Hacking Need some clarification

Hikari06

Hikari06

Well-Known Member
OP
Member
Level 6
Joined
Nov 20, 2012
Messages
999
Trophies
0
XP
936
Country
Ecuador
Hello.
I hacked my Wii a long time ago but, recently, I started wondering a few things about how it works and thought you could help me.
If I understood well, Nintendo uses a combination of Asymetric encryption and hash functions in order to check if a content was approved. And this is stored in what we call certficates, right ?
So, If I can understand that exploits allow to run unsigned code, what seems obscure to me is how, for instance, the Hombrew Channel can be installed. I heard about Trucha and STM exploits but they are patched, aren't they ? So, does the Bootmii installer use another exploit ? I think it does, although its code must be obfuscated.
But that raises another question : How can wads be installed ?
I think clean dumped channels contain the right certificates, so it shouldn't be a problem, should it ?
But what about other self-made channels ? How do we manage to trick the Wii to make it think it was signed by Nintendo without the trucha bug ? Do wad installers use the same exploit as bootmii installer ?
Also, when does the signing check occur? During installation ? When the system-menu boots ? Before booting a channel ?
Thanks for your help !
 
S

smf

Well-Known Member
Member
Level 16
Joined
Feb 23, 2009
Messages
6,645
Trophies
2
XP
5,871
Country
United Kingdom
Hikari06 said:
But what about other self-made channels ? How do we manage to trick the Wii to make it think it was signed by Nintendo without the trucha bug ?
Click to expand...

Getting from just having the homebrew channel installed to having a custom IOS installed is a step that has changed many times over the course of time. At one time it involved installing an old test IOS from Nintendo that was not shipped on retail consoles, which still had the trucha bug.

Now you can use HW_AHBPROT to patch the running IOS to allow you to install anything. The last wad manager I used relied on a IOS patched to add the trucha signing bug back, but that patched IOS was installed using HW_AHBPROT. I guess backup managers could also avoid requiring CIOS by using HW_AHBPROT, but AFAIK none of them do.
 
Hikari06

Hikari06

Well-Known Member
OP
Member
Level 6
Joined
Nov 20, 2012
Messages
999
Trophies
0
XP
936
Country
Ecuador
Thank you for you reply.
So, I guess it means that the only time the signing check occurs is during installation, and we bypass it thanks to HW_AHBPROT.
But that would also mean that the system menu doesn't do it, right ?
 

Site & Scene News

Go to forum More news

Popular threads in this forum

Emulation  Snes9x unacceptable input latency

Hacking  Bricked Wii Family Edition

Hacking Tutorial Project  Wiiflow lite 5.5.4 , 10 themes in one pack 2024 - with extras

64DD on Wii?

All Channels Discussion

Astebros doesn't work on GenPlusGx

Hacking  Animal Crossing City Folk not working on any USBLoader

Feedback  Hacking The Internet Channel. "Internet Channel Deluxe" ? [WIP]

General chit-chat
Help Users
    Psionic Roshambo @ Psionic Roshambo: Also touch is better.... Well at least better than the launch DS, the lite one improved that a ton