Hacking Is there going to ba a PriiULoader soon(tm)?

Edizius · Dec 11, 2016

Hi,
Recently there is a large hipe on coldboot stuff (especially since CBHC is out) but I think officially the status is still "don't mess around with couldboot as it can brick your console".
Is there at the moment someone working on a brick-protection like PriiLoader for the Wii? Or is it at the moment not posssible as there is no access to boot0, 1, 2? Respectively is there going to be a safe version of coldboot ehich includes a backup-installer in case .xml has some problematic content?

Thanks in advance,
Edizius

Cyan · Dec 11, 2016

CBHC is by its feature working like priiloader.

You have a hidden homebrew at boot located before the system menu.
It can boot system menu with patches (signpatch, region free, etc.), or autoboot something else (path on SD)

Priiloader "banner brick protection" is working because the console is always auto-booting the system menu titleID.
here, it's autobooting any titleID, and it's set to an installed title that the user have access and could delete, move, corrupt, etc. and is dependent on a config file which itself could be corrupted (wrong data or format)

CBHC has the same brick protection than priiloader : bypassing system menu at boot to access homebrew launcher.
The issue on the WiiU is that it can "brick" before that step. on wii, the step before priiloader was boot2 (launching bootmii, the real brick protection written at NAND sector 0), so I guess it will require boot0 key on WiiU to be able to do anything before system.xml

retrofan_k · Dec 11, 2016

If you don't read and are an idiot and like to mess with stuff, even though instructions are given clearly enough, then suffer the consequences.

To your question, it's only early days, so who knows what will happen in the next 12 months.

Sephirosu · Dec 11, 2016

retrofan_k said:
To your question, it's only early days, so who knows what will happen in the next 12 months.

Hopefully people won't lose interest once the switch is out.

Jayro · Dec 11, 2016

Sephirosu said:
Hopefully people won't lose interest once the switch is out.

The Wii U is a powerful machine for Homebrewing, so it would be a real shame if it didn't get any love.

Edizius · Dec 11, 2016

Cyan said:
CBHC is by its feature working like priiloader.

You have a hidden homebrew at boot located before the system menu.
It can boot system menu with patches (signpatch, region free, etc.), or autoboot something else (path on SD)

Priiloader "banner brick protection" is working because the console is always auto-booting the system menu titleID.
here, it's autobooting any titleID, and it's set to an installed title that the user have access and could delete, move, corrupt, etc. and is dependent on a config file which itself could be corrupted (wrong data or format)

CBHC has the same brick protection than priiloader : bypassing system menu at boot to access homebrew launcher.
The issue on the WiiU is that it can "brick" before that step. on wii, the step before priiloader was boot2 (launching bootmii, the real brick protection written at NAND sector 0), so I guess it will require boot0 key on WiiU to be able to do anything before system.xml

Ok, so if i understood correctly it is a save and a uninstallable "security system" (as long as the modified DS VC game is not uninstalled or moved), as it is first thing launched. So if it would support e.g. boot original system.xml (or an xml from sd card) if you hold any button, and otherwise use the modified xml there would not be any risk at all?
Isn't it possible to put the haxchi file somewhere in the system storage where you do not have the possibillity to see the file in home menu and therefore avoid the possibillity that someone moves/deletes/messes around with the application?
Sorry for the dumb questions, i only want to avoid that someone bricks my wii u by fault.

Cyan · Dec 11, 2016

you can't put haxchi somewhere else, as it's based on a vulnerability of DS vc games.
for VC games, the executable is located in the game's /code/ folder (this is the emulator), and the ROM is located in the game's /content/ folder.
Only the executable is signature checked, not the content, so haxchi is a method which edit the ROM (doesn't need to be good signed) to add execution code used to patch the system menu, remove signature patch, etc.

you need an executable file, and the only place which is not signature checked is currently in a VC game.

boot -> system.xml -> TitleID to autoboot -> DS VC game -> haxchi code located in the DS ROM -> (re)load system with signature check patched.

I don't know if the WiiU works the same way as the Wii, but on wii channels could be hidden (the executable and data only, without any animated banner displayed on the system menu)
But if it's possible on WiiU, it would require a custom channel, which will not be signed, and therefore will not be launchable at console boot without signpatch.

Edizius · Dec 11, 2016

Cyan said:
you can't put haxchi somewhere else, as it's based on a vulnerability of DS vc games.
for VC games, the executable is located in the game's /code/ folder (this is the emulator), and the ROM is located in the game's /content/ folder.
Only the executable is signature checked, not the content, so haxchi is a method which edit the ROM (doesn't need to be good signed) to add execution code used to patch the system menu, remove signature patch, etc.

you need an executable file, and the only place which is not signature checked is currently in a VC game.

boot -> system.xml -> TitleID to autoboot -> DS VC game -> haxchi code located in the DS ROM -> (re)load system with signature check patched.

I don't know if the WiiU works the same way as the Wii, but on wii channels could be hidden (the executable and data only, without any animated banner displayed on the system menu)
But if it's possible on WiiU, it would require a custom channel, which will not be signed, and therefore will not be launchable at console boot without signpatch.

Ok, thanks. I think i got it. And it seems as moving the game into an folder and/or to an other screen does not brick the wii u. And uninstalling my apps/ move them to usb is hopefully nobody going to do :-)

Cyan · Dec 11, 2016

moving into a folder shouldn't be an issue, even if someone reported bricking his console by doing it.
but the folder created on the WiiU menu is not a real folder, it's more a flag. the DS VC game is still on the same place on the NAND, we don't know yet why it bricked his console.

To stay safe, just follow fix94 instruction : never touch your DS vc game after haxchi install. (except launching it, you can do that without issue)
if you don't want it visible, put it in a folder before installing haxchi/CBHC.

Jayro · Dec 12, 2016

I have my Wii U ask me for the password on my profile before anyone can use it. I like it that way, so people don't mess with my stuff, moving things around. Nobody (Girlfriend and step-daughter) messes with anything except for playing games, and when I tell them not to mess with anything in a certain folder, they listen.

Dvdxploitr · Dec 12, 2016

Sephirosu said:
Hopefully people won't lose interest once the switch is out.

People are still making home-brew for Atari 2600...so I don't think there will be a loss of interest any time soon...

Hacking Is there going to ba a PriiULoader soon(tm)?

Well-Known Member

GBATemp's lurking knight

Well-Known Member

Well-Known Member

MediCat USB Dev

Well-Known Member

GBATemp's lurking knight

Well-Known Member

GBATemp's lurking knight

MediCat USB Dev

Well-Known Member

Similar threads

Popular threads in this forum