Hacking Priiloader 4.3U hacks

[damysteryman]

not really...

...that makes things difficult...

How did you update?

...do you have any stubs such as IOS10, IOS11, IOS20 etc. installed?

Or if your cIOS249 is not a stub, put in a disc with 4.2 update on it (if you have one that is), and since IOS249 is not stubbed, it will prompt for an update (don't accept it though), then enable the hack and see if it skips the update?

PAL games that have a stub IOS249 on them (and therefore should prompt for update if your IOS249 is still a regular working one):
Endless Ocean 2: Adventures of the Deep
Iron Man 2: The Video Game
No More Heroes 2: Desperate Struggle
Shrek Forever After

There may be others, but these are the only games I have that have a stub IOS249 on them.
Do you have any of these games?


...every other hack I have tested so far is working.

EDIT: managed to get one of my games to prompt an update. Block Disc Updates hack is working.

 

[WiiJohn]

Thats great news, I was still working on getting mine to update but no luck.
I used the 4.3E waninkoko safe update, I can toggle between my 4.1E and 4.3E with boot2 nand backup.
I'll carry on porting the 514, just for my own interest.

 

[Chrissi1993]

@damysteryman: Disc Update blocking works here with Super Mario Galaxy 2. Thx.

 

[damysteryman]

@WiiJohn:
That's good practice. You'll be able to get faster at the repetitive actions in the porting process, and you will notice how certain hacks are ported (such as "Replace Healthscreen with Backmenu").

That's how da_letter_a made his, and how I learned to port them too.

You might become good enough that you could beat everybody in the race to port hacks when the next sysmenu is released!

I just installed IOS80 and System menu 4.3E as wads via wad manager, then installed priiloader straight after, so I don't have the latest revisions of IOS installed yet. I haven't even made a NAND backup just yet! (I'd better do that...)

@Chrissi1993:
No problem!

Thanks for testing them for me.
I had to temporarily change my region settings to JAP (getting a semi-brick), then put in my Zangeki no REGINLEIV disc to get an update prompt to even test it!

UPDATE: Just finished testing all of my 4.3E hacks.
They all work!

Now to port them to 4.3U...

And a quick question to everybody:
The "Force Wifi Connection Test Failure" hack...
...does anybody use it (since there's a "Block Online Updates" hack)?

Should I even include it in my hacks.ini, or should I just not bother with it?

 

[MrDiesel]

MrDiesel, you got the location just right!
...but the value is not correct however.

Yay

Never had done this before.
But could you please explain me why the value needs to be 0x8140A4CC instead of 0x8140A498? The value of the same 4.2 hack ended with 98 as well (0x81409D98). This has to do with ASM, I guess? Trying to learn

 

[Chrissi1993]

UPDATE: Just finished testing all of my 4.3E hacks.
They all work!

The JODI unblock hack, too?

 

[damysteryman]

MrDiesel, you got the location just right!
...but the value is not correct however.

Yay

Never had done this before.
But could you please explain me why the value needs to be 0x8140A4CC instead of 0x8140A498? The value of the same 4.2 hack ended with 98 as well (0x81409D98). This has to do with ASM, I guess? Trying to learn

Well, for that particular hack, it is actually replacing what seems to be a pointer which AFAIK points to an action that the sysmenu does.

So you need to know the value of the "backmenu" pointer, then use the hack to replace the "healthscreen" pointer with the "backmenu" pointer.

As you know, 4.3E's "healthscreen" pointer is located at offset 0x3290B4. The "backmenu" pointer is located exactly 16 bytes after the "healthscreen" pointer, at 0x3290C4, as highlighted in this image:

That may be why nobody had managed to port this hack. The value is different for every sysmenu (but the location (16 bytes difference) is the same for every sysmenu I have looked at).

...I haven't tried replacing the "healthscreen" pointers with the other pointers nearby that though...
I wonder what each one does?
...maybe I'll try them later.

So, to create this hack, get the offset for the "healthscreen" pointer, and replace the value with the actual "backmenu" pointer itself, successfully replacing the healthscreen with the backmenu.

UPDATE: Just finished testing all of my 4.3E hacks.
They all work!

The JODI unblock hack, too?

Yes. The one I ported works.



And I have just found out that the last 2 offset+value patches on my "Block Disc Updates" hack are not necesary, so it should be:
CODE

[Block Disc Updates]
version=514
offset=0x8137F814,0x8137F818,0x8137F7BC,0x8137F7C0
value=0x60000000,0x60000000,0x60000000,0x60000000

(that explains why those 2 offsets were harder to port

)

 

[MrDiesel]

Thanks for your great explaination!

 

[damysteryman]

You're welcome!



UPDATE: I have just finished porting all my 4.3E hacks to 4.3U.

Now I have to test them all.

After that, I will begin porting to 4.3J.

EDIT: After testing "Replace Healthscreen with Backmenu" on 4.3U, I've found that when I ported it earlier, I screwed up the U version...
Here is the REAL "Replace Healthscreen with Backmenu" for 4.3U:

[Replace Health Screen with Backmenu]
version=513
offset=0x816588D4
value=0x8140A3D0

UPDATE2: All 4.3U hacks tested as working.
UPDATE3: hacks ported to 4.3J. ...I need a break, will test them later.

 

[guerrierodipace]

I ported it from 4.2E.

the Replace Healthscreen with Backmenu is a little different from the other hacks, since the value is different for each sysmenu.

Anyways...

I have finished porting all of the 4.2E hacks from da_letter_a's hacks.ini over to 4.3E!

I am still testing them though.
Once I finish testing them, I will start on 4.3U.

...I will not release the 4.3 hacks though until I have finished porting them to all 4 regions.

But...

Can someone on 4.3E please test this one:

[Block Disc Updates]
version=514
offset=0x8137F814,0x8137F818,0x8137F7BC,0x8137F7C0,0x8137F714,0x8137F718
value=0x60000000,0x60000000,0x60000000,0x60000000,0x60000000,0x60000000

I would, but my Wii refuses to prompt for an update even when the hack is disabled!
...or even if I don't have priiloader at all!

...so I cannot test this one.

Could someone please test this one for me?

I tried on pal console,can switch enabled/disabled but don't know if works correctly

 

[FGOD]

is there a full list of pal 4.3 hacks?

 

[Thomas83Lin]

ROM:81529BD8 88 1A 00 01ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ lbzÂÂÂÂ %r0, 1(%r26)
ROM:81529BDC 28 00 00 0AÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ cmplwiÂÂ%r0, 0xA
ROM:81529BE0 41 80 00 40ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ bltÂÂÂÂ loc_81529C20

ROM:81529C34 8B 5A 00 01ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ lbzÂÂÂÂ %r26, 1(%r26)
ROM:81529C38 FF E0 08 90ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ fmrÂÂÂÂ %fp31, %fp1
ROM:81529C3C 28 1A 00 0AÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ cmplwiÂÂ%r26, 0xA
ROM:81529C40 41 80 00 40ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂ bltÂÂÂÂ loc_81529C80

Not tested, but the patches to enable bannerbomb v2 again should be:

[Force Wifi Connection Test Failure]
version=513
offset=0x81529BE0,0x81529C40
value=0x48000040,0x48000040

This also assumes that bannerbomb v2 doesn't need to be modified in some fashion itself as well.

-somewiifun

Just tested it, Bannerbomb seems to be working fine on 4.3. Thanks, may want to edit the name of the hack though.

 

[hetfield]

wow, great to see so much progress with the hacks.
I have deep respect for you guys, i go crazy when i look at all those hexes for more than half en hour.

Just 1 question, what use is the hack for enabling bannerbomb v2?
Because to enable that in Prilloader, you first need to be able to hack a virgin fw4.3, install softmod and Priiloader.
And that is not possible yet, as far as in know.

In my opinion, if the Wii was softmodded before the update, it is easier to use indiana pwns for going back to fw4.1 (or fw4.2) and be done with it.
And when the time comes that fw4.3 can be hacked, then you don't need bannerbomb v2 for fw4.3 anymore.

Or am i missing something here?

 

[SifJar]

Hmm, I just came across this, and I was wondering if anyone could quickly update it with a load of new patches and perhaps make it write the results to SD/USB? Currently it finds (I think) the NoCopy patches, and the recovery patch, outputs the offsets of the NoCopy patches and then waits a minute and boots System Menu with recovery patch. Someone with a little knowledge of C and Wii programming should be able make it do what I suggested, and auto-generate a hacks.ini I think.

Here's the link, its by WiiCrazy: http://www.tepetaklak.com/data/crazymenunocopys.rar (source included)
I tried and failed to make it work

EDIT: Actually, someone try this please: http://www.mediafire.com/?zaei2ziyomm It should find the move disc channel patch and display the offset for it (probably minus 0x8132FAE0, but I should be able to fix that later if so), wait for a minute, then return to HBC I think. I can provide the source if necessary, but as I see no license, I don't think I need to provide it along with the download. If this works, I'll work on it a little more and add more patches.

BTW, you'll need ES_DiVerify in IOS36, and Trucha Bug. Possibly NAND permissions too, not sure. And you don't need to be on 4.3 to try it, try it on any System Menu to see if it works please

Has anyone tried this, and if so, can anyone report the result? I'm curious as to whether it works...

 

[damysteryman]

UPDATE: Just finished testing all of my 4.3E hacks.
They all work!

The JODI unblock hack, too?
Yes. The one I ported works.

UPDATE: Well, it works for me, but I gave it to another person to test, and it failed...

I tried on pal console,can switch enabled/disabled but don't know if works correctly
Ah. I have managed to test this one and it works.

is there a full list of pal 4.3 hacks?
Well, one DOES exist... but it isn't avilable on the internetz just yet.

Posts merged

QUOTE(BlackAce83 @ Jun 27 2010, 06:47 AM) Just tested it, Bannerbomb seems to be working fine on 4.3. Thanks, may want to edit the name of the hack though.

It works?!?

Nice! Maybe that will stop a certain person from whingeing about it (hopefully).

@somewiifun:
Mayb I please have permission to port this hack to all regions and include it in my hacks.ini?

QUOTE(hetfield @ Jun 27 2010, 07:20 AM)

wow, great to see so much progress with the hacks.
I have deep respect for you guys, i go crazy when i look at all those hexes for more than half en hour.

Just 1 question, what use is the hack for enabling bannerbomb v2?
Because to enable that in Prilloader, you first need to be able to hack a virgin fw4.3, install softmod and Priiloader.
And that is not possible yet, as far as in know.

In my opinion, if the Wii was softmodded before the update, it is easier to use indiana pwns for going back to fw4.1 (or fw4.2) and be done with it.
And when the time comes that fw4.3 can be hacked, then you don't need bannerbomb v2 for fw4.3 anymore.

Or am i missing something here?

For fun

And ease during hack testing. For example, if I'm testing hacks and the "prevent JODI deletion" fails, I can just load homebrew via bannerbomb, instead of having to boot my PAL indiana jones disc (which can be a bother if the "Region Free EVERYTHING" hack were to fail while I'm testing a non-PAL sysmenu).

QUOTE(SifJar @ Jun 27 2010, 07:47 AM)

Has anyone tried this, and if so, can anyone report the result? I'm curious as to whether it works...

No.. I have not.

I have been using a hex eitor to port my hacks.

 

[conanac]

UPDATE: Just finished testing all of my 4.3E hacks.
They all work!

The JODI unblock hack, too?
Yes. The one I ported works.

UPDATE: Well, it works for me, but I gave it to another person to test, and it failed...

Here is the offset porting that I use for JODI check block from SM 4.2 (only tested using SNEEK with SM 4.3U, but the version for SM 4.3E has not been tested):

CODE

[Disable JODI,HAXX,DVDX,RZDx Checks]
version=513
offset=0x813345A0
value=0x60000000

[Disable JODI,HAXX,DVDX,RZDx Checks]
version=514
offset=0x81334610
value=0x60000000

It looks like that they have the same offsets as the case for SM 4.2 (i.e. offset for SM 4.3U = offset for SM 4.2U) for this hack.

 

[damysteryman]

Yes, they are exactly the same.

That is exactly what offsets I got when I ported them.

...but for some reason, despite this, some people say that it does not work...

They work for me though...
And I am testing these on priiloader v0.5 beta 2 (r97)

...maybe the people who couldn't get it working accidentally deleted HBC before even testing the hack?

UPDATE: 4.3J hacks tested as working. Porting 4.3K hacks now...

UPDATE2: All done!:
http://gbatemp.net/t237575-4-1x-4-2x-4-3x-hacks-ini

 

[WiiJohn]

Fantastic, many thanks.

Your the HEX king.

 

[ShadowtheKitty]

Sorry I'm late guys.

You guys were struggling with "Replace Healthscreen with Backmenu", yes?

So I ported this hack first.

MrDiesel, you got the location just right!
...but the value is not correct however.

Anyways:

[Replace Health Screen with Backmenu]
version=512
offset=0x816891B4
value=0x814096BC

[Replace Health Screen with Backmenu]
version=513
offset=0x816588D4
value=0x8140A368

[Replace Health Screen with Backmenu]
version=514
offset=0x81658B94
value=0x8140A4CC

[Replace Health Screen with Backmenu]
version=518
offset=0x8162D7BC
value=0x81409890

4.3E Replace Healthscreen with Backmenu tested as working. Other regions should work too.

hi, I'm a little new to using priiloader. What exactly does this hack do? I'm guessing it removes the health screen, but I tried it on my wii (4.3U, so I put the 513 one in) and the health screen was still there.

Edit: you can ignore the quoted part, that was the first one i tried. I tried the "all in one" hacks.ini file also, and it still shows up.

 

[FIX94]

hi, I'm a little new to using priiloader. What exactly does this hack do? I'm guessing it removes the health screen, but I tried it on my wii (4.3U, so I put the 513 one in) and the health screen was still there.

Edit: you can ignore the quoted part, that was the first one i tried. I tried the "all in one" hacks.ini file also, and it still shows up.

You must start priiloader (hold down reset when turning on wii) go to system menu hacks, enable the hacks you want and save it!