Wii Exploit found in Zelda.

Discussion in 'User Submitted News' started by Edgedancer, Jan 27, 2008.

Jan 27, 2008

Wii Exploit found in Zelda. by Edgedancer at 8:01 AM (7,510 Views / 0 Likes) 34 replies

  1. Edgedancer
    OP

    Member Edgedancer Director of Moon based operations

    Joined:
    Oct 2, 2006
    Messages:
    2,641
    Location:
    Canberra
    Country:
    Australia
    Quoted from TheSkeen.com

    "Yes, that's right - an exploit for the Nintendo Wii has been discovered and it allows you to run custom code. The method is pretty simple. Copy over a save file for Zelda, load it and the code runs. Don't get too excited yet. They have only been able to run 4 lines of code, but this is in a days work.

    Segher was the one to find the exploit and Bushing has been testing it out with the aid of the USB Gecko. The process is far from simple as once you modify a save game it requires it be to signed with 3 keys. Here's some info from Bushing.

    "Once the Wii decrypts the save game, it checks its signature. Every Wii has its own private key which is used to sign save games, and when you save a game, the Wii actually saves three bits of data:

    * The encrypted save game
    * The signature for the save game (using your console's private key)
    * A copy of your console's public key, signed by Nintendo."

    Of course, the end user wouldn't have to go through this process unless they were wanting to inject their own code into the save game, but that shouldn't be necessary because when I asked Bushing what his goal was he answered:

    "Assuming we don't run into a wall, it should be able to lead to a homebrew loader. I hope. No promises. "
     

    Attached Files:



  2. Reduxed

    Member Reduxed GBAtemp Regular

    Joined:
    Jul 4, 2007
    Messages:
    221
    Location:
    Vancouver baby!!!
    Country:
    Canada
    homebrew ftw!
     
  3. FireEmblemGuy

    Member FireEmblemGuy Finally hit 1000 posts

    Joined:
    Jul 6, 2007
    Messages:
    2,271
    Location:
    Michigan, USA
    Country:
    United States
    Well, now I'm glad I didn't sell Zelda after I finished it.
     
  4. Foie

    Member Foie That one guy

    Joined:
    Jun 15, 2006
    Messages:
    867
    Location:
    Clackamas, Oregon
    Country:
    United States
    Awesome! I might be able to finally stop wasting my money on the VC... at least for the older games.
     
  5. Dylaan

    Member Dylaan GBAtemp Fan

    Joined:
    Jul 5, 2007
    Messages:
    384
    Location:
    Gold Coast, Australia
    Country:
    Australia
    Oh yeah! [​IMG] Hopefully it doesn't get patched before something good can be done. I'd love to see something tangible to play with, it's so frustrating just waiting. [​IMG]
     
  6. rhyguy

    Member rhyguy GBAtemp Maniac

    Joined:
    Jul 21, 2007
    Messages:
    1,377
    Location:
    Melbourne
    Country:
    Australia
    Which reigon is this for?
     
  7. Edgedancer
    OP

    Member Edgedancer Director of Moon based operations

    Joined:
    Oct 2, 2006
    Messages:
    2,641
    Location:
    Canberra
    Country:
    Australia
    I have no idea. This is all the information that has been given out.
     
  8. Dirtie

    Former Staff Dirtie :'D

    Joined:
    Sep 9, 2003
    Messages:
    3,705
    Location:
    Zealer
    Country:
    New Zealand
    If only the coders ever actually went into details about their findings, then I could have a play around - it wouldn't result in anything, but at least I could gain a better understanding of how these things work [​IMG]
     
  9. TaMs

    Member TaMs Randomizer

    Joined:
    Nov 15, 2006
    Messages:
    1,126
    Country:
    Finland
    hmh it's weird how long it takes to make homebrew for wii, even though it's "hacked" already. This is exploit a good add, but it really seems that no one is interested in wii. [​IMG]
     
  10. Gus122000

    Member Gus122000 GBAtemp Advanced Fan

    Joined:
    Jun 15, 2007
    Messages:
    594
    Country:
    Antarctica
    [​IMG] ZOMG I WANT IT NOWWWWWWWW!
     
  11. deufeufeu

    Member deufeufeu GBAtemp Advanced Fan

    Joined:
    Nov 21, 2005
    Messages:
    880
    Country:
    Cote d'Ivoire
    looking at the first post, the only possible way they could inject some code would have been by extracting the private key of their console, and use it to sign code. Once you have a proper save that can act as a loader, you can give it to other people like one can share a save file. The dev giving info would either require you to have dumped you wii private key, which will not be that useful considering how hard it could be to dump it, or have them give theirs, which will expose them quite directly by the fact that the private key is directly linked to a console serial number. The way the exploit work should be fairly simple, something like a uber long char name where the game store it in a finite sized buffer.
     
  12. Renegade_R

    Member Renegade_R Audio/Video Expert

    Joined:
    Apr 21, 2004
    Messages:
    1,654
    Location:
    Toronto, Ontario
    Country:
    Canada
    Same goes for the PS3...so long without an ISO loader or homebrew. Linux doesn't count.
     
  13. Scorpei

    Member Scorpei GBAtemp Maniac

    Joined:
    Aug 21, 2006
    Messages:
    1,295
    Country:
    Netherlands
    Hardly, the original hack was fairly easy to patch for the big N (afaik) thus they didn't want to release anything specific as that would plug the hole for them to search for more exploits. Patching the save (though possible, it is signed with a specific key from the console that made the save) is slightly less important as once HB runs everyone could make a similar save (could be run through your own Wii to get it encrypted and signed) so then every Wii would have to be covered/blocked. Everyone COULD make their own save once HB runs and thus this is harder to block.

    Don't quote me on this btw [​IMG]. Only written with my limited knowlidge of encryption, signing and etc. (so I could be really wrong ;p).
     
  14. Neko

    Member Neko Been a while.

    Joined:
    Dec 5, 2006
    Messages:
    799
    Location:
    #gbatemp.net
    Country:
    Germany
    It's basically the same like the GTA Hack for the PSP...

    YES!
    Finally! [​IMG]
    I hope that they will make a ISO loader , that would be soo great! [​IMG]
     
  15. Maikel Steneker

    Member Maikel Steneker M3 Fanboy

    Joined:
    May 16, 2007
    Messages:
    3,396
    Country:
    Netherlands
    If they can make a homebrew loader with this I'll buy Zelda [​IMG]
     
  16. DjoeN

    Member DjoeN Captain Haddock!

    Joined:
    Oct 21, 2005
    Messages:
    4,925
    Location:
    Somewhere in this potatoland!
    Country:
    Belgium
    If Nintendo goes the Sony way, all zelda's will be removed and replaced with an updated release so the save exploit will be closed [​IMG] (but by then it' s to late, most Wiiowners do have an original zelda game for it (don't we ??, I do!)
     
  17. [Truth]

    Member [Truth] GBAtemp Advanced Fan

    Joined:
    Mar 21, 2006
    Messages:
    765
    Location:
    Mushroom Kingdom
    Country:
    Germany
    of course many are interested in it and they are working hard on it, but most of the hb developers don´t make their proceedings public until they are working stable, like bushing and segher now do.
    [​IMG]
     
  18. Jax

    Member Jax Pip Pip Cheerioink!

    Joined:
    Jul 31, 2006
    Messages:
    4,092
    Location:
    L.A.V.
    Country:
    Portugal
    FAIL!

    That's the GC version! [​IMG]
     
  19. Twilight

    Newcomer Twilight Member

    Joined:
    Apr 28, 2006
    Messages:
    27
    Location:
    France (nord pas de calais)
    Country:
    France
    the picture is a fake.....A button is an evidence
     
  20. yuyuyup

    Member yuyuyup GBAtemp Psycho!

    Joined:
    Apr 30, 2006
    Messages:
    3,300
    Location:
    USA MTN timezone
    Country:
    United States
    This news didn't mention "without a modchip."
     

Share This Page