KongsNutz IOS information thread.

Discussion in 'Wii - Hacking' started by kongsnutz, Apr 3, 2009.

Apr 3, 2009
  1. kongsnutz
    OP

    Member kongsnutz QuickTimeEvent

    Joined:
    Jul 19, 2008
    Messages:
    1,447
    Country:
    Australia
    Hello,

    I started this thread in hope to shed some light on the IOS files that people
    keep asking about in hope that after this thread the questions like
    "I thought CIOS and IOS36 are the same thing!" will be eradicated.

    (I recommend that you do not install soft-mods before reading this)

    So IOS Breakdown:

    CIOS rev7, rev8 and rev9 = a modified IOS36 that installs to your system as IOS249.
    (this allows the playing of backup discs)(installing any revision of CIOS will overwrite an old one)

    IOS36-64-1042 = an original IOS36 from system firmware 3.2 that allows unsigned code to run.
    (system menu 3.2 doesn't run from IOS36 but this file that is used by all loaders and installers is from 3.2)

    IOS60 Trucha patched = an IOS60 file from menu 4.0 that has been modified to run unsigned code.
    (allows the running of VC/Wiiware games and Custom Channels from SD card on 4.0)

    IOS37 Trucha patched = a modified IOS37 that installs as either 248 or 232 on your system.
    (mainly used to run guitar hero and rockband under softchip and backuplauncher, the game needs to be patched to use either 248 or 232)(thanks Arek1985)

    IOS222 = kwiirks's modified IOS36 that installs on your system as IOS222 to use his USB2.0 features and run games from USB HDD(rev9 CIOS does the same)
    (this is only required when installing USB2.0 for other apps or making Homebrew Channel loaders for individual games using wbfs tools)

    I will add more if need be!

    NOTE: These are mainly for soft-modding the Wii and aren't ones that are required for NEW or retail games. (only CIOS is required to run backups)
     


  2. icebrg5

    Member icebrg5 GBAtemp Addict

    Joined:
    Apr 1, 2007
    Messages:
    2,326
    Country:
    United States
    This should be sticky thread and in bold lettering
     
  3. BlackEnigma

    Member BlackEnigma GBAtemp Fan

    Joined:
    Mar 1, 2009
    Messages:
    342
    Country:
    United States
    Interesting. Is there a reason why those who want to modify an IOS choose IOS36?
     
  4. Arek1985

    Newcomer Arek1985 Advanced Member

    Joined:
    May 12, 2008
    Messages:
    85
    Country:
    United States
    The only Custom IOS I beleive Kong has neglected is CiOS 37, which is typically installed as 248 or 232 for Rock Band instrument support through soft chip. I know it's not as important as the other CIOS's but it still maybe asked about.

    IOS36 from my understanding was the IOS 3.2 system men ran off of, so if anyone wanted to modify the IOS the system ran off of they could. Also CIOS36 is the basis for most of the soft mods that allow the backups to load from the disc channel use.

    The real reason only waninkoko knows why IOS36 is used. (or other knowledgeable hackers)
     
  5. BlackEnigma

    Member BlackEnigma GBAtemp Fan

    Joined:
    Mar 1, 2009
    Messages:
    342
    Country:
    United States
    I see, and thanks.

    [​IMG]

    I didn't even know there was such a thing as IOS when I had 3.2

    Ever since having the homebrew channel I did wonder why it specifically said which version of IOS36 you had under the homebrew channel version.

    I had always seen version 12.18 until downgrading the IOSes and then it was v4.18

    But that's just me, I'm curious about everything.
     
  6. kongsnutz
    OP

    Member kongsnutz QuickTimeEvent

    Joined:
    Jul 19, 2008
    Messages:
    1,447
    Country:
    Australia
    Thanks Arek1985 for the IOS37 info (i never played rockband or guitar hero)

    added to list.


    BlackEnigma -

    Homebrew Channel displays what IOS36 you have installed on your system and doesn't display CIOS at all. so the lower the better [​IMG]
     
  7. etrigan

    Newcomer etrigan Member

    Joined:
    Feb 17, 2008
    Messages:
    27
    Country:
    United States
    Thank you. This is exactly what I needed. Here's another vote for this to be a sticky.
     
  8. deshwasi

    Member deshwasi GBAtemp Regular

    Joined:
    Dec 20, 2007
    Messages:
    114
    Country:
    United States
    i second this. very clear and concise.
     
  9. Bloodlust

    Member Bloodlust GBAtemp Maniac

    Joined:
    May 25, 2006
    Messages:
    1,054
    Country:
    Hong Kong
    If this guide came out before your system 4.0 guide. There won't be so many helpless souls now.. IMO, releasing this now has no or little significance. [​IMG]
     
  10. ether2802

    Former Staff ether2802 we have the techno...!!

    Joined:
    Oct 14, 2007
    Messages:
    4,350
    Location:
    Pto. Vallarta
    Country:
    Mexico
    Yes rev9 does the same, with the tinny exception that it gets installed as IOS249...!!! [​IMG]
     
  11. BlindDude

    Member BlindDude GBAtemp Fan

    Joined:
    Dec 31, 2008
    Messages:
    357
    Country:
    United States
    at the bottom, can you put what preloader is and does and uses?

    Just a thought.
     
  12. WiiPower

    Member WiiPower GBAtemp Guru

    Joined:
    Oct 17, 2008
    Messages:
    8,165
    Country:
    Germany
    You should add information about the rev5 cIOS, and that cios_fix is the inofficial rev5b cIOS. Well The HBC loads IOS36 for all applications, so if an application doesn't have an IOS reload, it runs at IOS36, that's why it's that important to have v1042 and not one of the newer versions installed.

    And general information about IOS would be nice, that you always have to sperate the IOS a IOS/cIOS is based on and where it is installed on your Wii. And that all IOS are installed at the same time on your Wii, but that the Wii is always running one. Every application has an IOS slot that it loads whatever IOS is there.

    PS:
    rev5: 1st backup cIOS, runs only decrypted discs, very slow(Waninkoko)
    cios_fix: a little improved rev5 cIOS made by PPC_GBA
    rev6: a lot faster than rev5, support for DL discs, doesn't support all games(Waninkoko+WiiGator)
    rev7: faster, no DL support, most SL games supported (depending on the booting method loader/disc channel)(Waninkoko+WiiGator)
    rev8: DL support, 001 and 002 error fixing, might cause problems with 001 and 002 in the disc channel(Waninkoko)
    rev9: rev8 + usb loader support(Waninkoko+Kwiirk)
    PPS:
    Calling cIOS in this name scheme would be nice : cIOS36rev9, which means in the long term: custom IOS based on IOS36, revision 9, (installed as IOS249)
     
  13. FenrirWolf

    Member FenrirWolf GBAtemp Psycho!

    Joined:
    Nov 19, 2008
    Messages:
    4,343
    Location:
    Beaverton, OR
    Country:
    United States
    Yeah, info about cIOS_fix would be nice. I've been wondering exactly what the thing is, myself.
     
  14. BenJeremy

    Newcomer BenJeremy Member

    Joined:
    Mar 31, 2009
    Messages:
    45
    Country:
    United States
    This does need to be a sticky... something headlined like "CIOS and why they are important to hard modders as well as soft modders"

    Also, I understand some of it, but honestly (and this comes from a software engineer with 25 years experience, much of it in embedded systems - and somebody who has been heavily involved in the Xbox scene, writing one of the first homebrew games and of course, the MXM menu system), I haven't seen any good explanation of the whole thing. CIO36 is IOS249? Are they patches or extensions? What is the difference between a fakesign exploit and a banner exploit - i.e. why is the CIOS the most important thing?

    I know a lot more now than I did a week ago, and I'm still fuzzy on some things. When I chipped my son's Wii a year ago, I did have a vague understanding of the significance of the Trucha bug and fake signing, but the cIOS stuff back then was too confusing and didn't seem necessary - now I'm stuck sitting in 4.0 without the USB loader, even though I have the homebrew channel and homebrew code running fine. Had somebody put together a straight forward FAQ on these subjects, I'd have better prepared myself. Part of my hesitation in using custom code comes from the Xbox 360 scene, where Live bans happen the minute Microsoft sees "custom" code.

    At any rate... thanks for the info.
     
  15. fogbank

    Member fogbank GBAtemp Fan

    Joined:
    Oct 28, 2008
    Messages:
    413
    Country:
    United States
    I would change the wording of "allows unsigned code to run".

    The older IOS versions have the "strncmp" bug that allow them to be used to add fakesigned content to the filesystem (NAND). This is not the same as running unsigned code. Realistically only the Homebrew Channel and the Twilight Hack have the ability to run unsigned code.

    Fakesigned content/titles are still signed, they are just signed with a signature that can trick the IOS into validating them and allowing them to be added to the filesystem.

    So older IOS versions with the "fakesign" bug allow fakesigned titles to be added to the filesystem.

    Please correct me if I'm wrong here [​IMG]

    I do think this is a good thread with lots of useful info in the original post...
     
  16. BlackEnigma

    Member BlackEnigma GBAtemp Fan

    Joined:
    Mar 1, 2009
    Messages:
    342
    Country:
    United States

    I like this definition right here. It took me longer than it should have to understand that IOS249 is like an address that cIOS36 gets installed at.

    Before it was like cIOS36? IOS249? do I have to have both of those?
    or, hmm I think I installed it but I have no idea where it went... how can I know if I have it?

    I've gone from hearing that wads are "bad and dangerous" and you should never install them to actually understanding why they can be dangerous but still aren't something to avoid completely if I know the risks involved. Wads are kind of dangerous in the same way that fire is dangerous but still very useful. I can't be scared of fire if I want to harness its power.

    And I guess a brick can be likened to burning yourself while using a flamethrower.

    The last few weeks have made everything a whole lot clearer.
     
  17. fogbank

    Member fogbank GBAtemp Fan

    Joined:
    Oct 28, 2008
    Messages:
    413
    Country:
    United States
    Great questions. I'll take a stab:

    CIOS36 is not really IOS249 per se. The Wii has IOS "slots" in which IOS'es can be installed. They are numbered from 0 to 254. Only the lower slots (61 and below) are currently used by legitimate Wii IOS'es. The rest are unused.

    cIOS36 is a customized version of the legitimate Wii IOS version 36. Technically it could be installed into any unusued IOS slot, but it is most commonly installed into slot # 249. That then becomes IOS249.

    The fakesign exploit came about when it was discovered that the Wii developers used a flawed version of the C string compare function (strncmp) to check the validity of content signatures. The function would check each character of the signature string until it reached the end of the string or until it reached a null byte. I think the issue here is that it did not check the length of the signature string to begin with. If you create a signature string with a null byte early in the string, the mathematical odds of it being seen as valid are much greater, since there are far fewer characters to compare (the strncmp function stops at the first null byte).

    START SPECULATION
    The banner exploit is new to the Wii and has not been publicly released yet. In general a banner exploit would be similar to other exploits on other systems where there is a flaw in processing graphic images (think TIFF exploit on PSP, BMP or PNG exploits on Windows, etc...). The exploit would likely involve an unchecked buffer and employ a stack or heap corruption method.
    END SPECULATION

    cIOS is important to softmodders because later versions included code to access DVD content from the Wii's optical drive. This allows the cIOS to be used to read burned games as DVD's. Additional PPC code (i.e. a "loader") is then used to tell the system to load the game from the DVD.

    Whew...

    Most of this I believe to be accurate, but there are always those who know it better [​IMG]
     
  18. gunslinger

    Newcomer gunslinger Advanced Member

    Joined:
    Apr 3, 2009
    Messages:
    53
    Country:
    United States
    So what's the difference between IOS222 and IOS202? For YAL Binary Channel Loading I had read you will need the .dol out of cios_usb2_usbloader.tar.bz2 installed... But isn't it the same as I install cIOS36-rev09 (what I already done)?
     
  19. Bloodlust

    Member Bloodlust GBAtemp Maniac

    Joined:
    May 25, 2006
    Messages:
    1,054
    Country:
    Hong Kong
    IOS36-64-1042 = an original IOS36 from system firmware 3.2 that allows unsigned code to run.
    (system menu 3.2 doesn't run from IOS36 but this file that is used by all loaders and installers is from 3.2)

    -----------------

    Do you mean IOS36-64-(v)1042? Or is there really a IOS36-64-1042 wad ??
     
  20. kongsnutz
    OP

    Member kongsnutz QuickTimeEvent

    Joined:
    Jul 19, 2008
    Messages:
    1,447
    Country:
    Australia
    1042 is the version......so yes v1042..........
     

Share This Page