Offsets and Editing

Discussion in 'Wii - Hacking' started by illinialex24, Sep 29, 2009.

Sep 29, 2009

Offsets and Editing by illinialex24 at 7:45 PM (4,326 Views / 0 Likes) 54 replies

  1. illinialex24
    OP

    Member illinialex24 GBAtemp Advanced Fan

    Joined:
    May 26, 2009
    Messages:
    968
    Location:
    The Midwest
    Country:
    United States
    offset=0x813345A0
    value=0x60000000


    This will be quite useful.

    I currently am trying to fix Wii System Menu wad 4.2U. Obviously, I have no idea.
     


  2. SifJar

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    That's a preloader hack. To actually apply it to the WAD, upack it, decrypt the contents, open 00000008.app in a HEX editor, go to 0x813345A0-0x8132FAE0, and change the value of it and the next 4 bytes (i.e. next 4 boxes) to 60000000. Then reencrypt the contents and repack the WAD. If you dont understand what I mean, sorry. Wait for someone else to make a patcher or something.
     
  3. illinialex24
    OP

    Member illinialex24 GBAtemp Advanced Fan

    Joined:
    May 26, 2009
    Messages:
    968
    Location:
    The Midwest
    Country:
    United States
    I understand, thanks. I'm used to an NUS Downloader, thanks [​IMG]
     
  4. illinialex24
    OP

    Member illinialex24 GBAtemp Advanced Fan

    Joined:
    May 26, 2009
    Messages:
    968
    Location:
    The Midwest
    Country:
    United States
    Except 1 issue. There is no 00000008.app or whatever, there are many things like this:

    00000087

    But no 0's then an 8.
     
  5. SifJar

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    did you tick decrypt?
     
  6. illinialex24
    OP

    Member illinialex24 GBAtemp Advanced Fan

    Joined:
    May 26, 2009
    Messages:
    968
    Location:
    The Midwest
    Country:
    United States
    For some reason it doesn't find key.bin but I got it. Sorry, I understand your instructions but yeah, I don't have a decrypt option for some reason. I'll read on it, don't answer it yet. I don't wanna be spoonfed.
     
  7. SifJar

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    sure the key.bin is correct? did you paste in the common key in notepad or something? if so, open key.bin in a hex editor, delete everything, and paste in the common key as hex.
     
  8. illinialex24
    OP

    Member illinialex24 GBAtemp Advanced Fan

    Joined:
    May 26, 2009
    Messages:
    968
    Location:
    The Midwest
    Country:
    United States
    Yeah I named it improperly before. Got it, thanks. Ok I'll edit this and test it out thanks [​IMG].
     
  9. SifJar

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    out of curiosity, how do you intend to rencrypt it? if you dont know, i have an idea which may work.
     
  10. illinialex24
    OP

    Member illinialex24 GBAtemp Advanced Fan

    Joined:
    May 26, 2009
    Messages:
    968
    Location:
    The Midwest
    Country:
    United States
    Can I hear your idea??
     
  11. SifJar

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    Redownload the System Menu with NUSD when you've edited 00000008.app and tick the trucha box this time (you need to click on the loading bar to make the tick box appear). Then once it has downloaded, click to edit the files in it, then click to add a file, and add your edited 00000008.app file. It should encrypt it for you. Then click finished, and it should be ready. You may then need to use a wad packer to make it a wad, or NUSD may do that for you, not sure.
     
  12. illinialex24
    OP

    Member illinialex24 GBAtemp Advanced Fan

    Joined:
    May 26, 2009
    Messages:
    968
    Location:
    The Midwest
    Country:
    United States
    Good idea, one issue.

    Here are the app files I got:

    0000000a.app
    0000000b.app
    0000000c.app
    0000005a.app
    00000009.app
    00000059.app
    00000086.app
    00000087.app
    00000088.app

    The sizes are all above 100 kb except for the 5a, 59 and 86 .app files.
     
  13. SifJar

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    hmm, what region is that? i downloaded pal and got different ones...no matter. open them all in a hex editor in turn, and find the one more than 100kb which doesnt start have U8 at the start. Thats the one you want.
     
  14. illinialex24
    OP

    Member illinialex24 GBAtemp Advanced Fan

    Joined:
    May 26, 2009
    Messages:
    968
    Location:
    The Midwest
    Country:
    United States
    Ok cool thanks [​IMG]
     
  15. SifJar

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    I tried it myself, and I couldnt get NUSD to renencrypt the .app file. It kept telling me the file already existed in the title, even when I deleted it. You may have to use an encryption program and a wadpacker.
     
  16. s3phir0th115

    Member s3phir0th115 GBAtemp Advanced Fan

    Joined:
    Dec 31, 2008
    Messages:
    700
    Country:
    United States
    If I can find a decryptor and encryptor for this, I'll start right on with this. With the editing done properly, this is safer than the method I was thinking of.
     
  17. SifJar

    Member SifJar Not a pirate

    Joined:
    Apr 4, 2009
    Messages:
    6,022
    Country:
    United Kingdom
    what was that method? i'm curious now [​IMG]
     
  18. illinialex24
    OP

    Member illinialex24 GBAtemp Advanced Fan

    Joined:
    May 26, 2009
    Messages:
    968
    Location:
    The Midwest
    Country:
    United States
    Ok, I got homework so I might do this later.
     
  19. s3phir0th115

    Member s3phir0th115 GBAtemp Advanced Fan

    Joined:
    Dec 31, 2008
    Messages:
    700
    Country:
    United States
    My idea was to:

    1. Use NUSD to create a System Menu 4.2 wad.
    2. Use a tool to install a trucha patched IOS70.
    3. Install System Menu 4.2 with wad manager, and hope to God it goes back to the homebrew channel when it's done.
    4. Run the preloader installer (when .30 is available as one.) And make DAMN sure you have a hacks.ini to stop 4.2 from deleting your homebrew.
    5. Then boot up and hope everything worked.

    Of course, directly patching the System Menu wad would avoid requiring preloader. But, then there is the risk of brickage if you mess it up.
     
  20. WiiCrazy

    Member WiiCrazy Be water my friend!

    Joined:
    May 8, 2008
    Messages:
    2,391
    Location:
    Istanbul
    Country:
    Turkey
    for anyone interested..

    [​IMG]
     

Share This Page