Hacking bootIOS

[PsyBlade]

you COULD change boot1 easily using software - no need to open it
no one wrote an app to do it since it would be pointless
your wii will simply not boot unless you somehow restore the original

No one will ever change boot1. It's hash is checked against a hash in One Time Programmable memory (i.e. memory that can't be changed). If the hashes don't match, the Wii will not start. It'd be near impossible to create a custom boot1 that had the exact same hash. There is no "yet" involved.

Depends on your definition of "yet" and "ever".
Attacts on SHA1 are improving and short RSA keys (I don't know the key lenght ninty used) can be defeated by the increasing speed of the average pc.
I would not be surprised if this were possible in a few decades.

 

[DeadlyFoez]

um boot1 goes deeper into the wiis internal parts: something we havn't done yet

No one will ever change boot1. It's hash is checked against a hash in One Time Programmable memory (i.e. memory that can't be changed). If the hashes don't match, the Wii will not start. It'd be near impossible to create a custom boot1 that had the exact same hash. There is no "yet" involved.

I actually chatted with marcan about things like that in the past, and you can in fact change the OTP, but it is a lot like e-fuses where you change write a 0 bit to a 1, but you can not change a 1 to a 0. So you could go and change it all to be 1's, but pointless unless you already have a custom boot1 made up with a hash that has more 1's in binary than what the previous hash had. I hope I explained that in a way that ppl can understand.

you COULD change boot1 easily using software - no need to open it
no one wrote an app to do it since it would be pointless
your wii will simply not boot unless you somehow restore the original

Yeah, I've done it with my infectus, and yeah it was pointless.

 

[PsyBlade]

edit:
wtfh did this post come from?

 

[Lucif3r]

Well it would be sweet if it we could change boot1 on the newer Wiis and get bootmii@boot2... But yeah, its not really a realistic option. As others have said - if it was realistic it wouldve been done already

 

[DeadlyFoez]

it is a realistic option, but the problem is... how many wii's are going to get destroyed in the process of researching this?

 

[Lucif3r]

it is a realistic option, but the problem is... how many wii's are going to get destroyed in the process of researching this?

An unrealistic amount

 

[Luigi2012SM64DS]

it is a realistic option, but the problem is... how many wii's are going to get destroyed in the process of researching this?

before that we have to get bootmii as boot0

 

[SifJar]

it is a realistic option, but the problem is... how many wii's are going to get destroyed in the process of researching this?

before that we have to get bootmii as boot0

No. Stop talking crap about stuff you don't understand.

 

[Burton]

it is a realistic option, but the problem is... how many wii's are going to get destroyed in the process of researching this?

before that we have to get bootmii as boot0

No. Stop talking crap about stuff you don't understand.

LOL...+1 Sifjy!

 

[Anon10W1z]

BootMii is kinda pointless as bootmii IOS because
a) If you can install BootMii as boot2, then do so
b) If you can't, use Priiloader.

Unless, maybe, you absolutely NEED a nand.bin and a keys.bin lying around on your PC or SD card, AND you have boot1c.

 

[XFlak]

really? common dude, anyone who's even read a modmii guide should know how important nand.bin and keys.bin are. They are actually MORE important if u can't install bootmii @ boot2.

 

[DeadlyFoez]

it is a realistic option, but the problem is... how many wii's are going to get destroyed in the process of researching this?

before that we have to get bootmii as boot0

No. Stop talking crap about stuff you don't understand.

LOL...+1 Sifjy!

Luigi2011SM64 was making a joke.

 

[JoostinOnline]

BootMii is kinda pointless as bootmii IOS because
a) If you can install BootMii as boot2, then do so
b) If you can't, use Priiloader.

Unless, maybe, you absolutely NEED a nand.bin and a keys.bin lying around on your PC or SD card, AND you have boot1c.

Wow. Just leave.

 

[PsyBlade]

Unless, maybe, you absolutely NEED a nand.bin and a keys.bin lying around on your PC or SD card

Because nobody would ever need a backup.
LOL

 

[obcd]

it is a realistic option, but the problem is... how many wii's are going to get destroyed in the process of researching this?

None should be destroyed. It's known how the boot1 hash is calculated in boot0.
So, it's perfectly possible to check if a boot1 hash would pass without the need to test it on an actual wii.

I won't discuss creating a boot1 with a hash that passes.

Next you could ask DeadlyFoez friendly to try it out on a wii. If it doesn't work, I think he can revert rather fast to a previous working situation?

Let's just say I have avoided the hard part here.

 

[DeadlyFoez]

If someone ever wants to take the time to try some things out then I'd be more than happy to put my tech wii to use. Unfortunately, I think that the only people who are truly capable of making that happen are TT, but from my conversations with marcan and bushing in the past I know that they will not even bother trying anything.

@[member='obcd'], the part that could destroy wii's is actually writing to the OTP.