the fw.img: Isn't the signature of fw.img checked by the WiiU and not by the vWii? I guess we could just fakesign a patched fw.img, but I might be wrong there.

 

[piratesephiroth]

Shouldn't it be possible to reduce the total size of the nfs files to something about as big as an wbfs without fucking up the signature? I mean the legit Wii VCs do this aswell, the header specifies how the game is compressed. As long as the WiiU gets a clean iso after decompressing according to the header and decrypting it should. Of course you would still need a clean iso as base, but you would save a lot of space

It that was possible, Nintendo wouldn't have repacked (and re-signed) their isos.

And concerning the tmd file corresponding to the fw.img: Isn't the signature of fw.img checked by the WiiU and not by the vWii? I guess we could just fakesign a patched fw.img, but I might be wrong there.

fw.img is a wii IOS (with some weird header) and it has a Wii tmd. The Wii U system doesn't verify it, only vWii does.

 

[sabykos]

It that was possible, Nintendo wouldn't have repacked (and re-signed) their isos.


fw.img is a wii IOS (with some weird header) and it has a Wii tmd. The Wii U system doesn't verify it, only vWii does.

@JaGoTu10 liked your tutorial btw. So he recognized your work. Maybe he's interested in patching the fw.img

 

[pedro702]

from what i know every game exploit is just userland and without being able to isntall well the actual hack that gives kernel acess no homebrew like nintendont or emulators will work afaik. its probably easier to debug the gamepad cios and make one for the real vwii than injecting homebrew on vwii stuff.

 

[VinsCool]

I was wondering.

Sorry if that was asked or tested already, just in case I get yelled at haha.

Has there been tests regarding shrunken ISO conversions? I was curious to compare, for example, a whole nfs converted to ISO (using piratesephiroths version), to a 1:1 ISO, and finally a .wbfs of the same game. There has to be a pattern somewhere, if Nintendo managed to do it themselves, right?

 

[Billy Acuña]

I was wondering.

Sorry if that was asked or tested already, just in case I get yelled at haha.

Has there been tests regarding shrunken ISO conversions? I was curious to compare, for example, a whole nfs converted to ISO (using piratesephiroths version), to a 1:1 ISO, and finally a .wbfs of the same game. There has to be a pattern somewhere, if Nintendo managed to do it themselves, right?

They should sign their isos after patching it to 1:1

 

[piratesephiroth]

I was wondering.

Sorry if that was asked or tested already, just in case I get yelled at haha.

Has there been tests regarding shrunken ISO conversions? I was curious to compare, for example, a whole nfs converted to ISO (using piratesephiroths version), to a 1:1 ISO, and finally a .wbfs of the same game. There has to be a pattern somewhere, if Nintendo managed to do it themselves, right?

"YELLING"
Trimming the iso would reorganize the files and change their positions, moving them to the beginning of the file. This would force the generation of a new tmd that we can't sign because only Nintendo has the private keys for that.

Nintendo just repacked and re-signed, as usual.

 

[VinsCool]

"YELLING"
Trimming the iso would reorganize the files and change their positions, moving them to the beginning of the file. This would force the generation of a new tmd that we can't sign because only Nintendo has the private keys for that.

Nintendo just repacked and re-signed, as usual.

Oh I see then. So our only bet for this would be to bypass the signature check, is that correct?

 

[piratesephiroth]

Oh I see then. So our only bet for this would be to bypass the signature check, is that correct?

Yep. No other way around.
Once we have sigpatches we'll be able to run anything.

 

[sabykos]

"YELLING"
Trimming the iso would reorganize the files and change their positions, moving them to the beginning of the file. This would force the generation of a new tmd that we can't sign because only Nintendo has the private keys for that.

Nintendo just repacked and re-signed, as usual.

I'm still a bit confused. Isn't the signature of game checked AFTER unpacking and decrypting the nfs files?

 

[piratesephiroth]

I'm still a bit confused. Isn't the signature of game checked AFTER unpacking and decrypting the nfs files?

yeah, the nfs files are joined and decrypted in Wii U mode so this isn't verified at all. But the as soon as the decrypted nfs is read in vWii, the signature and integrity of the disc image is verified.

 

[sabykos]

yeah, the nfs files are joined and decrypted in Wii U mode so this isn't verified at all. But the as soon as the decrypted nfs is read in vWii, the signature and integrity of the disc image is verified.

Well, imo that means we can reduce the size of the nfs files via the header:

https://gbatemp.net/threads/help-eggs-sgge-header-of-wii-vc-eshop-games.454489/page-2#post-6953527

After unpacking and decrypting the nfs files the result should be a clean iso again as long as the input iso was clean.