Hacking Region Free Drivechip for Wii U Under Development!
- Thread starter TeamScriptKiddies
- Start date
- Views 12,150
- Replies 79
- Likes 7
- Status
To make this work you'll need a base plate of pre-famulated amulite surmounted by a malleable logarithmic casing in such a way that the two spurving bearings are in a direct line with the panametric fan. The latter should consist of six hydrocoptic marzlevanes, so fitted to the ambifacient lunar waneshaft that side region locking is effectively prevented. The main winding should be of the normal lotus-o-delta type placed in panendermic semi-boloid slots of the stator, every seventh conductor being connected by a non-reversible tremie pipe to the differential girdle spring on the "up" end of the microchips.
Please let us know when your drivechip reaches a high level of development and can successfully operate novertrunnions.
Please let us know when your drivechip reaches a high level of development and can successfully operate novertrunnions.
- Joined
- Apr 29, 2011
- Messages
- 31,284
- Trophies
- 2
- Age
- 38
- Location
- Dr. Wahwee's castle
- XP
- 18,969
- Country
He won't share it to us, right?
Hold the phone... You mean djbubba2002, having a desire to help further the Wii U hacking scene by sharing the common key?
An ODE (or whatever they're called) I don't see the point of, soft mods are just so much better anyway, and they're free 
The Wii U Common Key != Wii U Per Console Drive Key. The Drive Key is married to the motherboard. You would need the Per Console Drive Key to inject anything into the encrypted data stream traveling over the serial bus between the Wii U's Drive and Motherboard. Oh, so you want to get the Wii U Per Console Drive Key, eh? Well, that requires you accessing the OTP area on the dedicated ARM security processor which requires CafeOS level access to even exploit. Might as well just patch the firm instead. :/
The only thing you could achieve with a hardware mod would be:
1) RAM sniffing (which may be encrypted).
2) Downgrading (provided you have a previous backup and they don't blow qfuses).
3) Finding a race condition in software which requires probe to trigger (e.g. CPU reset on PS3. RGH on xbox 360).
In conclusion, this project is logically infeasible from a software and hardware architectural standpoint.
The only thing you could achieve with a hardware mod would be:
1) RAM sniffing (which may be encrypted).
2) Downgrading (provided you have a previous backup and they don't blow qfuses).
3) Finding a race condition in software which requires probe to trigger (e.g. CPU reset on PS3. RGH on xbox 360).
In conclusion, this project is logically infeasible from a software and hardware architectural standpoint.
Even my dog knows more the drive than TSK. TSK is just a troll, don't feed him and don't have any hopes that something will come out of this.
It's certainly interesting, TeamScriptKiddies. But I gotta be honest: on my end, it's more an interest of "what will happen if this works?" rather than that I'm interested in the actual project.
As you're well aware, the "it won't load backup games" means the interest of communities like this will be minimal (I even suspect those who make claims they want to do just that to use an excuse to have the thing hacked). On the other end, I doubt nintendo will just let it pass (or not...I'll get to that). And I'm leaving remarks on the technical possibilities in the middle (I'm really NOT in the position to know how easy, hard or impossible it may turn out to be to realise).
Then there's the reason of it (still) being needed. Sure, not all games are available worldwide (list), but it's far less an issue than it once was. There are some Japanese games others may like (Dragon Quest X and those Monster hunter frontier games), but pretty much all European games are released in the US and vice versa (Madden NFL and Jeopardy are about the only ones I know of...and I don't think it'll be massively imported). Things are a bit different on the eshop, but I guess it's just about physical media (please confirm/deny? ). And I may be wrong on my impression, but in most cases, the release dates of the games are pretty close together nowadays.
Another thing from your announcement:
When this gets released, its HIGHLY RECOMMENDED that you never run an update off an imported disc.
That's obviously smart advice, but I thought that there was no way to avoid those updates (after all, there is no priiloader-like hack to circumvent it). And that the 'choice' you were given was to either update to the disc's latest firmware or to not play the game. Which would mean that the project should include a 'skip the firmware-check'-sort of hack.
Or am I missing something?
On the good side (if you want to call it that)...it's possible that nintendo decides not to interfere at all. A few months back, I read Iwata was thinking loudly of removing region locks. Of course that isn't saying much, but it may mean this project doesn't turn into a cat-and-mouse situation. After all, it doesn't make much sense to start changing things to turn the original hack into a trap for those on newer firmwares if ninty wants to get rid of the region code to begin with.
...but I fear this is idle hope (it took plenty of attempts of IOS-switching on the wii before ninty gave up on ever keeping it hack-free. Unless you count the mini-wii).
But I gotta be honest: on my end, it's more an interest of "what will happen if this works?" rather than that I'm interested in the actual project.As you're well aware, the "it won't load backup games" means the interest of communities like this will be minimal (I even suspect those who make claims they want to do just that to use an excuse to have the thing hacked). On the other end, I doubt nintendo will just let it pass (or not...I'll get to that). And I'm leaving remarks on the technical possibilities in the middle (I'm really NOT in the position to know how easy, hard or impossible it may turn out to be to realise).
Then there's the reason of it (still) being needed. Sure, not all games are available worldwide (list), but it's far less an issue than it once was. There are some Japanese games others may like (Dragon Quest X and those Monster hunter frontier games), but pretty much all European games are released in the US and vice versa (Madden NFL and Jeopardy are about the only ones I know of...and I don't think it'll be massively imported). Things are a bit different on the eshop, but I guess it's just about physical media (please confirm/deny?
). And I may be wrong on my impression, but in most cases, the release dates of the games are pretty close together nowadays.Another thing from your announcement:
When this gets released, its HIGHLY RECOMMENDED that you never run an update off an imported disc.
That's obviously smart advice, but I thought that there was no way to avoid those updates (after all, there is no priiloader-like hack to circumvent it). And that the 'choice' you were given was to either update to the disc's latest firmware or to not play the game. Which would mean that the project should include a 'skip the firmware-check'-sort of hack.
Or am I missing something?
On the good side (if you want to call it that)...it's possible that nintendo decides not to interfere at all. A few months back, I read Iwata was thinking loudly of removing region locks. Of course that isn't saying much, but it may mean this project doesn't turn into a cat-and-mouse situation. After all, it doesn't make much sense to start changing things to turn the original hack into a trap for those on newer firmwares if ninty wants to get rid of the region code to begin with.
...but I fear this is idle hope (it took plenty of attempts of IOS-switching on the wii before ninty gave up on ever keeping it hack-free. Unless you count the mini-wii).
- Joined
- Apr 29, 2011
- Messages
- 31,284
- Trophies
- 2
- Age
- 38
- Location
- Dr. Wahwee's castle
- XP
- 18,969
- Country
Dude, don't be so rude. He is not a troll and anyone who resorts to unsubstantiated defamation is just attention-whoring, calling out for the sake of calling out. Do you have any knowledge on what he's talking about? Do you have any proof that he or anyone on here is trolling, and lastly, do you have any substantiation to the accusation you present as an argument? No? You would do well to refrain from resorting to ad hominem attacks against the OP or any other baseless accusations against other members. In summary: No proof, no accusation, no defamation.
Whatever happened to respecting other-- Oh right, this is the Temp after all.
Dude, don't be so rude. He is not a troll and anyone who resorts to unsubstantiated defamation is just attention-whoring, calling out for the sake of calling out. Do you have any knowledge on what he's talking about? Do you have any proof that he or anyone on here is trolling, and lastly, do you have any substantiation to the accusation you present as an argument? No? You would do well to refrain from resorting to ad hominem attacks against the OP or any other baseless accusations against other members. In summary: No proof, no accusation, no defamation.
Whatever happened to respecting other-- Oh right, this is the Temp after all.
Thanks for the kind words.
As for those of you who doubt such a thing is possible, perhaps its because you dont have a firm understanding of how hardware works.
All that any computer can understand is machine language (with the exception of quantam computers). Machine language is just binary with a specific instruction set for the particular device your dealing with.
I will be gaining the region info (through lots of trial and error) while booting a domestic game and reading the various outputs of the appropriate ics on the drive pcb. Doing it this way will give an unencrypted result.
Its just going to be a binary value, which the chip will inject upon request at each security check.
This shouldnt "break" any signed packages at all as it will be injecting the code at a point where it expects a standard binary value anyways.
For those wondering about updates, the first release or two will not block disc updates because thats another thing altogether. If you have an import that requires an update, just switch the chip off, go online and update correctly, then switch it back on and play your import offline
Unless the header (I assume region flag is there) doesn't get its sig checked then this will still break the sig.
Since the system will be doing the check it doesn't matter what you do to the drive. What matters is what the system receives, which, in this case, is a modified region flag, which of course will not match the signature.
Unless "This shouldnt "break" any signed packages at all as it will be injecting the code at a point where it expects a standard binary value anyways." means something I don't understand.
Since the system will be doing the check it doesn't matter what you do to the drive. What matters is what the system receives, which, in this case, is a modified region flag, which of course will not match the signature.
Unless "This shouldnt "break" any signed packages at all as it will be injecting the code at a point where it expects a standard binary value anyways." means something I don't understand.
This won't work for two reasons:
#1 The communication between the drive and the system is encrypted via an unique per console key
#2 The region information is within a signed area and is encrypted as well
#1 The communication between the drive and the system is encrypted via an unique per console key
#2 The region information is within a signed area and is encrypted as well
That is irrelevant as it will just be straight up binary values when i obtain the region info for the purpose of including it in the ASM program. Furthermore, no signatures should be broken as the region info wont change from game to game (except games from other regions) but the console wont know the difference between an import or a domestic game with the chip installed.
Just because you have a lack of understand of how hardware operates on a low level doesnt mean such a chip isnt possible to create.
Jayro it will require soldering.
with the communications between drive and console bring encrypted like crediar stated, how will you know which values are are the region info and where to inject it.
Trial and error my friend. Furthermore, i will be reading the info off the microcontrollers themselves it has nothing to do with anything between the wii u and the drive. Also the chip im developing will attach directly to the appropriate microncontrollers on the pcb as well for monitoring and injecting code. These chips can only operate on machine language alone. Thats why encryption is irrelevant as the data i need is already in a decrypted state.
ok, that makes sense now. this all hinges on that the Wii U only checks the region code of the disc to determine the region. If it checks the region of the update stored on the update partition also, or Nintendo updates the Wii U to do so if it does not already, then the the chip will be useless or only useful on older firmwares.
Of course i know who crediar is, but he's looking at it from a software angle. Im looking at it at a super low level with the lowest level code possible.
- Status
Similar threads
