Offsets and Editing

Discussion in 'Wii - Hacking' started by illinialex24, Sep 29, 2009.

  1. illinialex24
    OP

    illinialex24 GBAtemp Advanced Fan

    Member
    968
    0
    May 26, 2009
    United States
    The Midwest
    offset=0x813345A0
    value=0x60000000


    This will be quite useful.

    I currently am trying to fix Wii System Menu wad 4.2U. Obviously, I have no idea.
     


  2. SifJar

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    That's a preloader hack. To actually apply it to the WAD, upack it, decrypt the contents, open 00000008.app in a HEX editor, go to 0x813345A0-0x8132FAE0, and change the value of it and the next 4 bytes (i.e. next 4 boxes) to 60000000. Then reencrypt the contents and repack the WAD. If you dont understand what I mean, sorry. Wait for someone else to make a patcher or something.
     
  3. illinialex24
    OP

    illinialex24 GBAtemp Advanced Fan

    Member
    968
    0
    May 26, 2009
    United States
    The Midwest
    I understand, thanks. I'm used to an NUS Downloader, thanks [​IMG]
     
  4. illinialex24
    OP

    illinialex24 GBAtemp Advanced Fan

    Member
    968
    0
    May 26, 2009
    United States
    The Midwest
    Except 1 issue. There is no 00000008.app or whatever, there are many things like this:

    00000087

    But no 0's then an 8.
     
  5. SifJar

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    did you tick decrypt?
     
  6. illinialex24
    OP

    illinialex24 GBAtemp Advanced Fan

    Member
    968
    0
    May 26, 2009
    United States
    The Midwest
    For some reason it doesn't find key.bin but I got it. Sorry, I understand your instructions but yeah, I don't have a decrypt option for some reason. I'll read on it, don't answer it yet. I don't wanna be spoonfed.
     
  7. SifJar

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    sure the key.bin is correct? did you paste in the common key in notepad or something? if so, open key.bin in a hex editor, delete everything, and paste in the common key as hex.
     
  8. illinialex24
    OP

    illinialex24 GBAtemp Advanced Fan

    Member
    968
    0
    May 26, 2009
    United States
    The Midwest
    Yeah I named it improperly before. Got it, thanks. Ok I'll edit this and test it out thanks [​IMG].
     
  9. SifJar

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    out of curiosity, how do you intend to rencrypt it? if you dont know, i have an idea which may work.
     
  10. illinialex24
    OP

    illinialex24 GBAtemp Advanced Fan

    Member
    968
    0
    May 26, 2009
    United States
    The Midwest
    Can I hear your idea??
     
  11. SifJar

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    Redownload the System Menu with NUSD when you've edited 00000008.app and tick the trucha box this time (you need to click on the loading bar to make the tick box appear). Then once it has downloaded, click to edit the files in it, then click to add a file, and add your edited 00000008.app file. It should encrypt it for you. Then click finished, and it should be ready. You may then need to use a wad packer to make it a wad, or NUSD may do that for you, not sure.
     
  12. illinialex24
    OP

    illinialex24 GBAtemp Advanced Fan

    Member
    968
    0
    May 26, 2009
    United States
    The Midwest
    Good idea, one issue.

    Here are the app files I got:

    0000000a.app
    0000000b.app
    0000000c.app
    0000005a.app
    00000009.app
    00000059.app
    00000086.app
    00000087.app
    00000088.app

    The sizes are all above 100 kb except for the 5a, 59 and 86 .app files.
     
  13. SifJar

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    hmm, what region is that? i downloaded pal and got different ones...no matter. open them all in a hex editor in turn, and find the one more than 100kb which doesnt start have U8 at the start. Thats the one you want.
     
  14. illinialex24
    OP

    illinialex24 GBAtemp Advanced Fan

    Member
    968
    0
    May 26, 2009
    United States
    The Midwest
    Ok cool thanks [​IMG]
     
  15. SifJar

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    I tried it myself, and I couldnt get NUSD to renencrypt the .app file. It kept telling me the file already existed in the title, even when I deleted it. You may have to use an encryption program and a wadpacker.
     
  16. s3phir0th115

    s3phir0th115 GBAtemp Advanced Fan

    Member
    714
    6
    Dec 31, 2008
    United States
    If I can find a decryptor and encryptor for this, I'll start right on with this. With the editing done properly, this is safer than the method I was thinking of.
     
  17. SifJar

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    what was that method? i'm curious now [​IMG]
     
  18. illinialex24
    OP

    illinialex24 GBAtemp Advanced Fan

    Member
    968
    0
    May 26, 2009
    United States
    The Midwest
    Ok, I got homework so I might do this later.
     
  19. s3phir0th115

    s3phir0th115 GBAtemp Advanced Fan

    Member
    714
    6
    Dec 31, 2008
    United States
    My idea was to:

    1. Use NUSD to create a System Menu 4.2 wad.
    2. Use a tool to install a trucha patched IOS70.
    3. Install System Menu 4.2 with wad manager, and hope to God it goes back to the homebrew channel when it's done.
    4. Run the preloader installer (when .30 is available as one.) And make DAMN sure you have a hacks.ini to stop 4.2 from deleting your homebrew.
    5. Then boot up and hope everything worked.

    Of course, directly patching the System Menu wad would avoid requiring preloader. But, then there is the risk of brickage if you mess it up.
     
  20. WiiCrazy

    WiiCrazy Be water my friend!

    Member
    2,391
    1
    May 8, 2008
    Istanbul
    for anyone interested..

    [​IMG]