Xell version for wii with bootmii to get the nand key

Discussion in 'Wii - Hacking' started by pancho, Oct 27, 2009.

  1. pancho
    OP

    Newcomer pancho Member

    Joined:
    Nov 29, 2008
    Messages:
    16
    Country:
    Philippines
    Can we make any live linux or xell version with bootmii ported on it, so that we could flash the nand with a nand programmer and get the nand key? Just like those genius xbox 360 hackers did. Then use betwiin to assemble a good image nand and flash it on to the wii nand so that we could revive all those dead Wiis. I don't know if this is possible but what do you think guys? [​IMG]


    Xell version for wii with bootmii to get the nand key, is this possible?
     
  2. FenrirWolf

    Member FenrirWolf GBAtemp Psycho!

    Joined:
    Nov 19, 2008
    Messages:
    4,343
    Location:
    Beaverton, OR
    Country:
    United States
    EDIT: Nevermind, misunderstood the context
     
  3. Jacobeian

    Member Jacobeian GBAtemp Advanced Maniac

    Joined:
    May 15, 2008
    Messages:
    1,879
    Country:
    Cuba
    huh ? does it even make sense ?

    Betwiin + Bootmii already let you do that

    1/ you get the NAND key from both wii (using bootmii NAND dump function or another app)
    2/ you dump your NAND with bootmii
    3/ you convert it with betwiin
    4/you flash the NAND to the other wii with bootmii

    what would a boot linux or xell helps to do ???
     
  4. FenrirWolf

    Member FenrirWolf GBAtemp Psycho!

    Joined:
    Nov 19, 2008
    Messages:
    4,343
    Location:
    Beaverton, OR
    Country:
    United States
    Okay, I think I understand what you're asking now. In the case of consoles with the old boot1 you can simply flash BootMii to it and get the keys that way. Ones with the new boot1 are out of luck from what I know.
     
  5. pancho
    OP

    Newcomer pancho Member

    Joined:
    Nov 29, 2008
    Messages:
    16
    Country:
    Philippines
    sorry for my english, and context. I mean we could back up the nand of the wii first by using a wii nand programmer which i've saw in wiibrew, then flash the nand chip of the wii, with bootmii ported in linux or xell so that we could get a copy of the nand key, I know that the nand key is located to what they called hollywood chip, so by flashing it with any linux ported with bootmii on the nand, we could force the holywood chip to show the nand key of the wii. when we get the key, then we can make a good image that belongs to other unit and bind it with the key we get so that we could revive dead wiis that were damage by any software we install on the wii. I hope you get what i mean? sorry again for my bad english...
     
  6. pancho
    OP

    Newcomer pancho Member

    Joined:
    Nov 29, 2008
    Messages:
    16
    Country:
    Philippines
    we just need the key of the damage wii, when we get the key, then we can use the app called betwiin to assemble a good image ready to flash on a broken wii. This is to revive dead Wiis. I don't know if this hack is possible.
     
  7. pancho
    OP

    Newcomer pancho Member

    Joined:
    Nov 29, 2008
    Messages:
    16
    Country:
    Philippines
    i think this is good for the last resort only, if everything we do fails to revive a broken wii.
     
  8. smf

    Member smf GBAtemp Advanced Fan

    Joined:
    Feb 23, 2009
    Messages:
    836
    Country:
    United Kingdom
    Today you can take the flash off a wii motherboard, flash bootmii onto it & resolder.
    At this point you should be able to fix your nand to the point that the system menu will boot.

    You don't need linux or betwin, you do however need a boot1 that has the trucha bug.
     
  9. fabi280

    Member fabi280 GBAtemp Regular

    Joined:
    Feb 28, 2008
    Messages:
    182
    Location:
    Somewhere in Europe
    Country:
    Germany
    There is a Modchip used for such a Work.
    They are using it to dump and reflash the NAND.

    Try to look for "infectus"
     
  10. raulpica

    Supervisor raulpica With your drill, thrust to the sky!

    Joined:
    Oct 23, 2007
    Messages:
    10,656
    Location:
    _____________ PowerLevel: 9001
    Country:
    Italy
    Meh, the Infectus sucks. A great chip with a poor team behind it. It's a real shame.
     
  11. fabi280

    Member fabi280 GBAtemp Regular

    Joined:
    Feb 28, 2008
    Messages:
    182
    Location:
    Somewhere in Europe
    Country:
    Germany
    But its good to revive broken Wiis
     
  12. pancho
    OP

    Newcomer pancho Member

    Joined:
    Nov 29, 2008
    Messages:
    16
    Country:
    Philippines
    We could only have the infectuz as our nand programmer, for backing up and flashing image on the nand of the wiis motherboard. It would be nice also if bootmii, could be flashed in new boot1 wii. But if bootmii can't do it alone then linux could help bootmii to do it. But if ever bushing came up with a new bootmii in support for new boot1 wii then we don't need linux.

    I'm just sharing my idea, this might help I think. Anymore idea's out there?
     
  13. WiiCrazy

    Member WiiCrazy Be water my friend!

    Joined:
    May 8, 2008
    Messages:
    2,391
    Location:
    Istanbul
    Country:
    Turkey
    You need any one of these for the hardware recovery option...

    1. Bricked wii's keys... these are enough to build a healthy image for the target wii
    2. A nand dump
    3. old boot1 with the trucha bug...

    If you don't have these... essentially the 1st one... you won't be able to recover the bricked wii...

    Flashing something is not an option on new boot1 unless you know the nintendo's private signing key...

    All is left, getting the key out of the cpu... I don't think that's an option that can be realized so easily....

    boot1 is in the cpu itself and this hash checking stuff is done internally since the arm chip is also in the cpu...

    I'm not an expert in this stuff but I think it's still open to hacking/hijacking by hardware...

    maybe you can with a fine timing switch the nand...(I don't mean by hand of course electronically)
    say if checking the signature and loading the stuff are two distinct jobs by the current arm process and checking the signature happens first then you may switch the nand just after the signature check... and may force the process load the actual stuff from the other nand... just a thought, dunno if it's doable...

    another idea, collect private key information from people and hope that they are generated in a deterministic fashion using correlation based on machine serial number or something... again dunno, possibly an unrealistic crazy idea...
     

Share This Page