Hello,
I've been given a bricked WiiU. It's on the way. The previous owner tried to coldboot HaxChi it and he bricked the system. Of course he didn't do a backup I understand it isn't possible to fix it without having keys to decrypt NAND. I was thinking, maybe it could be booted into vWii (yet to confirm). Would it be possible to dump OTP from vWii? Did anyone try that or at least can confirm it's possible in theory?
I was also thinking about another possibility - Since OTP is only 1kB and I assume there are multiple keys in here, in theory it could be possible to just brute force the key and try decrypting NAND dump. Do you know which exact bytes are used to decrypt the NAND? I haven't got into analyzing any NAND extractors yet. I can do NAND dump via hardmod method.
I've been given a bricked WiiU. It's on the way. The previous owner tried to coldboot HaxChi it and he bricked the system. Of course he didn't do a backup I understand it isn't possible to fix it without having keys to decrypt NAND. I was thinking, maybe it could be booted into vWii (yet to confirm). Would it be possible to dump OTP from vWii? Did anyone try that or at least can confirm it's possible in theory?
I was also thinking about another possibility - Since OTP is only 1kB and I assume there are multiple keys in here, in theory it could be possible to just brute force the key and try decrypting NAND dump. Do you know which exact bytes are used to decrypt the NAND? I haven't got into analyzing any NAND extractors yet. I can do NAND dump via hardmod method.