- Joined
- May 17, 2006
- Messages
- 11
- Trophies
- 1
- Age
- 37
- Location
- SPAIN - Seville
- Website
- Visit site
- XP
- 415
- Country
Hacking Wii Menu Uninstaller and Disk Check v1.01 COMING SOON!
- Thread starter frostyfrosty
- Start date
- Views 77,136
- Replies 281
- Status
Just as i thought. Xyzzy and Key grabber (a derivative of Xyzzy), won't even install :S. the error is "-BAD HASH"
i believe it has something to do with the different common-key of the dev-kits. We'll need a custom key grabber for RVT-R machines
i believe it has something to do with the different common-key of the dev-kits. We'll need a custom key grabber for RVT-R machines
- Joined
- Jan 9, 2009
- Messages
- 360
- Trophies
- 0
- Age
- 40
- Location
- Switzerland
- Website
- Visit site
- XP
- 116
- Country
- Joined
- Apr 1, 2009
- Messages
- 152
- Trophies
- 0
- Age
- 33
- Location
- Boston, MA
- Website
- Visit site
- XP
- 171
- Country
- Joined
- Mar 15, 2009
- Messages
- 1,720
- Trophies
- 0
- Age
- 31
- Location
- Pennsylvania
- Website
- Visit site
- XP
- 306
- Country
As above, you'll likely need a custom dumper. The problem is that we don't know the common key of the RVT wii, so making such a tool would be difficult to impossible to do. You could ask TT about it though.
This app: http://wiibrew.org/wiki/FSToolbox can dump raw files from NAND (not an image, so no need for the NAND key to unpack the image). Not sure if it would work on an RVT wii. Just be careful with it, as it can overwrite/delete and fakesign as well. Avoid those functions.
We'd still need the common key to make use of the files, but hey, if it works at least its only one key (just the common key) instead of two (common and NAND key).
Brute forcing the common key could take a while: 3.19626579 × 10^38 possible keys if i did my math right (assuming its a 16 byte key like a normal wii.)
This app: http://wiibrew.org/wiki/FSToolbox can dump raw files from NAND (not an image, so no need for the NAND key to unpack the image). Not sure if it would work on an RVT wii. Just be careful with it, as it can overwrite/delete and fakesign as well. Avoid those functions.
We'd still need the common key to make use of the files, but hey, if it works at least its only one key (just the common key) instead of two (common and NAND key).
Brute forcing the common key could take a while: 3.19626579 × 10^38 possible keys if i did my math right (assuming its a 16 byte key like a normal wii.)
Vegeta said:
believe me they are not. the first it just uninstalls the system menu (title id of the channel ".WMU") and reverts you back in the special boot2, the other just check the disc for errors (title id ".DCK" if I remember correctly) and presents a CRC16 hash.
Another thing is the Devkit doesNOT have a IOS4 but a IOS10 (that one was added bug-signed-fixed to retail wiis on FW4.0)
- Joined
- Mar 15, 2009
- Messages
- 1,720
- Trophies
- 0
- Age
- 31
- Location
- Pennsylvania
- Website
- Visit site
- XP
- 306
- Country
There doesn't seem to be any good benefit, it's more like to say we did it and to have more wads floating around on the net.
Plus, we can hopefully learn the common key used on these wiis.
Consider this more of a learning experience than an attempt to get official software (even though that'll hopefully be the outcome).
Consider this more of a learning experience than an attempt to get official software (even though that'll hopefully be the outcome).
techboy said:There doesn't seem to be any good benefit, it's more like to say we did it and to have more wads floating around on the net.Plus, we can hopefully learn the common key used on these wiis.
Consider this more of a learning experience than an attempt to get official software (even though that'll hopefully be the outcome).
EXACTLY
techboy said:
That tool requires an IOS with the ES_Identify bug still intact. Unless the RVT system has an older IOS installed the app will not be able to gain the necessary access to the NAND.
- Joined
- Apr 29, 2009
- Messages
- 185
- Trophies
- 0
- Age
- 41
- Location
- Montréal Québec 514 , Cacanada
- Website
- Visit site
- XP
- 71
- Country
would it be maybe possible to change what stop some wii to install bootmii as boot2 , with the systemmenu uninstaller ???
- Joined
- Mar 15, 2009
- Messages
- 1,720
- Trophies
- 0
- Age
- 31
- Location
- Pennsylvania
- Website
- Visit site
- XP
- 306
- Country
Seeing that the system could run YawnD, which relied on Trucha Capable IOSes, it wouldn't surprise me if it had the ES_identify bug as well. I think ES_Identify was fixed around the same time or after trucha. The only way to know is to try it. You'll get an error if its been fixed.
@WiiThoko - You are right. There is no way to change boot1. Any attempt at changing it will brick the wii.
@WiiThoko - You are right. There is no way to change boot1. Any attempt at changing it will brick the wii.
fogbank said:
I believe it could work. The RVT is kinda old. Newest system menu on the disc menu installer is 3.0x. It has 1.0u,2.2x,3.0x to choose from and up to IOS33 (old ones). Also i never updated. I think it needs special IOSes from the nintendo server anyway with a devkit common key. So no RETAIL IOS WADS. Which reminds me.
if the 2 dev certs in the pinkfish do anything special. they were .wad format and you couldn't install them in a retail wii because of the different common-key.
http://wiibrew.org/wiki/Wii_Backup_Disc
I dumped the NAND with YAWND(normal with EEC) and WiiND. Will try FStoolbox once i get some free time.
tsampiras said:
IOS10 has been on retail wii's long before 4.0 both me and dynamite have had it since atleast 3.3 http://gbatemp.net/index.php?showtopic=121887&hl=ios10
- Status
Similar threads
-
Xdqwerty
what are you looking at? -
AncientBoi
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
-
@
Xdqwerty:
Also the wood ui for twl menu is back https://github.com/DS-Homebrew/TWiLightMenu/releases/tag/v27.2.0+2
He/them/IT does