Brute forcing? I hope you have enough power and sense to know how to do that. You're going to at least have a few plaintext strings first.
Good stuff. I just caught up. I'd love to see how people read it (wiring). I'll look at TSK's pics again.
Every time someone talks about bruteforcing an AES key on GBAtemp, Schneier kills a kitten.
Please think of the kittens.
Please think of the kittens.
"The average cost for electricity in the US is $0.12 per kWh. For a single server I'll use 3741 kWh annually as an estimate. That would be about $450 per year for one machine.
Let's say you can do 1014 decryptions per second. That is 3.15∗1021 decrypts per year for one machine. You need to do (on average) 2255 decryptions in a year, so you would need 22553.15∗1021≈1.84∗1055 machines. To figure your cost you would multiply that by $450 and get about $8∗1057 or 8 octodecillion dollars. World GDP is about 63∗1012, so brute-forcing a 256-bit key would cost about 1044 times the world GDP.
You can follow similar math to get the cost of brute forcing a 128-bit key."
Let's say you can do 1014 decryptions per second. That is 3.15∗1021 decrypts per year for one machine. You need to do (on average) 2255 decryptions in a year, so you would need 22553.15∗1021≈1.84∗1055 machines. To figure your cost you would multiply that by $450 and get about $8∗1057 or 8 octodecillion dollars. World GDP is about 63∗1012, so brute-forcing a 256-bit key would cost about 1044 times the world GDP.
You can follow similar math to get the cost of brute forcing a 128-bit key."
And that would be for just ONE console specific key.
If you want to transfer stuff to test if it were possible, you would need a second console specific key (double the fun/time/cost).
On the matter of backup /restore, I would have more confidence if people understood NAND(wear-leveling and many more control/data pins) vs EMMC ( NAND w/controller interface) with a lot less pins.
What serial flash is/was?
How many memory chips may have to be in sync to avoid a brick?
What to do if the NAND has a wear-leveling problem?
How to verify you have (a) good dump(s)?
Or simply, that you can't easily access an 8 bit bus when only 4 bits(D0-D3) are used.
AES-256 is the standardized encryption specification. It's used worldwide by everyone from corporations to the US government. It's largest key size is 256 bits. This means that the key, the thing that turns encrypted data into unencrypted data, is string of 256 1s or 0s.
With each character having two possibilities (1 or 0), there are 2256 possible combinations. Typically, only 50% of these need to be exhausted to yield the correct key, so only 2255 need to be guessed. How long would it take to flip through each of the possible keys?
When doing mundane, repetitive calculations (such as brute-forcing or bitcoin mining), the GPU is better suited than the CPU. A high-end GPU can typically do about 2 billion calculations per second (2 gigaflops). So, we'll use GPUs.
Say you had a billion of these, all hooked together in a massively parallel computer system. Together, they could perform at 2e18 flops, or
2 000 000 000 000 000 000 keys per second (2 quintillion)
1 billion gpus @ 2 gigaflops each (2 billion flops)
Since there are 31 556 952 seconds in a year, we can multiply by that to get the keys per year.
*31 556 952 =6.3113904e25 keys per year (~10 septillion, 10 yottaflops)
Now we divide 2255 combinations by 6.3113904e25 keys per year:
2^255 / 6.3113904e25 =9.1732631e50 years
The universe itself only existed for 14 billion (1.4e10) years. It would take ~6.7e40 times longer than the age of the universe to exhaust half of the keyspace of a AES-256 key.
Also, in the second article you linked, it said the flaw in AES could cause the time required to find the key to be 5 times faster than brute force. That's still longer than even feasible.
With each character having two possibilities (1 or 0), there are 2256 possible combinations. Typically, only 50% of these need to be exhausted to yield the correct key, so only 2255 need to be guessed. How long would it take to flip through each of the possible keys?
When doing mundane, repetitive calculations (such as brute-forcing or bitcoin mining), the GPU is better suited than the CPU. A high-end GPU can typically do about 2 billion calculations per second (2 gigaflops). So, we'll use GPUs.
Say you had a billion of these, all hooked together in a massively parallel computer system. Together, they could perform at 2e18 flops, or
2 000 000 000 000 000 000 keys per second (2 quintillion)
1 billion gpus @ 2 gigaflops each (2 billion flops)
Since there are 31 556 952 seconds in a year, we can multiply by that to get the keys per year.
*31 556 952 =6.3113904e25 keys per year (~10 septillion, 10 yottaflops)
Now we divide 2255 combinations by 6.3113904e25 keys per year:
2^255 / 6.3113904e25 =9.1732631e50 years
The universe itself only existed for 14 billion (1.4e10) years. It would take ~6.7e40 times longer than the age of the universe to exhaust half of the keyspace of a AES-256 key.
Also, in the second article you linked, it said the flaw in AES could cause the time required to find the key to be 5 times faster than brute force. That's still longer than even feasible.
https://www.schneier.com/blog/archives/2011/08/new_attack_on_a_1.html
Also furthermore, im more concerned with dumping and reflashing the nand/emmc at this point anyways to see if its possible. Lets not get ahead of ourselves
Also furthermore, im more concerned with dumping and reflashing the nand/emmc at this point anyways to see if its possible. Lets not get ahead of ourselves
The point is, don't hope to get the keys by brute force. But good luck with the dumping, I'm sure it will be very useful.
Btw, your key(s) will ALWAYS be in the last place you look.
why? because if after you found the key(s) you keep looking, you are a moron! 
The point of this was never to naively try to brute force anything. I saw Marcan showed up. The as key and others are known for the vWii. I don't know enough to understand the key aspect. My only point of reference is the 360 and the 3ds. I have not caught up on the 3ds scene since the 7.x firmware.
Okay, i see what you're saying. I guess i was misinformed then. Perhaps, i should revert back to the original plan, a MITM attack. Either that or trying to bit bang for the key and dump it that way....
Anyways, lets see if its possible to get an accurate dump of the nand and flash it back before we try and get any keys...
The original plan is my OP. If you want to do something by yourself then please keep it to yourself. When you mention brute forcing keys and MITM "attacks" that are not possible (0.0000000000000000000000000000000000000000000000000000001% chance to be accurate) it derails the thread and turns some people off as it is obviously not possible. There is nothing complicated about this. Maybe start your own thread about brute forcing keys and MITM attacks. The pictures you posted were good. I'd actually like to see others who have read (and written in time) their emmc/nand post pics of their "setup." I am not saying any of this to be mean but it derails and is really silly.
If anyone has (shares I should say) how to look at what is in the reads then that would be great. If it could ever be like the 360 or Wii then that would be a win in my mind. If you can contribute within the scope of the OP then please do so. It seemed like you were on your way (from your pictures). Otherwise, there is no team, there is no plan to "hack." This is simply about using a hardware angle to get some safety and MAYBE flexibility if people could revert.
Okay fair enough
. I'll keep the key stuff out of the discussion. Lets just focus on dumping and reflashing official NAND images. IF I decide to pursue the console specific keys, I will create a brand new thread for that aspect.Once I get a new power/eject cable, I will attempt to dump my NAND. If the dumping process starts, I will make a quick video of it running. Once that's done, I can attempt to flash it back as we have NOTHING to compare the image to see if it dumped properly. Again, if the console bricks, its not the end of the world. I can get a new console altogether with my tax refund if need be.
I'm willing to sacrifice my current console for this cause. With nothing to compare the NAND image too, the only way to find out if its valid would be to attempt to reflash it.
not gonna lie i was dissapointed to see bullshit on this thread again (as per usual) but with your comment you made it more bairable hahaa ^^^^^^
Okay fair enough
Once I get a new power/eject cable, I will attempt to dump my NAND. If the dumping process starts, I will make a quick video of it running. Once that's done, I can attempt to flash it back as we have NOTHING to compare the image to see if it dumped properly. Again, if the console bricks, its not the end of the world. I can get a new console altogether with my tax refund if need be.
I'm willing to sacrifice my current console for this cause. With nothing to compare the NAND image too, the only way to find out if its valid would be to attempt to reflash it.
why dont you just wait instead of getting ahead of yourself?? uve told us many many times about your power eject button so basically this thread isnt goin anywhere anytime soon. but yet we still have people repeating themselfs!! i do appriciate the minor things you do. but it would be nice to come to this site and either see NEW news or NO news
alright, if someone can shed some light on this for me (yes do my homework for me i guess) I am willing to wipe out my kids Wii U (they don't play it, much anyway) and I would like to delete all data from it, is there a factory restore option? I would be willing to share with those who are qualified (ie - actual Devs, meaning if you have no idea what to do with it, it's not for you) to try and minimize the effect of it being seen and my serial being blacklisted or worse yet getting a letter from someone telling me to stop being mean to their console. Time frame? Don't know, sometime in the next week. I downloaded most of the games on my unit, I have 2 64GB memsticks in it as well holding downloaded games, and they are pretty full as well. This has been the main reason for not f-ing with it, as thats a bit of cash in DL's I don't want to lose, let alone I will have to re-download some, if not all.
It's a 32GB unit purchased last Sept / October time frame, came with a 4.x firmware if I recall. Would love to know if that original firmware is still in there, also can anyone tell me sizes to look for and will HxD allow me to to do chip/partition select (worse case I stick a toggle switch on it with pull up and pull down and just manually select if we are just blind reading..) ? I am used to doing a straight JTAG or SPI to dump, the card reader approach seemed to work, but I did get multiple diff file sizes on all of my attempts. I am extending my hand to whoever wants to work on this --- is it possible (and again I mean no offense) to move this out of the daylight for a minute? We should know relatively fast whether or not a straight dump (a good one) and reflashing will work. But I will say its not worth going it alone, and not worth having someone blow smoke up my tush either --
The chips controller is an 8051 microcontroller, which if you look will see it was hacked to pieces long ago, I think it was actually used in some early CAMs / Smart cards back in the day.
It's a 32GB unit purchased last Sept / October time frame, came with a 4.x firmware if I recall. Would love to know if that original firmware is still in there, also can anyone tell me sizes to look for and will HxD allow me to to do chip/partition select (worse case I stick a toggle switch on it with pull up and pull down and just manually select if we are just blind reading..) ? I am used to doing a straight JTAG or SPI to dump, the card reader approach seemed to work, but I did get multiple diff file sizes on all of my attempts. I am extending my hand to whoever wants to work on this --- is it possible (and again I mean no offense) to move this out of the daylight for a minute? We should know relatively fast whether or not a straight dump (a good one) and reflashing will work. But I will say its not worth going it alone, and not worth having someone blow smoke up my tush either --
The chips controller is an 8051 microcontroller, which if you look will see it was hacked to pieces long ago, I think it was actually used in some early CAMs / Smart cards back in the day.
Uploading that dump (even after wiping it) would still be a copyright violation as it contains Copywritten Nintendo code (CafeOS etc), what I suggest is if you have a friend IRL who's willing to dump/let you dump his/her NAND for comparison, do that.
If you were getting different file sizes every time you dumped it, that's not a good sign. It could just be that its switching between storage and the actual firmware etc, or it could be that the dumps are horribly inaccurate. If you could rig a toggle switch to see if you can control which portion gets dumped, then we can test that theory.
As for the "factory restore" it just wipes out any dlc, games you downloaded etc from both Wii U mode and vWii Mode, it doesn't actually wipe the NAND or anything like that. Your firmware will remain the same as that isn't touched when you "restore" the console. Console makers are too smart for that XD
Something I'd be interested in seeing if anyone's able: proof that you can downgrade the system version using hardware by flashing back the eMMC and NAND, as a proof of concept that it is actually possible.
Similar threads
-
-
-
-
-
-
-
-
-
-
-
-
-
@
BigOnYa:
Anybody here have a Xbox series S and a series X, is the performance difference noticeable? Not worried about 4k. I have a series X but not a series S and was curious. (Reason- I was thinking of buying a series S for a second tv, for when grandkids come over, to keep them off my X) -
-
-
-
-
-
-
-
-
-
-
-
