Noob hack concept questions - using cIOS without installing it

Discussion in 'Wii - Hacking' started by stan423321, May 26, 2015.

  1. stan423321
    OP

    stan423321 Member

    Newcomer
    17
    11
    Oct 12, 2013
    Poland
    Concept.

    According to Wiibrew, if AHBPROT thingy is turned off, it is possible to patch executing IOS in real time, this suggests whatever protection IOS usually has against PPC code is off. In theory, it should be then possible to replace it using PPC code with a cIOS without actually requesting regular IOS to load it, then perhaps launch that.

    Side notes.

    While overwriting IOS with cIOS doesn't sound too hard, it would probably help to first make Starlet execute something else entirely.

    AHBPROT would probably go on again so a poorly written game trying to overwrite IOS by itself wouldn't do that. We reserve that right to ourselves.

    Patching IOS in real time sounds really cool. That said, perhaps it would be easier to create cIOS the way it's done today, just without installing, and preload it (using IOS we're about to overwrite) from SD/USB to regular PPC RAM. Or maybe not? I don't know, I'm a noob.

    Why?

    Sounds relatively safer to use, especially on vWii which is not "dead" so to say. A regular Homebrew Channel would be the only thing needed on NAND to launch backups. You could imagine an even less invasive setup, but it would require finding an IOS exploit, and HBC is considered ultra-safe.

    Also saves space on NAND. Also generally cooler.

    Why not?
    • Well for starters somebody would have to code that, but let's forget this problem for a moment.
    • Further associates HBC with piracy against wishes of creators. Since Nintendo likes to erase it anyway, and Wii is pretty much dead at the moment, that does not sound too serious.
    • Depending on the current loader implementations may be slightly slower to load.
    • ???
    The question is, are there some obvious technical problems I missed? Can't thing of anything right now, which is probably how I convinced myself it would be such a good idea in the first place.
     
  2. Cyan

    Cyan GBATemp's lurking knight

    Global Moderator
    18,739
    9,028
    Oct 27, 2002
    France
    Engine room, learning
    yes it's possible, and already exists.

    - A lot of homebrew are patching IOS on vWii to re-enable system file installation, isfs access, es access, etc.
    there's a homebrew library to patch IOS58 (libruntimeIOSpatch)

    - riivolution is patching IOS on the fly too, it's used to redirect disc access to SD card to replace files in the game in real time.
    loading patches and mods of games without installing cIOSes.