Toggle sidebar

Hacking There's a software solution for decrypting games.

  • Thread starter Thread starter Twili
  • Start date Start date
  • Views Views 23,744
  • Replies Replies 117
  • Likes Likes 2
NWPlayer123 said:
No, and we probably never will be since nobody cares about developing another IOSU exploit to dump the keys needed, so unless someone decides to leak it's not happening any time soon.
Click to expand...


Well that sucks....what would it take to get people interested? Does that affect ISO file modding, i.e on-the-fly file mods like Project M (using the SD to temporarily replace files)?
 
It is a line-in rip and once a game rip is out it will be all for nil.

Also a game rip will have ALL files while I'm sure not everything will be in the music test.

But they rather care about being first than anything.
 
crediar said:
It is a line-in rip and once a game rip is out it will be all for nil.

Also a game rip will have ALL files while I'm sure not everything will be in the music test.

But they rather care about being first than anything.
Click to expand...

I agree but at the rate Wii U games are being dumped (Bayonetta 1/2 still no sign despite being released more than one month ago) it won't be before 2015 that Smash U gets dumped
 
magik said:
I have a 10 Th/s rack that I would be willing to lend for up to a month if that was enough time, don't know how massive these key are or if that is any help but I registered to say that.
Click to expand...

Go for it, man! The keys are 128-bit (16 bytes.) We need one that produces a SHA1 hash identical to this:

6a0b87fc98b306ae3366f0e0a88d0b06a2813313

If you're successful, send me a private message. ;) https://gbatemp.net/conversations/add?to=Twili
 
Don't even try, unless you're super super lucky (IE generating random hashes and hoping you get a match), bruteforcing a 128-bit hash (what this is) would take more years than exist until the inevitable heat death of the universe, even for the fastest supercomputer in the world. These algorithms are meant to be irreversible. Just wait until someone makes an IOSU exploit, ffs.
 
  • Like
Reactions: TeamScriptKiddies, WiiCube_2013 and Marionumber1
Twili said:
I saw that someone has made a tool that attempts to bruteforce the common key by comparing hashes of randomly generated bytes with the f0f hash. I feel like it would work much better if it was sequential than random; it's like the tortoise and the hare.
Click to expand...

Nonsense. This program would never even get up to searching 1% of the key space before giving up. The key is not likely to be near the beginning. It's in the middle somewhere. It'd be way easier to just drug him and get him to tell you the key. You could try threatening him with a wrench, but that is more likely to end up in jail time. Blackmail could also work.
 
  • Like
Reactions: TeamScriptKiddies, WiiCube_2013 and Kargaroc
Threaten with a wrench? How about a massive WMD, and it'd still be easier to do than it would be to bruteforce the keys successfully.

Note: I do not endorse this either.
 
  • Like
Reactions: TeamScriptKiddies
The Wii U scene is as miserable as the 3DS scene was; people who know how to do shit keeping the knowledge under a death hold. The common key for the original Wii was released voluntarily(?) less than a year after its launch. The Wii U common key could have been as well, because people have had it since December 2012. Why is it that nowadays the average person is left to kicking and screaming fruitlessly while the higher ups flash them? Why can't someone that knows the key be a hero and make an anonymous paste on Pastebin or something? It's 16 damn bytes. Just give them up.
 
  • Like
Reactions: Kargaroc
Also, there's a paste titled "Wiiu common key leak", which purports to hold the common key, but it's actually from "Nintendo 3DS private aes cia key(game cart/eshop)". I know it's not the key because of that, and because the SHA1 hash for it doesn't match f0f's.
 
This is old as dirt, but put a rubber end on the wrench that you use, so it doesn't leave marks.

The Wii U has lots of keys: its OTP is 8 times the size of the Wii OTP (1KB in 8 banks of 128 bytes, instead of a single bank of 128 bytes). Incidentally, bank 0 is the vWii bank (and all the other banks are disabled in vWii mode, so it only gets to see the keys that it needs, which are the same ones that were present on Wiis).

Espresso vWii ancast key
ce3641b2660253f5a7e789db297be2c1585b3054
Found in the Espresso's key fuses/OTP. Used to decrypt the vWii System Menu and the new NANDloader binaries (1-512 and 1-513) at load time. Disabled by the boot ROM until reset.

Espresso Wii U ancast key
2ba6f692ddbf0b3cd267e9374fa7dd849e80f8ab
Found in the Espresso's key fuses/OTP. Used to decrypt the Cafe OS kernel at load time. Disabled by the boot ROM until reset.

Wii U common key
6a0b87fc98b306ae3366f0e0a88d0b06a2813313
Found in the Starbuck's OTP. Used to decrypt the specific title key for every Wii U application (this is done at installation time for system firmware and installable titles, and at load time for disc games). Note that Cafe OS and Starbuck binaries are double-encrypted with their own ancast keys too.

vWii common key
2b30b703c6676c8124c7347b30c7972ffeae2b39
Found in the Starbuck's OTP. Used to decrypt the specific title key for vWii system updates (since the key is only needed at installation time, vWii mode doesn't actually have access to it). Note that the System Menu and NANDloaders are double-encrypted with the vWii ancast key too.

Wii U ancast key
d8b4970a7ed12e1002a0c4bf89bee171740d268b
Found in the Starbuck's OTP. Used to decrypt Starbuck binaries (Wii U IOS and cafe2wii). Unlike the Espresso keys, this one is enabled forever (except in vWii mode, of course), as the Starbuck boot0 really only runs at boot time, and Starbuck ancast binaries are simply parsed and decrypted by IOS itself when reloading.

Wii U boot1 key
Found in the Starbuck's OTP. Used by boot0 to decrypt boot1. This key, and it alone, is selectively disabled in a special clear-only OTP mask register by boot0, and is not available after boot. We don't have it yet!
 
  • Like
Reactions: TeamScriptKiddies

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew Project  Modernized YouTube for Wii U

[discussion] what game do you wanna see next?

[discussion] Paper Mario Wii U or Mario Kart 64 wii u?

Wii Games Performance on Wii U (vWii C2W Overclock) – Community Testing & Results Sharing

Gaming Homebrew Misc Project  Roséverse - a 1:1 Miiverse revival by Project Rosé!

Can the Wii u pro controller works for Wii games ?

[PRERELEASE] Sonic 3 A.I.R. (finally) Wii U

Sonic Advance 2 Wii U (another release, this time it's playable)