Hacking Xell version for wii with bootmii to get the nand key

pancho

Member
OP
Newcomer
Joined
Nov 29, 2008
Messages
16
Trophies
0
Website
Visit site
XP
25
Country
Can we make any live linux or xell version with bootmii ported on it, so that we could flash the nand with a nand programmer and get the nand key? Just like those genius xbox 360 hackers did. Then use betwiin to assemble a good image nand and flash it on to the wii nand so that we could revive all those dead Wiis. I don't know if this is possible but what do you think guys?
smile.gif



Xell version for wii with bootmii to get the nand key, is this possible?
 

Jacobeian

Well-Known Member
Member
Joined
May 15, 2008
Messages
1,893
Trophies
0
XP
386
Country
Cuba
huh ? does it even make sense ?

Betwiin + Bootmii already let you do that

1/ you get the NAND key from both wii (using bootmii NAND dump function or another app)
2/ you dump your NAND with bootmii
3/ you convert it with betwiin
4/you flash the NAND to the other wii with bootmii

what would a boot linux or xell helps to do ???
 

FenrirWolf

Well-Known Member
Member
Joined
Nov 19, 2008
Messages
4,347
Trophies
0
Location
Sandy, UT
XP
603
Country
United States
Okay, I think I understand what you're asking now. In the case of consoles with the old boot1 you can simply flash BootMii to it and get the keys that way. Ones with the new boot1 are out of luck from what I know.
 

pancho

Member
OP
Newcomer
Joined
Nov 29, 2008
Messages
16
Trophies
0
Website
Visit site
XP
25
Country
sorry for my english, and context. I mean we could back up the nand of the wii first by using a wii nand programmer which i've saw in wiibrew, then flash the nand chip of the wii, with bootmii ported in linux or xell so that we could get a copy of the nand key, I know that the nand key is located to what they called hollywood chip, so by flashing it with any linux ported with bootmii on the nand, we could force the holywood chip to show the nand key of the wii. when we get the key, then we can make a good image that belongs to other unit and bind it with the key we get so that we could revive dead wiis that were damage by any software we install on the wii. I hope you get what i mean? sorry again for my bad english...
 

pancho

Member
OP
Newcomer
Joined
Nov 29, 2008
Messages
16
Trophies
0
Website
Visit site
XP
25
Country
we just need the key of the damage wii, when we get the key, then we can use the app called betwiin to assemble a good image ready to flash on a broken wii. This is to revive dead Wiis. I don't know if this hack is possible.
 

smf

Well-Known Member
Member
Joined
Feb 23, 2009
Messages
6,243
Trophies
2
XP
5,077
Country
United Kingdom
DeadlyFoez said:
Is it possible. Of course, anything is possible. Will it ever happen, I would not count on it.

There is a lot of things that would need to happen to get that far, and there is already easier methods that don't have such extremely high hurdles to overcome.

In the end, it wont happen.

Today you can take the flash off a wii motherboard, flash bootmii onto it & resolder.
At this point you should be able to fix your nand to the point that the system menu will boot.

You don't need linux or betwin, you do however need a boot1 that has the trucha bug.
 

pancho

Member
OP
Newcomer
Joined
Nov 29, 2008
Messages
16
Trophies
0
Website
Visit site
XP
25
Country
We could only have the infectuz as our nand programmer, for backing up and flashing image on the nand of the wiis motherboard. It would be nice also if bootmii, could be flashed in new boot1 wii. But if bootmii can't do it alone then linux could help bootmii to do it. But if ever bushing came up with a new bootmii in support for new boot1 wii then we don't need linux.

I'm just sharing my idea, this might help I think. Anymore idea's out there?
 

WiiCrazy

Be water my friend!
Member
Joined
May 8, 2008
Messages
2,395
Trophies
0
Location
Istanbul
Website
www.tepetaklak.com
XP
386
Country
You need any one of these for the hardware recovery option...

1. Bricked wii's keys... these are enough to build a healthy image for the target wii
2. A nand dump
3. old boot1 with the trucha bug...

If you don't have these... essentially the 1st one... you won't be able to recover the bricked wii...

Flashing something is not an option on new boot1 unless you know the nintendo's private signing key...

All is left, getting the key out of the cpu... I don't think that's an option that can be realized so easily....

boot1 is in the cpu itself and this hash checking stuff is done internally since the arm chip is also in the cpu...

I'm not an expert in this stuff but I think it's still open to hacking/hijacking by hardware...

maybe you can with a fine timing switch the nand...(I don't mean by hand of course electronically)
say if checking the signature and loading the stuff are two distinct jobs by the current arm process and checking the signature happens first then you may switch the nand just after the signature check... and may force the process load the actual stuff from the other nand... just a thought, dunno if it's doable...

another idea, collect private key information from people and hope that they are generated in a deterministic fashion using correlation based on machine serial number or something... again dunno, possibly an unrealistic crazy idea...
 

You may also like...

General chit-chat
Help Users
    K3N1 @ K3N1: