Hacking bootmii boot2v4

[smf]

if i take out the nand chip of a perma brick wii which has boot2v4 and place it on a wii that can install bootmii and flash it with infectus or any other method. will i now be able to install bootmii now?

No, you can't swap nand between Wii's unless you have the consoles key (and then you'd need to re-encrypt the contents with the new consoles key). If you had the broken wii's key then you could probably fix the nand with an infectus.

Also the problem is with running bootmii as boot2, not installing it. If you install it on a Wii that can't run it then I assume you end up with a brick.

 

[bubbleboy]

You can't lose the ability to install bootmii as boot2. Older wiis always can, newer wiis always can't.

Really? Updating via Nintendo's servers patch the exploitable v2 with v4, making bootmii almost useless for recovery purposes.

 

[tueidj]

Really? Updating via Nintendo's servers patch the exploitable v2 with v4, making bootmii almost useless for recovery purposes.

Bootmii relies on a flaw in boot1, not boot2.

 

[techboy]

Bootmii relies on a flaw in boot1, not boot2.

And boot1 can NEVER be updated. A wii is permanently stuck with whatever boot1 it shipped with. Forcibly updating it using an infectus leads to instant bricking.

 

[happydance]

if i take out the nand chip of a perma brick wii which has boot2v4 and place it on a wii that can install bootmii and flash it with infectus or any other method. will i now be able to install bootmii now?

No, you can't swap nand between Wii's unless you have the consoles key (and then you'd need to re-encrypt the contents with the new consoles key). If you had the broken wii's key then you could probably fix the nand with an infectus.

Also the problem is with running bootmii as boot2, not installing it. If you install it on a Wii that can't run it then I assume you end up with a brick.

yeah i know i can't swap them in it's current state, thats why i include the statment "flash it with infectus or any other method" and placing it on a wii with the boot1 flaw assuming i got the keys for that particular wii.

 

[techboy]

EDIT: Removed. Read the post wrong.

 

[GrEvilKin]

I've got an old Wii, I always only installed HBC, never BootMii, but now I kinda want to, to prevent bricking.

I installed 4.3, can I still install BootMii? Will BootMii be erased in future updates?

 

[Deleted User]

I've got an old Wii, I always only installe HBC, never BootMii, but now I kinda do, to prevent bricking.

I installed 4.3, can I still install BootMii? Will BootMii be erased in future updates?

That's what I want to know, and look at my post count.

 

[g4jek8j54]

I've got an old Wii, I always only installe HBC, never BootMii, but now I kinda do, to prevent bricking.

I installed 4.3, can I still install BootMii? Will BootMii be erased in future updates?

QUOTE(GrEvilKin @ Sep 16 2010, 05:59 PM) I've got an old Wii, I always only installe HBC, never BootMii, but now I kinda do, to prevent bricking.

I installed 4.3, can I still install BootMii? Will BootMii be erased in future updates?

That's what I want to know, and look at my post count.

Yes, if you can already install it as boot2, you should always be able to do so. The only way that it couldn't would be if Nintendo blocked everything that allowed you to run code on the Wii, and install things (Homebrew Channel, Smash Stack, Indiana Pwns, etc.). However, the boot1 bug (which BootMii uses to install) will always be there, since Nintendo can't update boot1.

EDIT: Also, boot2 was updated online by Nintendo with the 4.2 update. However, they have not updated it since then. The most recent version is boot2v4.

 

[smf]

However, the boot1 bug (which BootMii uses to install) will always be there, since Nintendo can't update boot1.

You can replace boot1 as long as you can make it match the SHA1 hash in the otp rom.
Which is very difficult at the moment, but it will get easier.

 

[Yuan]

Safest way is to update it via DOP-Mii, Nintendo's update code is buggy and may brick your wii.

Instructions below:

http://gwht.wikidot.com/upgrade

 

[tueidj]

DOP-Mii uses exactly the same code.

 

[Lexip;]

Being able to install bootmii has NOTHING to do with Wii version.

It is determined if boot1 has the signing bug present.
All ios's and boot1 had the signing bug at one point, but nintendo fixed this and started shipping new wii's with fixed boot1's.
Boot1 can never be overwritten.

If you have an old wii, you can install bootmii as boot2 and will always be able to install bootmii.
Updating boot2 will overwrite bootmii, but it can be installed again.

Updating boot2 doesn't give any kind of benefit.

 

[mike333]

However, the boot1 bug (which BootMii uses to install) will always be there, since Nintendo can't update boot1.

You can replace boot1 as long as you can make it match the SHA1 hash in the otp rom.
Which is very difficult at the moment, but it will get easier.

Could You please sort following options by possible date order: wii2, sha1 collision made easy, Nintendo private key leak.

 

[mike333]

Boot1 can never be overwritten.

Some sort of nand protection?
Yes, I understand hash verification but boot1 sits on nand like rest of the system (excluding boot0).

 

[Lexip;]

Boot1 can never be overwritten.

Some sort of nand protection?
Yes, I understand hash verification but boot1 sits on nand like rest of the system (excluding boot0).

can never be overwritten (without bricking the wii)*

 

[mike333]

can never be overwritten (without bricking the wii)*

What if I overwrite with same content or different content where its sha1sum is the same?

 

[PPSainity]

can never be overwritten (without bricking the wii)*

What if I overwrite with same content or different content where its sha1sum is the same?

The last proposition is very hypothetical and can be assumed to be a never gonna happen case. Read the Wiki concerning Hash Functions for more insight into this. Overcoming the issue of the hash (again, not gonna happen) yes you can write over the Boot1 as much as you want. Back to reality, unless you write over boot1 with the exact same code, it will fail the hash check.

Now some will say, but hash collisions happen. To this I say, yes, but the probability that a collision will take place with code that is usefull is low not to forget the backwards process of forming code to result in a certain hash is to say the least, non-trivial.

-[]D