Wii Exploit found in Zelda.

Discussion in 'User Submitted News' started by Edgedancer, Jan 27, 2008.

  1. Edgedancer
    OP

    Edgedancer Director of Moon based operations

    Member
    2,642
    37
    Oct 2, 2006
    Canberra
    Quoted from TheSkeen.com

    "Yes, that's right - an exploit for the Nintendo Wii has been discovered and it allows you to run custom code. The method is pretty simple. Copy over a save file for Zelda, load it and the code runs. Don't get too excited yet. They have only been able to run 4 lines of code, but this is in a days work.

    Segher was the one to find the exploit and Bushing has been testing it out with the aid of the USB Gecko. The process is far from simple as once you modify a save game it requires it be to signed with 3 keys. Here's some info from Bushing.

    "Once the Wii decrypts the save game, it checks its signature. Every Wii has its own private key which is used to sign save games, and when you save a game, the Wii actually saves three bits of data:

    * The encrypted save game
    * The signature for the save game (using your console's private key)
    * A copy of your console's public key, signed by Nintendo."

    Of course, the end user wouldn't have to go through this process unless they were wanting to inject their own code into the save game, but that shouldn't be necessary because when I asked Bushing what his goal was he answered:

    "Assuming we don't run into a wall, it should be able to lead to a homebrew loader. I hope. No promises. "
     

    Attached Files:



  2. Reduxed

    Reduxed GBAtemp Regular

    Member
    221
    0
    Jul 4, 2007
    Canada
    Vancouver baby!!!
    homebrew ftw!
     
  3. FireEmblemGuy

    FireEmblemGuy Celebrating a decade of shitposting

    Member
    2,427
    433
    Jul 6, 2007
    United States
    Michigan, USA
    Well, now I'm glad I didn't sell Zelda after I finished it.
     
  4. Foie

    Foie That one guy

    Member
    867
    2
    Jun 15, 2006
    United States
    Clackamas, Oregon
    Awesome! I might be able to finally stop wasting my money on the VC... at least for the older games.
     
  5. Dylaan

    Dylaan GBAtemp Fan

    Member
    384
    0
    Jul 5, 2007
    Oh yeah! [​IMG] Hopefully it doesn't get patched before something good can be done. I'd love to see something tangible to play with, it's so frustrating just waiting. [​IMG]
     
  6. rhyguy

    rhyguy GBAtemp Maniac

    Member
    1,377
    0
    Jul 21, 2007
    Melbourne
    Which reigon is this for?
     
  7. Edgedancer
    OP

    Edgedancer Director of Moon based operations

    Member
    2,642
    37
    Oct 2, 2006
    Canberra
    I have no idea. This is all the information that has been given out.
     
  8. Dirtie

    Dirtie :'D

    Former Staff
    3,705
    5
    Sep 9, 2003
    New Zealand
    Zealer
    If only the coders ever actually went into details about their findings, then I could have a play around - it wouldn't result in anything, but at least I could gain a better understanding of how these things work [​IMG]
     
  9. TaMs

    TaMs Randomizer

    Member
    1,126
    0
    Nov 15, 2006
    Finland
    hmh it's weird how long it takes to make homebrew for wii, even though it's "hacked" already. This is exploit a good add, but it really seems that no one is interested in wii. [​IMG]
     
  10. Gus122000

    Gus122000 GBAtemp Advanced Fan

    Member
    594
    5
    Jun 15, 2007
    [​IMG] ZOMG I WANT IT NOWWWWWWWW!
     
  11. deufeufeu

    deufeufeu GBAtemp Advanced Fan

    Member
    880
    0
    Nov 21, 2005
    looking at the first post, the only possible way they could inject some code would have been by extracting the private key of their console, and use it to sign code. Once you have a proper save that can act as a loader, you can give it to other people like one can share a save file. The dev giving info would either require you to have dumped you wii private key, which will not be that useful considering how hard it could be to dump it, or have them give theirs, which will expose them quite directly by the fact that the private key is directly linked to a console serial number. The way the exploit work should be fairly simple, something like a uber long char name where the game store it in a finite sized buffer.
     
  12. Renegade_R

    Renegade_R Audio/Video Expert

    Member
    1,654
    0
    Apr 21, 2004
    Canada
    Toronto, Ontario
    Same goes for the PS3...so long without an ISO loader or homebrew. Linux doesn't count.
     
  13. Scorpei

    Scorpei GBAtemp Maniac

    Member
    1,295
    2
    Aug 21, 2006
    Netherlands
    Hardly, the original hack was fairly easy to patch for the big N (afaik) thus they didn't want to release anything specific as that would plug the hole for them to search for more exploits. Patching the save (though possible, it is signed with a specific key from the console that made the save) is slightly less important as once HB runs everyone could make a similar save (could be run through your own Wii to get it encrypted and signed) so then every Wii would have to be covered/blocked. Everyone COULD make their own save once HB runs and thus this is harder to block.

    Don't quote me on this btw [​IMG]. Only written with my limited knowlidge of encryption, signing and etc. (so I could be really wrong ;p).
     
  14. Neko

    Neko Been a while.

    Member
    799
    0
    Dec 5, 2006
    Gambia, The
    #gbatemp.net
    It's basically the same like the GTA Hack for the PSP...

    YES!
    Finally! [​IMG]
    I hope that they will make a ISO loader , that would be soo great! [​IMG]
     
  15. Maikel Steneker

    Maikel Steneker M3 Fanboy

    Member
    3,396
    34
    May 16, 2007
    Netherlands
    If they can make a homebrew loader with this I'll buy Zelda [​IMG]
     
  16. DjoeN

    DjoeN Captain Haddock!

    Member
    5,136
    1,478
    Oct 21, 2005
    Belgium
    Somewhere in this potatoland!
    If Nintendo goes the Sony way, all zelda's will be removed and replaced with an updated release so the save exploit will be closed [​IMG] (but by then it' s to late, most Wiiowners do have an original zelda game for it (don't we ??, I do!)
     
  17. [Truth]

    [Truth] GBAtemp Advanced Fan

    Member
    811
    324
    Mar 21, 2006
    Germany
    Mushroom Kingdom
    of course many are interested in it and they are working hard on it, but most of the hb developers don´t make their proceedings public until they are working stable, like bushing and segher now do.
    [​IMG]
     
  18. Jax

    Jax Pip Pip Cheerioink!

    Member
    4,126
    282
    Jul 31, 2006
    Portugal
    L.A.V.
    FAIL!

    That's the GC version! [​IMG]
     
  19. Twilight

    Twilight Member

    Newcomer
    27
    0
    Apr 28, 2006
    France
    France (nord pas de calais)
    the picture is a fake.....A button is an evidence
     
  20. yuyuyup

    yuyuyup GBAtemp Psycho!

    Member
    3,336
    773
    Apr 30, 2006
    United States
    USA MTN timezone
    This news didn't mention "without a modchip."