Hacking Betwiin v.10

[Blob]

NM Got it figured out tho didn't let Betwiin finish building the output flash cuz it looked like it got stuck in a loop building a block (f) ?

 

[shadowchao]

Well i have a problem, too.
After running betwiin.py, I get a "nand.pyc" and the "flash.bin" in the outbut folder has a nice-looking beginning, but after a while there are ONLY F's and more F's Whats wrong here?? Already tried to extract something with NANDex, but it didn't work. It says it is an invalid or corrupt dump...

EDIT: The Windows-cmd also doesn't start

 

[shibs]

Just read through the whole thread, pretty cool stuff you guys are figuring out.

To clarify here are some scenarios (lets say bricked means corrupted system menu) I am wondering about :

1) I have a bricked Wii (no bootmii/boot2 installed) - boot1 is a version that does NOT allow bootmii to installed on boot2, I do not have the AES/HMAC keys from this Wii.
I cannot modify boot1, because of the check code in the Hollywood processor(only allows same version of boot1 to run).
I cannot install bootmii into boot 2 because of previous statement.
I cannot find the keys because bootmii has to be installed in boot 2 (and not just an IOS) in order for it to run on bricked Wiis.

This Wii would be completely unrepairable (even with external programmer)?


2) I have a bricked Wii (no bootmii/boot2 installed) - boot1 is a version that DOES allow bootmii to installed on boot2, I do not have the AES/HMAC keys from this Wii.
I read the NAND, modify boot2 (containg bootmii), and write back to the NAND
Bootup console and launch bootmii where I extract the AES/HMAC keys.
With those keys I take a dump from a working Wii and convert the flash with betwiin.
I then flash the bricked Wii with the modified flash, and I have a usable Wii

This Wii would be repairable (with external programmer)?


Is scenario 1 the only scenario where the Wii is fully bricked (again bricking meaning corrupt system menu)?

 

[thiefstar]

I need the help of everyone.

I want to flash my full bricked Wii nand wiht the infectus.

It took me 2 weeks. Up to now still got 0xFFFF.


I'm sure my soldering is correct.
I use multimeter to do a continuity test to make sure my connections are good.
but I couldn't read the nand.

I have tried buhing's D0 trick and bonx's resolve method(replace the WE wire by a longer one)
I even doubt caused by the length of cable. But those didn’t change anything for me.

The only difference is the version of the infectus.
I bought the left of the photo

I do not know which one is normal and homebrew version

I want to know if the left of the photo is homebrew. Then can it read/write Wii nand?

 

[thiefstar]

I believe I have the one on the left. I can't tell you for sure because I got it hooked up to another wii that a member sent in to me.

Check the screen output of the wii.

Try without using the D0 trick and see if you can read the flash then. I know when using the D0 trick you have to start up the infectus software a few times before it fully sees it.

I prefer using the xavbox software with their driver.

Double check to make sure that no connections are crossed.

I have tried without using the D0 trick and tried xavbox software same time. but up to now still got........

I have also check the screen, no signal screen is still unchanged.

 

[thiefstar]

Gotta be something wrong with the infectus

first time have I to do the thing? before soldering on the nand.
How do I prove that my infectus is wrong with it?

I tried to solder to the second bricked Wii nand. and got same messege.
if my infectus is wrong. I will buy again.
I have bought two of the infectus......

 

[HiBit]

Read your pn please and forget the question about the software, now i see what you use.

Btw. and here again: You are sure you stop the hollywood chip before you try to access the NAND?

 

[Painguy]

so essentially with this i could copy my NAND and isntall it on my friends? that way i dont need to install any thing individually correct? anyway ill test it out and see what happens?

 

[Mabi]

YEAH i have it done! ond bricked wii with bootmii and one not bricked wii with bootmii with the autonand!! this is great... unbelievable thanks to all

 

[SnacksHacks]

If your Wii is bricked and you need its keys, back it up with BootMii. Then open up the backup (even if it's bricked) in a hex editor and go down to the line that says "RestoreMii v1.0 bla bla bla" Copy everything from that line down and paste it in a new hex document. Save it as "keys.bin" and there are your keys

 

[krool]

Hi friends

I have problems., I need to know in detail how to perform the trick of D0 (GND to D0) using the infectus, to write the NAND ... thanks

 

[krool]

hi ... thanks for the help,
My English is not good, therefore I have difficulties in interpreting the tutorials. I wonder, if possible with the image which is the Data pin 0.
I understand that it is necessary to ground the pin Data 0 through a key .... I understand all this, what I really need to know is where is the date the pin, and also be one way to know if Hollywood really after the whole procedure is not going into work. thank you very much

 

[krool]

The reading program infectus went well, open hex edit perfect, but when I open to write the Nand.bin have PROGRAM ERROR ..... Help please?

I dropped out infectus and now I'm doing for external programmer (BeeProg) software Pg4uw.exe www.elnec.com,

I have the following situation: - The BeeProg Start (0) end (20FFFFFF)
My file Start (0) end (210003FF)

The end of the recording process ends (20FFFFFF) and can not write the 1024bits precisely with the data of bootmii, I need help Deadlyfoez, HiBit, bucha, all .....

Org Size Start end

Device x8 21000000 0 20FFFFFF
Buffer x8 21000400 0 20FFFFFF
File x8 21000400 0 210003FF

thanks

 

[thiefstar]

I succeed.

I unbricked it. yahooooooooooo~~~~

thank you for Hibit
thank you for abkarino and DeadlyFoez

 

[SnacksHacks]

@DeadlyFoez: I don't give a crap I wasn't talking to you. Apparently you think you're bushing or something so go and help some noobs

 

[mangaman25]

Hello,

I'm trying to get a bricked wii fixed. Her is what i have done so far.

The only thing i know about my bricked WII is that it has a samsung nandchip, D2E drive. I dont know firmware, boot2, bootmii or anyting els. I know it starts using wiimote, drive spin, no screen. Cant acces savemii, bootmii, preloader.

After that is used deadlyfoes tut to install the infectus. Got myself a (bricked)nand backup using xavbox . I used the autonand to create a new nand from a previously backuped wii console(D2E, don't know nand chip) where I installed bootmii as boot2(don't know version) After it i deleted, writed, , compared etc. but it is still bricked,

to get all straight.
- Is it even possible to unbrick this one(cause i don't know if it has the vulnerable boot1)
- is used the infectus nand as bricked(Nand2 540.672kb) with a bootmii backup(Nand1 540.673kb)
- If i got a nand backup what blocs do i have to flash to get it running . Or can i just flasf te complete new nand in it.

please help

 

[krool]

you are in the same situation that I.

1º - its copy of the NAND bricked is (540.672), then you does not have bootmii installed.
2 - its copy of the NAND bricked is (540.673), you has bootmii installed.

you also need some NAND of consoles functioning to execute betwiin, install bootmii in console of friends and acquire these copies of these consoles. The step most important in the truth is you to make the console to work opening boot 2,

a friend still in this topic mentioned that it used the NAND of a console, example: LU63 in another console LU63 and obtained to execute boot2 (it obtained because the component that it used had installed boot2)

perhaps this is optimum way at this moment. at least this it is the way that also I will be trying now

 

[jengen]

who can help my out here

bootmii give my a error

warning boot1 mismatch, not wrighting
SRY i have fail : -1

what can i do now to fix this problem

 

[stefanox]

Converted a flash.bin with betwiin.
insert the first 1mb and the last 1024 back to the converted nand.

when i use bootmii restore, to flash the converted nand back to the bricked wii, a couple things ere not correct.


1. first 8 or 9 blocks stay grey.
2. when the nand is complete restore, try to put the wii back on, still black screen,

somebody have idea's what go wrong.

 

[stefanox]

i have here a board with a hynic nandchip on it, i have try to flash a bootv2, v3, and a v4 to the nand, none of them work,
the screen stay black, and the fan not work,

somebody have a idea to try something different?



gr