1. haru3173

    OP haru3173 Advanced Member
    Newcomer

    Joined:
    Feb 2, 2009
    Messages:
    59
    Country:
    United States
    I get a message from Bootmii saying Boot Can be installed in one variant” -The installed boot1 version prevents a boot2 install (-2). So I installed bootmii as IOS. Is it because of hardware or software? Can I make my wii to have vulnerable boot1 so I can install bootmii boot2? My wii is Lu35 if that helps.
     
  2. jan777

    jan777 motion control..? srsly? so 2008. 3DS is teh bombz
    Member

    Joined:
    Jan 4, 2008
    Messages:
    2,831
    Country:
    i think its hardware

    because if it was software, they would have tried to fix it first before distributing it

    maybe just wait where bootmii develops and eventually theyll be able to install it on all wiis
     
  3. frostyfrosty

    frostyfrosty GBAtemp Regular
    Member

    Joined:
    Oct 17, 2008
    Messages:
    196
    Country:
    United States
    btw its boot2 =P
     
  4. _Alex_

    _Alex_ Member
    Newcomer

    Joined:
    Feb 8, 2009
    Messages:
    24
    Country:
    Gambia, The
    boot1 is software too, but its secured with a sha-1 encryption + hash, so if it's changed and doesn't match, your wii is permantly bricked...
     
  5. Slowking

    Slowking GBAtemp Maniac
    Member

    Joined:
    Dec 31, 2006
    Messages:
    1,403
    Country:
    Germany
    It's boot1...

    Boot1 sits on a read only chip, so you can not change it and it verifys boot2. Since boot1s produced after mid 2008 don't have the signing bug in them anymore you can't fakesign boot2. It's that simple.
     
  6. haru3173

    OP haru3173 Advanced Member
    Newcomer

    Joined:
    Feb 2, 2009
    Messages:
    59
    Country:
    United States
    Does that mean there's no hope for us?
     
  7. Don Killah

    Don Killah GBAtemp Maniac
    Member

    Joined:
    Nov 21, 2002
    Messages:
    1,171
    Country:
    France
    yep, there's nothing we can do.
    basically there's 2 type of Wii:
    - those which can install as boot2 -> ultimate brick proof.
    - all the others (mines fall into this categorie [​IMG]) and install as ios -> brick proof with preloader...
     
  8. supagusti

    supagusti GBAtemp Regular
    Member

    Joined:
    Feb 2, 2008
    Messages:
    287
    Country:
    Australia
    not till the real certificates are leaked...

    edit: but maybe we can change the flash where boot1 resides. Is it a discrete chip or only part of something other - haven't found a systemboard layout yet!
     
  9. PNo4

    PNo4 GBAtemp Regular
    Member

    Joined:
    Apr 10, 2009
    Messages:
    259
    Country:
    boot1 is protected by boot0, and boot0 is inside the Hollywood Starlet.
     
  10. supagusti

    supagusti GBAtemp Regular
    Member

    Joined:
    Feb 2, 2008
    Messages:
    287
    Country:
    Australia
    That's real shit !
    Cause according to http://wiire.org/Wii/console/motherboard and the datasheet of U14 (the NAND, see http://pdf1.alldatasheet.com/datasheet-pdf...9F4G08U0A.html) there is no technical reason, why we cannot exchange boot1 to an older versions (if it really resides on the chip)
     
  11. supagusti

    supagusti GBAtemp Regular
    Member

    Joined:
    Feb 2, 2008
    Messages:
    287
    Country:
    Australia
    Ok - i've found it here: http://wiibrew.org/wiki/Boot_process
    boot1 is secured through a hash:
    As we know there are many different versions of code that produce the same hash.
    So it is indeed possible to modify the boot1 on any console out there (although it cannot be done by me ;-))
     
  12. PNo4

    PNo4 GBAtemp Regular
    Member

    Joined:
    Apr 10, 2009
    Messages:
    259
    Country:
    @supagusti

    No need to complicate the explanations, with 2-3 pages of linked information.

    boot1 is protected from alteration, by the sha-1 stored in OTP area, boot0 checks boot1 sha-1 against that sha-1 stored in the OTP area when you startup the Wii.

    Oh and for someone to find a correct boot1 alteration that works and produce the same sha-1 as the one stored in the OTP area, i don't think we'll see that before Wii 50 has come if ever [​IMG]
     
Draft saved Draft deleted
Loading...

Hide similar threads Similar threads with keywords - vulnerable, boot1,