Hi all,
So, bought a Wii U from eBay, came with the wonderful 160-0103 issue (not from CBHC though, the MLC itself is corrupted). Reset it to stock and now it's completely bricked, as booting goes straight to the same issue. Well, since it's already broken, I guess I can't break it any further!
So, I soldered a hardmod to the MLC chip and dumped it through my SD card reader. Using wfs-extract revealed a lot of broken files, so I grabbed an MLC backup from my dad's Wii U and extracted its filesystem, hoping to replace the broken files and write the MLC back to the chip. However, when I tried to replace them with wfs-file-injector, it wasn't working; I think there's an issue with the actual block/sector allocation, so the injector can't write any data to the blocks that were corrupted.
Now I want to try something else: decrypting the entirety of the donor MLC and re-encrypting it with the OTP of my Wii U, then writing that back and seeing what happens. If it doesn't work, and the actual chip is bad, I'm going to try buying a new chip entirely and using that instead. However, I'm stuck on the decryption/encryption step.
Does anyone know how to decrypt/re-encrypt the MLC block by block instead of traversing the file system? I think replacing the entire thing has the best chance of succeeding, since I don't truly know the extent of the damage to the filesystem. I can't find any documentation on decryption/encryption of the MLC apart from wfslib, which seemingly doesn't have support for block-by-block traversal, and I can't wrap my head around how it works enough to reverse engineer just how the block encryption works by itself, divorced of being associated with any files.
Any help would be appreciated!
So, bought a Wii U from eBay, came with the wonderful 160-0103 issue (not from CBHC though, the MLC itself is corrupted). Reset it to stock and now it's completely bricked, as booting goes straight to the same issue. Well, since it's already broken, I guess I can't break it any further!
So, I soldered a hardmod to the MLC chip and dumped it through my SD card reader. Using wfs-extract revealed a lot of broken files, so I grabbed an MLC backup from my dad's Wii U and extracted its filesystem, hoping to replace the broken files and write the MLC back to the chip. However, when I tried to replace them with wfs-file-injector, it wasn't working; I think there's an issue with the actual block/sector allocation, so the injector can't write any data to the blocks that were corrupted.
Now I want to try something else: decrypting the entirety of the donor MLC and re-encrypting it with the OTP of my Wii U, then writing that back and seeing what happens. If it doesn't work, and the actual chip is bad, I'm going to try buying a new chip entirely and using that instead. However, I'm stuck on the decryption/encryption step.
Does anyone know how to decrypt/re-encrypt the MLC block by block instead of traversing the file system? I think replacing the entire thing has the best chance of succeeding, since I don't truly know the extent of the damage to the filesystem. I can't find any documentation on decryption/encryption of the MLC apart from wfslib, which seemingly doesn't have support for block-by-block traversal, and I can't wrap my head around how it works enough to reverse engineer just how the block encryption works by itself, divorced of being associated with any files.
Any help would be appreciated!