Hacking Boot1 key and exploit released

Brawl345

Well-Known Member
Member
Joined
Jan 14, 2012
Messages
740
Trophies
1
Website
wiidatabase.de
XP
2,508
Country
Germany
It only works on a reboot, not on a coldboot! But hexkyz writes that it's maybe possible to change the vWii loader to exploit this bug and reboot the console into a CFW when B is held at the start. It's theoretically a coldboot haxchi alternative, yes, but it would take way longer (but at least you don't have to buy a game I guess).

edit: clarified
 
Last edited by Brawl345,

Billy Acuña

Well-Known Member
Member
Joined
Oct 10, 2015
Messages
3,126
Trophies
1
Age
29
XP
3,658
Country
Mexico
Hopefully CFW on boot without relying on an installed title.
Well, you rely on the vWii channel, which is undeleteable unless you mess with ftpiiu, but I somehow concerned on how this could affect in WiiVC and HBL2HBC.
@FIX94?

Edit: Btw, boot1hax was alreally implemented onto HexFW
https://github.com/hexkyz/hexFW/commit/f52f85f683dfcef0544f8ddb3643cef5cfa2ee86

I think is just a matter to port the patch into existing CFW solutions like CBHC or/and Mocha :)

This should be pointed on the OP.
 
Last edited by Billy Acuña,
  • Like
Reactions: Subtle Demise

Bent

Well-Known Member
Member
Joined
Nov 6, 2002
Messages
192
Trophies
0
Age
40
Website
Visit site
XP
2,005
Country
United States
You can dump it with his HexFW.

Along with this writeup, I'll be publicly documenting boot1 over at http://wiiubrew.org and I'm releasing a patch for my long forgotten project hexFW that gives you the option to dump your console's boot1 and unlocked OTP: https://github.com/hexkyz/hexFW/commit/f52f85f683dfcef0544f8ddb3643cef5cfa2ee86

NOTE: This does not include the boot1 AES key, since that one is long gone by the time we are running code in boot1!

Doesn't appear to be the case.
 
General chit-chat
Help Users
  • No one is chatting at the moment.
    KenniesNewName @ KenniesNewName: Well new hocus pocus already looks like shit