Can we write a new boot2?

Discussion in 'Wii - Hacking' started by Keylogger, May 18, 2009.

Thread Status:
Not open for further replies.
May 18, 2009

Can we write a new boot2? by Keylogger at 10:37 AM (1,670 Views / 0 Likes) 8 replies

  1. Keylogger
    OP

    Member Keylogger GBAtemp Advanced Maniac

    Joined:
    May 3, 2006
    Messages:
    1,604
    Country:
    France
    Hi,
    Sorry for my bad english

    I can't install bootmii on my Wii. I have an incompatible boot2.

    I saw the file "boot2-64-v2.wad" in some ISO
    If I install this file using wad Manager, will it brick my wii or does it will write a new boot2 compatible with bootmii?

    Thanks
     
  2. Vidboy10

    Member Vidboy10 Tsardom

    Joined:
    Dec 15, 2008
    Messages:
    2,617
    Location:
    Vancouver, B.C
    Country:
    Canada
    We would need alot of Hardcore hackers to do that.
     
  3. WiiPower

    Member WiiPower GBAtemp Guru

    Joined:
    Oct 17, 2008
    Messages:
    8,165
    Country:
    Germany
    Sorry, but it's boot1 that loads boot2. And BootMii is installed as boot2.

    boot1 is fixed in all new Wiis, and boot1 is on a read-only part of the nand. After the Wii is produced, the boot1 can never ever be changed again. This means, nintendo can't update boot1 to block BootMii with future updates, but this also means, that already patched Wiis can never install BootMii as boot2.
     
  4. schnitzelbrain

    Newcomer schnitzelbrain Advanced Member

    Joined:
    Apr 11, 2009
    Messages:
    64
    Country:
    Germany
    to be correct, the boot1 is not read only but the hash for boot1 is. Its to tell the system that boot1 is valid. This hash is stored in a one time programable area at manufacture.

    So
    Boot0 -> one time programed at manufacture
    Boot1 -> reprogram possible BUT the hash is stored permaned, so no reprogramming possible at last.
    Boot2 -> reprogram possible. But valid only with bugged Boot1 due to a compare bug of the validation of Boot2. This Bug let the Boot1 think the Boot2 is valid.
     
  5. Screemer

    Member Screemer GBAtemp Maniac

    Joined:
    Sep 21, 2008
    Messages:
    1,248
    Country:
    Germany
    not completely correct. boot1 is writable too but it's sha1 hash is stored in a unwritable rom in starlet.

    €dit: maybe i shouldn't leave my taps open for an hour.
     
  6. bushing

    Newcomer bushing Advanced Member

    Joined:
    Feb 27, 2008
    Messages:
    50
    Country:
    United States
    > 9000 Hardcore hackers?
     
  7. gunslinger

    Newcomer gunslinger Advanced Member

    Joined:
    Apr 3, 2009
    Messages:
    53
    Country:
    United States
    actually BOOT2.etc.etc.WAD *is* the boot2, isn't it? How can i disassemble and analyzse those boot files (and how to get them?) in IDA?
     
  8. Apekop

    Member Apekop GBAtemp Regular

    Joined:
    Apr 9, 2009
    Messages:
    223
    Location:
    Location, location, location.
    Country:
    Netherlands
    Im not a programmer but if this is a question of getting a lot of pc power, I'll run a program.
     
  9. OSW

    Former Staff OSW Wii King

    Joined:
    Oct 30, 2006
    Messages:
    4,796
    Country:
    Australia
    Keylogger - do not try to overwrite your boot2 with wad manager. It won't help you at all.

    I'll close this thread so it doesnt go off the rails.
     
Thread Status:
Not open for further replies.

Share This Page