Hacking (Part of the) Wii hacking history - Summer 2008 to 2009


Penguin accelerator
Feb 13, 2015
I spent this evening collecting some early "dark side" Wii homebrew (late 3.2 to late 4.0 days) from increasingly hard to find warez-packs before my memories of those days fade completely, and thought: why not do some research and publish a writeup? :)

There will likely be some errors, so feel free to make constructive corrections!
It's also not omnicomprensive (for instance, it ignores SoftMii - the combination of a guide involving these tools, CIOSCORP, and themes - ) but that's not what I wanted to show anyway :)

I hope it will equally be educative to mid-level Wii users (to understand more of the early days, when the "us versus them with Team Twiizers against both" was at its peak), and beginners (to constructively criticize outdated guides they may find).

Please read the above link before continuing on with the main content of this post!!

Backup Launcher 0.3 gamma and CIOS 7
Developer: @waninkoko and @WiiGator
Release date: 2008-11-12

Early popular backup DVD loader.

Why it's outdated: Was not updated to keep up with later necessities and demands, such as antipiracy in games; newer Wiis do not support any disc that's not an original Wii or GC game (with even newer ones not even physically able to load a miniDVD)
Modern alternatives: d2x CIOS + NeoGamma, d2x CIOS + Priiloader + system menu IOS = 249 + force discs to use IOS249, DARKCORP; and indirectly, all forms of SD and USB backup loading.

Safe 3.3 Update
Developer: @tona
Release date: 2008-10-24?

Just one day after the first undesirable (trucha bug fixing) update, the Wii's significant modularity allowed by its title-and-IOS model was taken advantage of, resulting in guides and even dedicated tools to perform partial updates: in this app's case, of the Wii Shop Channel and its IOS.
Interestingly, the description mentions that it installs "IOS5", which normally is an IOS with no known functional version, with Wiibrew claiming that the "working, circulating versions" are titleID-changed IOS21.

Why it's outdated: The arguably final Wii update (released on 2012-11-6, to supply IOS62 used by the Wii U Transfer utility) is fully hackable (for free, too) on a stock, properly working, fully updated console: even more so if a sufficiently recent Homebrew Channel is installed before updating.

Modern alternatives: None (see above); though partial updates are still very possible by combining a NUS dowloader, a WAD installer, and some mental ability.

Wii Dumper v1.2
Developer: @waninkoko
Release date: 2008-9-13
Wii DVD to SD/USB/SDGecko/SMB ISO backup tool, using CIOS249.

Why it's outdated: Requires CIOS; no Gamecube disc support.

Modern alternatives: CleanRip or, with the correct configuration, USB loaders (for 100% dumps); USB loaders, for trimmed or even game-partition-only dumps.

Wad Manager v1.31
Developer: @waninkoko
Release date: 2008-6-4

Self explanatory... Some older and newer versions are also included

Why it's outdated: Very limited flexibility in which IOS to use for the program, no AHBPROT support, (No support the problematic RVL-CNT-01-TR wiimotes, and the Pro Controllers: but those limitations are inherent in any homebrew created before their launch... :) )

Modern alternatives: Some Yawmm Mod, Wii Mod Lite, ... can take advantage of AHBPROT for installing unsigned titles on a stock system, by automatically and temporarily adding the trucha bug to the already loaded IOS.

Developer: rOn
Release date: 2008-10-9

Frontend for, and port of, the "mplayer" GUI-less media player.

Why it's outdated: Nothing to flagrantly criticize in particular, it's just old
(It doesn't even support DVDX, AHBPROT, CIOS202, or IOS58... but more details on them elsewhere)

Modern alternatives: WiiMC... although its stability is what it is

AnyTitle Deleter 1.0
Developer: @tona
Release date: 2008-10-25*

Uninstall any non-critical title

Why it's outdated: Requires a vulnerable IOS36, no built-in title reference, tries to consider the HBC and its IOS critical titles but fails since it uses an hardcoded titleID (HAXX)

Modern alternatives: bushing's fork, Wii Mod Lite, ...

WAD Manager (IOS16 version)
Developer: ?
Release date: 2008-10-28

Waninkoko's wad manager, edited to use IOS16 instead of CIOS249
(This application was commonly distributed with a copy of IOS16 "IOS16-64-v257.wad" and of CIOS249 "cios_fix.wad")

Why it's outdated: Before 4.0 launched (with a stub IOS16 v512 bundled with it), the method of choice for installing a CIOS (and/or downgrading) involved mostly-effortlessly installing a signed, functional, and trucha-vulnerable IOS16 v257 - in the days of AHBPROT, this is a non-issue anymore (see above)

Modern alternatives: Same as the regular WAD Manager, above

IOS Downgrader v1.1 & Custom IOS Downgrader v1.2
Developer: @waninkoko
Release date: 2008-6-4

Uses CIOS to uninstall most IOS, then downloads and reinstalls older, trucha-enabled versions of them

Downloads and installs older versions of the Wii Menu.... without taking into account the (admittedly, then nonexistant) problem that the newest version of their IOSes are stubs!

Why they're outdated: For the third time, downgrading in general is not useful (beyond historical interest); but today it poses two then-nonexistant challenges: the above mentioned stubs, and the fact "LU64" Wiis (actually, those that launched with boot2 v4... a check complicated by the fact anyone who officially updated to 4.2+ had their boot2 updated) do not support most older IOS (with the then-notable exceptions of IOS16 and some IOS15) associated with 3.4 and earlier

Modern alternatives: None/Your brain

DVDX 3.4 installer
Developer: @comex

An early (and underappreciated) development in the Wii scene was the development of DVDX, a title which - once installed - allowed compatible homebrew to get direct access to the optical drive (for the intended purpose of playing movie DVDs, which clearly aren't original Wii/GC DVDs).

(After its demise, DVDX was later revealed to be nothing special by itself - it just had the direct disc access permission unlocked in its TMD, which was superseded by AHBPROT)

But in the post-trucha days, DVDX was still wanted.
Comex had written this unofficial installer using a then-novel exploit, but it contains an "antipiracy" check that would refuse installation if the Backup Launcher channel and/or SD folder were found... and then write to NAND (/shared2/yarr) to remember this, even if they were later removed!

A side effect of this installer was that IOS35 got its version number set to 0, therefore allowing its "downgrade" with another signed "higher" version!

Developer: @Aurora Wright

This tool was designed to complement the then-unclean uninstallers of Preloader/Priiloader, but can also remove the /shared2/yarr file.

Patchmii IOS Downgrader
Developer: @tona, @WB3000, @Aurora Wright

This tool exploits IOS35 "v0" to replace it with trucha-vulnerable v1040, then to install a trucha-patched IOS36 v1042 as CIOS249, and finally to (re)install, at the user's choice, many system titles (unfortunately also assuming the newest IOS60 would be functional), though not making the same blunder for IOS30 in case the user chose 3.2 instead of 4.0

NandClean and Patchmii IOS Downgrader have source included.

Why it's outdated/Modern alternatives/tldr: Early softmod for 4.0, the Hackmii Installer and AHBPROT are now much simpler (and reliable, and reduced-drama) options

This method was later replaced by Trucha Bug Restorer, which was a simpler and "LU64" friendly implementation of the same zero-version trick on IOS15: this continued to be commonly used until some after the launch of 4.2, which fixed this exploit (you could call the installation of an equal-or-higher signed version of a title, then manually edit the version in the TMD before finshing the installation, because the signature wasn't verified again!)

But TBR is already archived and open source, if you want to learn more about it :)

Its replacement was in turn the still-undocumented exploit used in the newest HackMii Installer (which contains the HBC 1.1.2), followed by the use of an AHBPROT-enabled WAD manager, or on-console CIOS builder, to install CIOS;
and most older homebrews having a modern AHBPROT replacement finally resulted in IOS patching/downgrading being unnecessary for most uses: Team Twiizer's then utopia (unfortunately often expressed through censorship of the WiiBrew wiki) ended up achieved!

(Check out this post by noobwarrior7 for a different point of view on the same period and the months immediately preceding it, including more details on IOS5, CIOS249, and DVDX! And even earlier information by @SifJar. )
Last edited by Ryccardo,


XP not matters.
Nov 8, 2018

Please excuse me for reading this list only now.
You have given yourself a lot of effort with it and invested a lot of your precious time for it.
Thank you very much.:)

It does not matter if many of them are hopelessly obsolete or no longer applicable. It is very interesting to read and understand how the Wii homebrew / hacking story has evolved.:)

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • No one is chatting at the moment.
    HiradeGirl @ HiradeGirl: cool