Hacking I can install IOS in vWii! But...

[MysteriousSparrow]

When trying to execute the IOS236 Installer in the OP through the HBC I get a black screen and have to hard reset my vWii (Wii U).
However, when I run it from WiiXplorer, I get an error saying I am missing something.
The WAD is on the root of the SD, and this isn't my first rodeo with Wii homebrew.

 

[MHDEN]

Actually, I was thinking like a WODE or something ... *googles WiiKey fusion* ... oh, mounting it from an SD card. I get it. Sorry.

Anyway, that certainly seems like a workable solution to me ... I just haven't been able to get information out of people who would recognize the drive connector when asking them if it looks like it's the same size or not. I can only hope it is.

No no you are correct .. WODE is what i was thinking . I thought it was wiikey fusion.
The Wii-mini doesnt have an SD . but we should open a new thread . we are getting out of topic here .

 

[Maxternal]

No no you are correct .. WODE is what i was thinking . I thought it was wiikey fusion.
The Wii-mini doesn't have an SD . but we should open a new thread . we are getting out of topic here .

Okay, my quick google search made it look like the fusion had it's own SD card slot but anyway, yes, way off topic now.

(Wii U has a completely different drive interface...no mod chips)

 

[officialjunk]

I dumped the NAND.... but I did it through hardware, not software

could you share details on what hardware you used? i want to learn. i'm looking to buy all the equipment i would need. i figure i may as well learn by hacking the wii since it's pretty well understood. I first would like to learn how to dump and reprogram a nand chip. what do you recommend as the first few steps after that? I have some experience with IDA, know how to program, and used to work in a robotics research lab. is there any particular hardware you recommend? you think the xcom xc-1a is a good investment in general?

 

[Skeet1983]

could you share details on what hardware you used? i want to learn. i'm looking to buy all the equipment i would need. i figure i may as well learn by hacking the wii since it's pretty well understood. I first would like to learn how to dump and reprogram a nand chip. what do you recommend as the first few steps after that? I have some experience with IDA, know how to program, and used to work in a robotics research lab. is there any particular hardware you recommend? you think the xcom xc-1a is a good investment in general?

I think "www.cray.com" has what you need. VERY AFFORDABLE starting at just $200k!!!

 

[officialjunk]

I think "www.cray.com" has what you need. VERY AFFORDABLE starting at just $200k!!!

nope. not what i'm looking for.

 

[Whyat]

The Home-brew seen is coming along fast maybe I might pick up a wii u.

 

[nitrate]

Back to topic:

I managed to dump the NAND as well using the fixed META.XML file for FSTOOLBOX. I then packed IOS36 afterwards using ShowMiiWads 1.5 MOD by orwel. Anyway i figured these things out:

As mentioned here, the packed WAD has to be named "IOS36-64-v3864.wad". But if i packed mine it is named "IOS36-v3864.wad". Does this matter in any way? I also tried using ShowMiiWads 1.5 MOD by orwel (x86 and x64 - no matter what it is that same filename when packed).

Also on some other Wii U "hacking" site, a packed WAD was available for download (filename as suggested: IOS36-64-v3864.wad). I compared this one with the one i got dumped and packed with ShowMiiWads.

The file size between the downloaded vWii IOS36 and my own WAD do differ!!! I don't know if it's safe to patch and write my own or any other vWii's IOS36 WAD to the vWii NAND.

btw:

- my packed IOS36 WAD (named "IOS36-v3864.wad" by ShowMiiWads 1.5 orwel MOD) is 1.871.040 bytes in size.
- the downloaded IOS36 WAD (named "IOS36-64-v3864.wad") is 1.870.976 bytes in size.

Any suggestions?

Edit:

I renamed the "IOS36-v3864.wad" that ShowMiiWads created to "IOS36-64-v3864.wad" and tried installing it using the IOS236 installer from the thread right here. It gave me an "Could not identify ES module" error. I was only able to install a pre-patched "IOS236[36]-v65535.wad" using YAWMM 1.0 rev5.

But the file sizes and file names are still confusing.

 

[SifJar]

could you share details on what hardware you used? i want to learn. i'm looking to buy all the equipment i would need. i figure i may as well learn by hacking the wii since it's pretty well understood. I first would like to learn how to dump and reprogram a nand chip. what do you recommend as the first few steps after that? I have some experience with IDA, know how to program, and used to work in a robotics research lab. is there any particular hardware you recommend? you think the xcom xc-1a is a good investment in general?

I believe DeadlyFoez uses an Infectus, which I don't think are available for purchase any more. I think something like a progskeet should do the job though. Foez posted a tutorial a while back on using an Infectus, I'd guess at least some of the concepts are transferable to a progskeet.

 

[officialjunk]

I believe DeadlyFoez uses an Infectus, which I don't think are available for purchase any more. I think something like a progskeet should do the job though. Foez posted a tutorial a while back on using an Infectus, I'd guess at least some of the concepts are transferable to a progskeet.

yea i found that tut, but it's a few years old. was just checking with him to see what he used on the wii u and any other recommendations. are you into any hardware yourself sifjar?

 

[SifJar]

yea i found that tut, but it's a few years old. was just checking with him to see what he used on the wii u and any other recommendations. are you into any hardware yourself sifjar?

Nope, afraid not. Never had any real need, so couldn't justify the price.

 

[officialjunk]

Nope, afraid not. Never had any real need, so couldn't justify the price.

Do you use IDA? If so, can you recommend any exercises for me to try out on wii stuffs?

 

[SifJar]

Do you use IDA? If so, can you recommend any exercises for me to try out on wii stuffs?

Nah. Again, can't justify the cost for the use I'd get out of it. All disassembly I've done is with objdump.

 

[officialjunk]

Nah. Again, can't justify the cost for the use I'd get out of it. All disassembly I've done is with objdump.

I'd be down to give objdump a try. I just want to practice some disassembly. What did you dissasemble?

 

[Supercool330]

I'd be down to give objdump a try. I just want to practice some disassembly. What did you dissasemble?

If you are looking to learn how to use a disassembler and debugger to reverse an application, I recommend the CMU binary bomb lab. You can download a self study version of the executable here. This is the same lab that a lot of computer science programs use to introduce using a disassembler and debugger. This document is the write up for the assignment provided by CMU; if you ignore all of the scoring stuff, the rest will be very helpful. Note that you will need a Linux environment to run this lab (I recommend using Ubuntu, but any distro should work). The tools you will need are gdb, objdump, and strings. Objdump and strings are part of the binutils package, and gdb is its own package (called gdb). You will be able to install these packages with your distro's package manager (apt in the case of Ubuntu) fairly easily (the links I gave were simply for informational purposes). If you want to hone the skills most pertinent to console hacking, try to do this using only objdump and strings.

 

[officialjunk]

If you are looking to learn how to use a disassembler and debugger to reverse an application, I recommend the CMU binary bomb lab. You can download a self study version of the executable here. This is the same lab that a lot of computer science programs use to introduce using a disassembler and debugger. This document is the write up for the assignment provided by CMU; if you ignore all of the scoring stuff, the rest will be very helpful. Note that you will need a Linux environment to run do this lab (I recommend using Ubuntu, but any distro should work). The tools you will need are gdb, objdump, and strings. Objdump and strings are part of the binutils package, and gdb is its own package (called gdb). You will be able to install these packages with your distro's package manager (apt in the case of Ubuntu) fairly easily (the links I gave were simply for informational purposes). If you want to hone the skills most pertinent to console hacking, try to do this using only objdump and strings.

Sweet. Thanks man. Definitely doing this during my holiday break from work

 

[Supercool330]

Sweet. Thanks man. Definitely doing this during my holiday break from work

No problem. I do this stuff professionally, and this was the way I really started learning what I was doing. I also used to do no-cd cracks a long time ago (back when it was easy), but I didn't really understand it, I just found the branch for the cd check and noped it.

A few more learning resources to help with the bomb lab:
- There is a VERY good x86 disassembly wikibook (pay close attention to the tools and code patterns section)
- An x86 instruction listing
- An explanation of the x86 registers
- A general description of the structure of the call stack

That should get you started at least.

(Note: the Wii uses PPC for application code and ARM for IOS, but these use the same principles as the x86 stuff above and this is a really good starting point as most desktops and laptops use x86 based processors and the lab in question is designed to teach you these skills instead of, you know, actually do something.)

Edit: One more thing, if you are interested in learning how to create a buffer overflow, there is a lab on that as well. Here is the download and assignment. The CS:APP text book (which is where I'm getting these) is actually not terrible, and has a number of publicly available self-study resources online (like these labs) if you purchase or "find" a copy (don't get the kindle edition, it really sucks).

 

[alex873]

Back to topic:

I managed to dump the NAND as well using the fixed META.XML file for FSTOOLBOX. I then packed IOS36 afterwards using ShowMiiWads 1.5 MOD by orwel. Anyway i figured these things out:

As mentioned here, the packed WAD has to be named "IOS36-64-v3864.wad". But if i packed mine it is named "IOS36-v3864.wad". Does this matter in any way? I also tried using ShowMiiWads 1.5 MOD by orwel (x86 and x64 - no matter what it is that same filename when packed).

Also on some other Wii U "hacking" site, a packed WAD was available for download (filename as suggested: IOS36-64-v3864.wad). I compared this one with the one i got dumped and packed with ShowMiiWads.

The file size between the downloaded vWii IOS36 and my own WAD do differ!!! I don't know if it's safe to patch and write my own or any other vWii's IOS36 WAD to the vWii NAND.

btw:

- my packed IOS36 WAD (named "IOS36-v3864.wad" by ShowMiiWads 1.5 orwel MOD) is 1.871.040 bytes in size.
- the downloaded IOS36 WAD (named "IOS36-64-v3864.wad") is 1.870.976 bytes in size.

Any suggestions?

Edit:

I renamed the "IOS36-v3864.wad" that ShowMiiWads created to "IOS36-64-v3864.wad" and tried installing it using the IOS236 installer from the thread right here. It gave me an "Could not identify ES module" error. I was only able to install a pre-patched "IOS236[36]-v65535.wad" using YAWMM 1.0 rev5.

But the file sizes and file names are still confusing.

The same problem for me, my packed IOS36 WAD is 1.871.040 bytes too and can´t be patched.

I also packed IOS 56,57,58 for new d2x-v10-beta52-vWii & can´t be install d2x v10.

Regards.

P.S. I fix d2x install using d2x cIOS Installer v2.2.rar

 

[crono141]

I can't get cIOS 236 installed either. Same file size problem as Alex873 and Nitrate, but I get an SD card error saying that it can't read IOS36 into memory. I have the correct file name in the correct place on the SD card, but it acts like it isn't mounting the SD card properly. Do I need a standard SD card (not SDHC) for this program?

 

[lampjese]

You need a normal 1 or 2 gig sd not sdhc that will not work.