Hacking RealWnD - Wii Mini Edition

nitr8

Well-Known Member
OP
Member
Joined
Apr 4, 2007
Messages
366
Trophies
1
Website
vermillion57.wixsite.com
XP
1,450
Country
Gambia, The
Here comes the Wii Mini NAND dumper.

R-E-A-D C-A-R-E-F-U-L-L-Y

It's straight forward: Run it from within HBC.

It dumps directly to an attached USB drive with ECC data included.

No inputs required.

In order to accomplish the dumping process, you need these prerequisites:

https://gbatemp.net/threads/simpleiospatcher-wii-mini-edition.553353/

IF you have all the above prerequisites, the app does the following:

1.) Reloads into IOS236
2.) Disables AHBPROT automatically
3.) Disables MEMPROT automatically
4.) Patches IOS for gaining access back to /dev/flash (will be patched until the console is turned off)
5.) (Ab)uses IOS and mounts /dev/flash
6.) (Ab)uses IOS and dumps to usb:/WiiFlash_n_ECC.img (encrypted NAND binary)
7.) (Ab)uses IOS and dumps to usb:/WFD_XXX_YY.img ("Error" data - which is not really neccessary)
8.) Creates LOGFILE usb:/WiiFlash.log

??? - What's missing: The NAND key. You can obtain it using @DarkMatterCore's modified version of @bushing's Xyzzy.

Have phun.

Info for the new release:

- no longer needs YOU to dump and patch the AHBPROT bit within the IOS TMD

The NEW release is right here: http://www.mediafire.com/file/a1dzg9b6ahkdj06/RealWnD_Mini.zip/file
 

Attachments

  • RealWnD_Mini.zip
    121.1 KB · Views: 259
Last edited by nitr8,

asper

Well-Known Member
Member
Joined
May 14, 2010
Messages
942
Trophies
1
XP
2,028
Country
United States
Great ! What is the average dumping time ? In my case it tooks about 30 mins. Is there a tool to automatically add the 1024 footer used in bootmii and in every Wii NAND manager software taking it from Xyzzy keys.txt ?

Anyway I manually hex-edited the dump and decrypted/loaded it with showmiiwads:
eDpB2y0.png


Thank you !
 
Last edited by asper,

DarkKnight_TJ

Member
Newcomer
Joined
Oct 22, 2019
Messages
23
Trophies
0
Age
36
XP
564
Country
Mexico
i used both attached file and mediafire link, in both apps i get AHBPROT is not disabled error and then exits. i have installed "simpleiospatcher" with no errors. any idea?. thanks!
 

DarkKnight_TJ

Member
Newcomer
Joined
Oct 22, 2019
Messages
23
Trophies
0
Age
36
XP
564
Country
Mexico
well, i had to do "simpleiospatcher" manually to patch "AHBPROT", then i was able to dump wii mini nand. Is there any nand writer available for mini?
 

DarkKnight_TJ

Member
Newcomer
Joined
Oct 22, 2019
Messages
23
Trophies
0
Age
36
XP
564
Country
Mexico
is there any way to get a "normal" dump instead of an ".ecc" one? just for testing purposes (trying to make a "full dump" using a "normal" wii dump and encrypting using wii mini keys, would be nice to have full sytem capabilities back in wii mini xD). (i own a hardware programmer)
 

tech_land

Member
Newcomer
Joined
Feb 10, 2018
Messages
17
Trophies
0
Age
44
XP
86
Country
Italy
Great ! What is the average dumping time ? In my case it tooks about 30 mins. Is there a tool to automatically add the 1024 footer used in bootmii and in every Wii NAND manager software taking it from Xyzzy keys.txt ?Anyway I manually hex-edited the dump and decrypted/loaded it with showmiiwads:
Thank you !

is there a tool? is there a guide line to edit the dump with hex editor?
 

felixsrg

Temp's Ghost
Member
Joined
Aug 20, 2008
Messages
282
Trophies
1
Location
Here and there
XP
2,243
Country
Colombia
Hi there, thank you so much for this, it is nice to have the Wii Mini's NAND available and safe.


Great ! What is the average dumping time ? In my case it tooks about 30 mins. Is there a tool to automatically add the 1024 footer used in bootmii and in every Wii NAND manager software taking it from Xyzzy keys.txt ?

Anyway I manually hex-edited the dump and decrypted/loaded it with showmiiwads:
eDpB2y0.png
Thank you !

Hi there, maybe this is a stupid question, but may I ask how you got your console specific 1024-bytes? Thanks in advance.
 

asper

Well-Known Member
Member
Joined
May 14, 2010
Messages
942
Trophies
1
XP
2,028
Country
United States
Hi there, thank you so much for this, it is nice to have the Wii Mini's NAND available and safe.




Hi there, maybe this is a stupid question, but may I ask how you got your console specific 1024-bytes? Thanks in advance.
The 1024 bytes contains the OTP dump. You can obtain it using various tools, I used the latest Xyzzxy-mod (it is able to dump directly to a file and you just can copy-past the 1024 bytes at the end of the nand image). More info here, unfortunately not in english).
 
Last edited by asper,
  • Like
Reactions: felixsrg

felixsrg

Temp's Ghost
Member
Joined
Aug 20, 2008
Messages
282
Trophies
1
Location
Here and there
XP
2,243
Country
Colombia
The 1024 bytes are the OTP dump. You can obtain it using various tools, I used the latest Xyzzxy-mod (it is able to dump directly to a file and you just can copy-past the 1024 bytes at the end of the nand image). More info here, unfortunately not in english).

I was able to create my BootMii NAND with your instructions and the website you linked, thank you very much!
 
  • Like
Reactions: asper

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • BigOnYa @ BigOnYa:
    He said he had 3 different doctors apt this week, so he prob there. Something about gerbal extraction, I don't know.
    +1
  • ZeroT21 @ ZeroT21:
    bored, guess i'll spread more democracy
  • LeoTCK @ LeoTCK:
    @K3Nv2 one more time you say such bs to @BakerMan and I'll smack you across the whole planet
  • K3Nv2 @ K3Nv2:
    Make sure you smack my booty daddy
    +1
  • LeoTCK @ LeoTCK:
    telling him that my partner is luke...does he look like someone with such big ne
    eds?
  • LeoTCK @ LeoTCK:
    do you really think I could stand living with someone like luke?
  • LeoTCK @ LeoTCK:
    I suppose luke has "special needs" but he's not my partner, did you just say that to piss me off again?
  • LeoTCK @ LeoTCK:
    besides I had bigger worries today
  • LeoTCK @ LeoTCK:
    but what do you know about that, you won't believe me anyways
  • K3Nv2 @ K3Nv2:
    @BigOnYa can answer that
  • BigOnYa @ BigOnYa:
    BigOnYa already left the chat
  • K3Nv2 @ K3Nv2:
    Biginya
  • BigOnYa @ BigOnYa:
    Auto correct got me, I'm on my tablet, i need to turn that shit off
  • K3Nv2 @ K3Nv2:
    With other tabs open you perv
  • BigOnYa @ BigOnYa:
    I'm actually in my shed, bout to cut 2-3 acres of grass, my back yard.
  • K3Nv2 @ K3Nv2:
    I use to have a guy for that thanks richard
  • BigOnYa @ BigOnYa:
    I use my tablet to stream to a bluetooth speaker when in shed. iHeartRadio, FlyNation
  • K3Nv2 @ K3Nv2:
    While the victims are being buried
  • K3Nv2 @ K3Nv2:
    Grave shovel
  • BigOnYa @ BigOnYa:
    Nuh those goto the edge of the property (maybe just on the other side of)
  • K3Nv2 @ K3Nv2:
    On the neighbors side
    +1
  • BigOnYa @ BigOnYa:
    Yup, by the weird smelly green bushy looking plants.
  • Xdqwerty @ Xdqwerty:
    Water park was quite fun
    Xdqwerty @ Xdqwerty: Water park was quite fun