Hacking Beta tester for LU64 downgrader

[madri1]

I'm searching someone with a boot2v4 (lu64/65) Wii with some kind of brick protection to test a program that allows to install an "outdated" ios on those new wiis.

Download this :
http://www.2shared.com/file/6934557/422d155f/boot.html

put IOS31-64-v1037.wad on root of sd card (use NUS downloader to get it).

This program is a modified code of wad manager to install this wad, but it modifies the tmd/tik (in memory) before installing.

You will be asked multiple times to press "A", so do it.
At the end, you will see "press a to load ios", do it.
If you see a dark screen, it's bad, else, it's good.
It means that this old IOS is succesfully installed and working.

You can still install a newer version with dop-ios if you want

 

[SifJar]

And the point of this is? You can easily just use TBR to get trucha bug in IOS36, then use the dop-IOS MOD running off IOS36 to trucha patch every other IOS. And that works just fine on LU64+ Wiis. There is no need for this.

 

[WiiPower]

Is this meant for use or just to get to know if it's possible? I hope not for use. Also does this require trucha, or does it use the downgrade code that is used in TBR and the IOS35 downgrader?

Someone buy a new Wii from walmart, try this out. If it bricks then just return it. If it works then either keep it, sell it to someone, or still return it. Easy enough. I'd try it but I dont have an LU64+ wii nor the money to buy another one.

Asshole?

 

[madri1]

this may prevent some brick if people try to downgrade their wiis (or prevent some problems with games using old version of ios and using like dop-ios then installing old ios).

It needs in fact an ios36 with trucha bug

 

[madri1]

so, someone tested it ?

 

[kLiNiKaL]

test it yourself man, your basically throwing out some random .dol and want someone to hit a brand new wii with it? lol ur r a funny guy.

atleast post your code

 

[SifJar]

Again, why is this necessary? People can already get a full set of trucha IOS on an LU64 wii no bother. this is unneeded

 

[frazz]

so, someone tested it ?

Test your own files first....then ask if someone else wishes to try

 

[madri1]

static fatDevice fd = { "sd", "Wii SD Slot", &__io_wiisd };
Fat_Mount(&fd);
FILE * fp = fopen("sd:/IOS31-64-v1037.wad", "rb");
if (!fp)
printf("File cannot be read\n");
else
ret = Wad_Install(fp);

printf("Press A to load (IOS_ReloadIOS) this ios !\n");
Wpad_WaitButtons();

IOS_ReloadIOS(31);
printf("If you see this message, everything is fine !\n");
Wpad_WaitButtons();

wad_install is from wad_manager with the addition of these 2 patches :

// Patch ticket for boot2v4
s32 patch_new_boot_tik(signed_blob *s_tik) {
u8 *temp;
temp = (u8 *)s_tik;

temp[0x01E6] = 0x1A;
temp[0x01E7] = 0x0A;

// trucha patch tik
return forge_tik(s_tik);
}

// Patch tmd for boot2v4
s32 patch_new_boot_tmd(signed_blob *s_tmd) {
tmd *p_tmd;
u8 *temp;
p_tmd = (tmd*)SIGNATURE_PAYLOAD(s_tmd);
temp = (u8 *)p_tmd;
p_tmd->title_version=0x1A0A;

// trucha patch tmd
return forge_tmd(s_tmd);
}

Inside wad_install:
QUOTE/* Get TMD info */
tmd_data = (tmd *)SIGNATURE_PAYLOAD(p_tmd);
temp = (u8 *)p_tik;
// Patching ticket for boot2v4+
printf("\t\t>> Patching TICKET for Boot2v4+ Wii...");
printf("before : %u%u\n", temp[0x01E6], temp[0x01E7]);
ret = patch_new_boot_tik(p_tik);
printf("after : %u%u\n", temp[0x01E6], temp[0x01E7]);
if (ret < 0)
goto err;

temp = (u8 *)p_tmd;
// Patching tmd for boot2v4+
printf("\t\t>> Patching TMD for Boot2v4+ Wii...");
printf("before : %u\n", tmd_data->title_version);
ret = patch_new_boot_tmd(p_tmd);
printf("after : %u\n", tmd_data->title_version);
if (ret < 0)
goto err;

 

[suchatd]

Does this make Boot2v4+ console can downgrade to 3.2u?
If yes, I will try it for you ^^
If not, why we should do with this coz we can run backup disc with any loader or us cioscorp with preloader on 4.1U.

 

[madri1]

this dol will only downgrade ios31, to be less brick friendly.
Even if this works, i'm not sure if it will works on every ios and in system menu

 

[SifJar]

You wont be able to downgrade system menu, and you wont need to. There is nothing that can be done on 3.2 that cant on 4.1. Just restore trucha bug to every IOS on 4.1 and you can do anything you could do on 3.2, maybe even more. And you can trucha patch the latest IOS, so there is no need for downgraded IOS. Especially seeing as this requires a trucha IOS. If you already have a trucha IOS, just run dop-IOS and patch every IOS.