Hacking Offsets and Editing

[SifJar]

for anyone interested..

So changing those would "fix" it? Say if we changed each of those bytes to FF?

 

[WiiCrazy]

So changing those would "fix" it? Say if we changed each of those bytes to FF?

Well dunno, I don't have time to test it... but I'm pretty much sure (through guessing of course) it's part of the code that removes hbc & dvdx...

There is only one occurence of XX in the new system menu dol, and it's there in the place I posted.

 

[Deleted-171178]

Somebody should edit them to remove the weather and news channels, lol.

 

[SifJar]

So changing those would "fix" it? Say if we changed each of those bytes to FF?

Well dunno, I don't have time to test it... but I'm pretty much sure (through guessing of course) it's part of the code that removes hbc & dvdx...

There is only one occurence of XX in the new system menu dol, and it's there in the place I posted.

well, there is exactly the same stuff between DV and DX as there is between HA and XX, so I'd guess you're right. Which file is that from the system menu, the one which isnt U8?

 

[s3phir0th115]

So changing those would "fix" it? Say if we changed each of those bytes to FF?

Well dunno, I don't have time to test it... but I'm pretty much sure (through guessing of course) it's part of the code that removes hbc & dvdx...

There is only one occurence of XX in the new system menu dol, and it's there in the place I posted.

well, there is exactly the same stuff between DV and DX as there is between HA and XX, so I'd guess you're right. Which file is that from the system menu, the one which isnt U8?

It's the one you thought, 00000008.app.

I found that exact thing in mine. Although I'm not sure how to deal with offsets like that....

 

[WiiCrazy]

title id (HAXX) is not completely contigous because each 32 bit ppc instruction can only load 16 bit value.. so it takes more than one even two instructions to load the HAXX into a register.

 

[ften]

This is how I directly modified the 4.2 system file to disable the Issue with HBC and DVDX.
http://gbatemp.net/index.php?showtopic=182...t&p=2290717

-FTen

 

[mdp_1992]

I'm sorry but I don't understand.
This is what I got also:
0000000a.app
0000000b.app
0000000c.app
0000005a.app
00000009.app
00000059.app
00000086.app
00000087.app
00000088.app

But no 0000008.app
So what do I do know?

 

[zektor]

This is how I directly modified the 4.2 system file to disable the Issue with HBC and DVDX.
http://gbatemp.net/index.php?showtopic=182...t&p=2290717

-FTen

And I thank you for the tip. I can confirm it works perfectly on v4.2U. Running it now and everything works as expected

 

[Mr_Boo_Berry]

I'm sorry but I don't understand.
This is what I got also:
0000000a.app
0000000b.app
0000000c.app
0000005a.app
00000009.app
00000059.app
00000086.app
00000087.app
00000088.app

But no 0000008.app
So what do I do know?

Ditto.

 

[xzxero]

I'm sorry but I don't understand.
This is what I got also:
0000000a.app
0000000b.app
0000000c.app
0000005a.app
00000009.app
00000059.app
00000086.app
00000087.app
00000088.app

But no 0000008.app
So what do I do know?

Ditto.

its because your getting the korean one instead.

notice how when i click on my system menu region

the version number doesnt show up here

so just enter in your version number and start the dl

 

[illinialex24]

Nah the US version doesnt have 00000008.app or whatever, you want the 88.app

 

[Mr_Boo_Berry]

Yeah, got it with 00000088.app with the US-NTSC v181

Before:

After:

 

[mdp_1992]

I'm sorry but I don't understand.
This is what I got also:
0000000a.app
0000000b.app
0000000c.app
0000005a.app
00000009.app
00000059.app
00000086.app
00000087.app
00000088.app

But no 0000008.app
So what do I do know?

Ditto.

its because your getting the korean one instead.

notice how when i click on my system menu region

the version number doesnt show up here

so just enter in your version number and start the dl

King of Chaos is right. And we don't even have v.481 in the system menu region :S

 

[illinialex24]

Trust me it isn't. I used the packed wad which I also decrypted installed on my Wii. Its NTSC-U. Ok, now trust me on this. We're doing the right one.

 

[xzxero]

Still no go. And I know for a fact it isn't downloading the Korean one.

Here's a screenshot...

And here's the contents of the log...

 --- System Menu ---

The System Menu is a critical part of the Wii boot sequence, and failure to install a proper WAD, failure to install its corresponding IOS module, and many other factors can cause a brick. The only safe way to mess with the System Menu is with BootMii boot2 installed.
Starting NUS Download. Please be patient!
Grabbing tmd.481...
Grabbing cetk...
Key Type: Standard
Title Key: 33C5C117AE51C17682FF9F1C85F8D20A
Requires: IOS70
Content #: 9
Total Size: 22155850 bytes
Grabbing 00000086... (64 bytes)
ÂÂ- Decrypted: 00000086.app
ÂÂ- Hash Check: Pass
Grabbing 00000087... (6397735 bytes)
ÂÂ- Decrypted: 00000087.app
ÂÂ- Hash Check: Pass
Grabbing 00000009... (4559887 bytes)
ÂÂ- Decrypted: 00000009.app
ÂÂ- Hash Check: Pass
Grabbing 0000000a... (2669044 bytes)
ÂÂ- Decrypted: 0000000a.app
ÂÂ- Hash Check: Pass
Grabbing 0000000b... (686468 bytes)
ÂÂ- Decrypted: 0000000b.app
ÂÂ- Hash Check: Pass
Grabbing 0000000c... (3649020 bytes)
ÂÂ- Decrypted: 0000000c.app
ÂÂ- Hash Check: Pass
Grabbing 00000059... (272512 bytes)
ÂÂ- Decrypted: 00000059.app
ÂÂ- Hash Check: Pass
Grabbing 0000005a... (53216 bytes)
ÂÂ- Decrypted: 0000005a.app
ÂÂ- Hash Check: Pass
Grabbing 00000088... (3867904 bytes)
ÂÂ- Decrypted: 00000088.app
ÂÂ- Hash Check: Pass

i packed the wad with NUSD and used WAD unpacker.bat and got the 00000008.app file and hex edited it and it works fine with me.

 

[mdp_1992]

Then what do we do?

 

[Mr_Boo_Berry]

Yeah, you need 00000088.app for this.

 

[mdp_1992]

Yeah, you need 00000088.app for this.

Did you try it?

 

[Mr_Boo_Berry]

I've made the modification, yes. Still need to make a WAD out of it.

EDIT: What's the best way to re-encrypt this and make a WAD out of it? NUSD is giving me grief!