[coolbho3000]

Thanks for clearing that up masud.

[masud]

Just some new info: this hack doesn't break RSA, it only uses an exploit found on wii firmware so it CAN be fixed by nintendo wherever they want. So it is my advice not to update your wii because this tool can open many doors: downgrade, custom firmware, etc... If Nintendo fixes this bug in a firmware update discs signed with this tool will stop working.

[IBNobody]

Has anyone verified this yet?

[Jackreyes]

yeah but channels and or VC games they couldn't fix... could they?

[IBNobody]

Here is more info.

Translated from spanish since the hacker is Chilean.

[tjas]

So.. lets take out the blood and gore effects of no more heroes ntcs and put them in the pal iso! :D

[IBNobody]

So.. lets take out the blood and gore effects of no more heroes ntcs and put them in the pal iso! :D

<{POST_SNAPBACK}>

That's definitely possible.

You'll also be able to run your own homebrew from the system menu via VC titles. The RSA exploit that they are talking about is that pervasive!

If it works... I'll test it when I get home.

EDIT: Well... I can't seem to extract the keys from the WADs using that keyfinder that searches for the MD5 summed bytes. I wonder if I need to do anything else to them...

Edited by IBNobody, 27 February 2008 - 12:25 AM.

[cheesyPOOF5]

I don't completely understand what this does...
Does it just allow people to modify their ISOs and burn them back to discs?
At first I thought it allowed for burned ISOs to be played without a modchip, but that sounds WAY too good to be true...

[coolbho3000]

So anyone got the resigning to work yet?

[MC DUI]

This sounds awesome!

Especially the possibilities of better region-free, homebrew, free VC, and reduction in ISO sizes.

Somebody should submit this as site news.

[Issac]

I don't completely understand what this does...
Does it just allow people to modify their ISOs and burn them back to discs?
At first I thought it allowed for burned ISOs to be played without a modchip, but that sounds WAY too good to be true...

<{POST_SNAPBACK}>

I second this question... what does it really do? (yes i've read this thread through, and still don't know what it'll be good for...)

[MC DUI]

I don't completely understand what this does...
Does it just allow people to modify their ISOs and burn them back to discs?
At first I thought it allowed for burned ISOs to be played without a modchip, but that sounds WAY too good to be true...

<{POST_SNAPBACK}>

I second this question... what does it really do? (yes i've read this thread through, and still don't know what it'll be good for...)

<{POST_SNAPBACK}>

If I understand it correctly it will allow you to modify a Wii ISO and then sign it with this program so that it can boot it a modified (chipped) Wii console.
People are also speculating that we will be able to create homebrew ISOs and sign them in order to boot.

[Monkey01]

I think I finally understand how to get those keys. Still don't know how the program works though...

First you need the key.bin file from those other wii iso decrypt programs.
Open that in a hex editor, you'll see something starting with EB E4 ...
Edit the reg file and put that key as the common key, seperating with ,'s.
Execute the reg file and open the program.
You should now be able to open an iso file and check what's inside it.
Find an iso that contains the files
RVL-WiiSystemmenu-v226.wad
IOS21-64-v514.wad
BOOT2-v2-64.wad
(or .wad.out.wad is fine too I think, not sure, I think I got most of m from galaxy)
Now extract all those files (RightClick->Extract) to a folder and put the key.bin in the same folder.
Now find the program DesWad on the Italian site and create des files from the wad files.
Now open the keyfinder and fill in the MD5 codes of the keys in the small textfield and open the file in which the key should be:
4582417d623c81fca07a46a570c8969e->RVL-WiiSystemmenu-v226.des
d9f2b2e045d22d3805a67fe0c340ccd2->RVL-WiiSystemmenu-v226.des
ef33e224e45c8d8c35ce32d8a810b603->IOS21-64-v514.des
8D1A2EBCD82A3469B77FACF15D9C8E50->BOOT2-v2-64.des

I recommend starting with the third one, cause the first two will take ages to find and if you did something wrong it's a waste of time.
When finished succesfully it will say something like:

KeyFinder Log:

Nombre del fichero: C:\Documents and Settings\Monkey\Bureaublad\RVL-WiiSystemmenu-v226.des
Tamaño del fichero: 23363584 Bytes
Offset de la llave: $157E4A8
Se ha creado el fichero key.bin en el directorio: C:\Documents and Settings\Monkey\Bureaublad\4582417D623C81FCA07A46A570C8969E

Now open that folder and a key.bin will be in there too. Now reëdit the reg file and insert the key.
Now open the reg file again.

I have no idea what to do next.
Euw, I think you need to Right-Click a partition and Trucha Sign It! But as the replace thing doesn't work dunno if that's it. Wasn't there another tool with which you could change stuff but not sign it earlier? http://www.tehskeen.com/modules.php?name=D...article&id=1881?

Edited by Monkey01, 27 February 2008 - 03:20 AM.

[IBNobody]

It works!

Well... Sorta...

There is apparently a bug in the program that prevents you from replacing files.

However, I was able sign a copy of RE4 from...
1235CB29693D7B52B63D60103A7D4F47

...to...

C69CF3F3EB51F353C01FF5A45BCA2430

And yes, it booted fine.

Edited by IBNobody, 27 February 2008 - 03:10 AM.

[IBNobody]

I think I finally understand how to get those keys. Still don't know how the program works though...

First you need the key.bin file from those other wii iso decrypt programs.
Open that in a hex editor, you'll see something starting with EB E4 ...
Edit the reg file and put that key as the common key, seperating with ,'s.
Execute the reg file and open the program.
You should now be able to open an iso file and check what's inside it.
Find an iso that contains the files
RVL-WiiSystemmenu-v226.wad
IOS21-64-v514.wad
BOOT2-v2-64.wad
(or .wad.out.wad is fine too I think, not sure, I think I got most of m from galaxy)
Now extract all those files (RightClick->Extract) to a folder and put the key.bin in the same folder.
Now find the program DesWad on the Italian site and create des files from the wad files.
Now open the keyfinder and fill in the MD5 codes of the keys in the small textfield and open the file in which the key should be:
4582417d623c81fca07a46a570c8969e->RVL-WiiSystemmenu-v226.des
d9f2b2e045d22d3805a67fe0c340ccd2->RVL-WiiSystemmenu-v226.des
ef33e224e45c8d8c35ce32d8a810b603->IOS21-64-v514.des
8D1A2EBCD82A3469B77FACF15D9C8E50->BOOT2-v2-64.des

I recommend starting with the third one, cause the first two will take ages to find and if you did something wrong it's a waste of time.
When finished succesfully it will say something like:

KeyFinder Log:

Nombre del fichero: C:\Documents and Settings\Monkey\Bureaublad\RVL-WiiSystemmenu-v226.des
Tamaño del fichero: 23363584 Bytes
Offset de la llave: $157E4A8
Se ha creado el fichero key.bin en el directorio: C:\Documents and Settings\Monkey\Bureaublad\4582417D623C81FCA07A46A570C8969E

Now open that folder and a key.bin will be in there too. Now reëdit the reg file and insert the key.
Now open the reg file again.

I have no idea what to do next.
Euw, I think you need to Right-Click a partition and Trucha Sign It! But as the replace thing doesn't work dunno if that's it. Wasn't there another tool with which you could change stuff but not sign it earlier?

<{POST_SNAPBACK}>

Any clues on getting DesWad working? That's what's been hanging me up for awhile now.