Hacking YAL-binaries for injection into channels.

joda

Well-Known Member
Member
Joined
Jul 12, 2007
Messages
436
Trophies
0
Location
Umeå
XP
119
Country
I've always wanted to be able to launch all drunkard games (Wii Sports Bowling, Mario Kart, Boom Blox) directly from a channel without having to swap discs. High failure rate otherwise after a few beers.

This is now possible.

The WBFS source includes YAL (Yet Another Loader) which launches specific titles from the WBFS-partition on the hdd connected to your Wii. When run from hbc, it checks the current pathname and reads out the gameid to load from this. This is the way the mkhbc feature works. This does not however work with dol_forwarders or streaming the binary to HBC.

A sollution for this to make binaries injectable into channels is by hardcoding the gameid and recompile the YAL source. Below is a diff allowing for direct boot of RSPP01 (Wii Sports):
Code:
--- yal/source/yal.cÂÂÂÂ2009-04-02 09:53:37.000000000 +0200
+++ wii_sports/source/yal.cÂÂÂÂ2009-04-02 09:59:53.000000000 +0200
@@ -191,7 +191,6 @@
int main(int argc, char **argv) {
//---------------------------------------------------------------------------------
ÂÂÂÂÂÂÂÂ char discid[7];
-ÂÂÂÂÂÂÂÂchar *arg;
ÂÂÂÂÂÂÂÂ int cios = CIOS;
ÂÂÂÂÂÂÂÂ SYS_SetResetCallback(Reboot);
ÂÂÂÂÂÂÂÂ debug_printf("start %s",argv[0]);
@@ -202,21 +201,8 @@
ÂÂÂÂÂÂÂÂ printf("Loading IOS %d\n",cios);
ÂÂÂÂÂÂÂÂ IOS_ReloadIOS(cios);
ÂÂÂÂÂÂÂÂ sleep(1);
-ÂÂÂÂÂÂÂÂ//get the discid from arguments.
-ÂÂÂÂÂÂÂÂswitch(argc){
-ÂÂÂÂÂÂÂÂcase 1:
-ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂarg = argv[0];
-ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂbreak;
-ÂÂÂÂÂÂÂÂcase 2:
-ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂarg = argv[1];
-ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂbreak;
-ÂÂÂÂÂÂÂÂdefault:
-ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂreturn 1;
-ÂÂÂÂÂÂÂÂ}
-ÂÂÂÂÂÂÂÂint len=strlen(arg);
-ÂÂÂÂÂÂÂÂif(arg[len-9]=='/' && arg[len-9-7]=='/')
-ÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂÂmemcpy(discid,arg+len-9-6,6);
-ÂÂÂÂÂÂÂÂelse memcpy(discid,arg,6);
+ÂÂÂÂÂÂÂÂ//Hardcode discid.
+ÂÂÂÂÂÂÂÂmemcpy(discid,"RSPP01",6);
ÂÂÂÂÂÂÂÂ discid[6]=0;
ÂÂÂÂÂÂÂÂ int ret = load_disc(discid);
ÂÂÂÂÂÂÂÂ debug_printf("returned %d\n",ret);
This is three binaries to try with. If someone with a good art sense feels like making channels out of them the knowhow to make channels with the original banners from the game, I'd be more than happy!
 

WiiCrazy

Be water my friend!
Member
Joined
May 8, 2008
Messages
2,395
Trophies
0
Location
Istanbul
Website
www.tepetaklak.com
XP
384
Country
Better approach could be using title ids that quite resembles the original game's title id...

Like for game RSPP , channel XSPP for game RZDE, channel XZDE... though X should be unused by nintendo...

Then I guess you can query for the disc id from the loader itself... though I don't know what those 01 after RSPP stands for... could be partition id?
 

joda

Well-Known Member
Member
Joined
Jul 12, 2007
Messages
436
Trophies
0
Location
Umeå
XP
119
Country
WiiCrazy said:
Better approach could be using title ids that quite resembles the original game's title id...
Well, it would be, but since we are bound by the partition id that wbfs/usbloader gives us when dumping, this is not possible here.
QUOTE(WiiCrazy @ Apr 2 2009, 09:30 AM) Like for game RSPP , channel XSPP for game RZDE, channel XZDE... though X should be unused by nintendo...

Then I guess you can query for the disc id from the loader itself... though I don't know what those 01 after RSPP stands for... could be partition id?
Well, the problem here is that yal doesn't parse the contents of the hdd. It just tries to run a specific title; it's really barebone.

For creating a launcher channel for a particular game, which is my goal, user input is not needed.
 

WiiCrazy

Be water my friend!
Member
Joined
May 8, 2008
Messages
2,395
Trophies
0
Location
Istanbul
Website
www.tepetaklak.com
XP
384
Country
Doable,

1. Extract banner from disc image while importing into wbfs
2. Get four characters of the disc id use it as the channel's title id replacing first character with something else
3. Patch your disc id in your hardcoded dol using the offset of the disc id in the program.. (so no need to compile everytime)
4. Build a channel with the title id, name we get from wbfs import and the original banner...

Only need some one to pack them in a nice windows application


So this way it can be all automatic... for each revision of yal though the program should be updated and one need to inject the dol into the channels made before if there is improvement in the yal...
 

joda

Well-Known Member
Member
Joined
Jul 12, 2007
Messages
436
Trophies
0
Location
Umeå
XP
119
Country
WiiCrazy said:
Doable,

1. Extract banner from disc image while importing into wbfs
2. Get four characters of the disc id use it as the channel's title id replacing first character with something else
3. Patch your disc id in your hardcoded dol using the offset of the disc id in the program.. (so no need to compile everytime)
4. Build a channel with the title id, name we get from wbfs import and the original banner...

Only need some one to pack them in a nice windows application


So this way it can be all automatic... for each revision of yal though the program should be updated and one need to inject the dol into the channels made before if there is improvement in the yal...
This my friend, would be awesome! Get to it ... =)
 

joda

Well-Known Member
Member
Joined
Jul 12, 2007
Messages
436
Trophies
0
Location
Umeå
XP
119
Country
Made a really dirty-hack shell script for making binaries for a particular gameid with ease:
Code:
#!/bin/sh

make clean
cp source/yal.c oldyal.c
head -193 oldyal.c > source/yal.c
head -204 oldyal.c | tail -10 >> source/yal.c
echo "ÂÂÂÂÂÂÂÂmemcpy(discid,\"$1\",6);" >> source/yal.c
tail -158 oldyal.c >> source/yal.c
make
mv oldyal.c source/yal.c
To be run with ./mkYalBin.sh from the root of the yal source, and it outputs .dol.
 

wilsoff

Well-Known Member
Member
Joined
Dec 29, 2008
Messages
292
Trophies
0
XP
183
Country
United States
QUOTE said:
If someone with a good art sense feels like making channels out of them
No need to be arty, you can just use the animation from the disc channels themselves. They're stored in opening.bnr which can be extracted from the iso. I'll have a go at making a couple of these and post them at the weekend.
 

joda

Well-Known Member
Member
Joined
Jul 12, 2007
Messages
436
Trophies
0
Location
Umeå
XP
119
Country
So in other words the holy grail to filling all four pages of channels with usefull stuff would be a tool with a nice gui where you specify:
  • Banner extracted from game with WiiScrubber or FTPii.
  • Titleid of the disc in question as put out by Waninkoko's USB-loader or wbfs when dumping.
  • Name you want for the channel.
and it would repack and output a nice wad.

Or as WiiCrazy put it, a tool which when dumping with wbfs extracts the above and fixes it for you.

And above all, a nice tutorial for this.
 

DarkunderdoG

Well-Known Member
Newcomer
Joined
Jul 2, 2007
Messages
96
Trophies
0
XP
215
Country
United States
You can move them to SD now in 4.0
tongue.gif
 

-pb-

Well-Known Member
Newcomer
Joined
Mar 30, 2009
Messages
97
Trophies
0
Location
nl
Website
Visit site
XP
50
Country
Netherlands
Can somebody compile YAL to use IOS249 instead of 222?

having hardtime to get 222 installed,
asuming that 249 rev9 contains all needed as waninkoko's loader using that one.
 

Red_Squirrel

Well-Known Member
Newcomer
Joined
Feb 8, 2009
Messages
82
Trophies
0
Age
33
Location
L'Aquila
Website
www.psp-cheats.it
XP
419
Country
Italy

joda

Well-Known Member
Member
Joined
Jul 12, 2007
Messages
436
Trophies
0
Location
Umeå
XP
119
Country
-pb- said:
Can somebody compile YAL to use IOS249 instead of 222?

having hardtime to get 222 installed,
asuming that 249 rev9 contains all needed as waninkoko's loader using that one.
Doesn't work. It tries to load from the disc drive.

It even loaded an original disc put into the drive ... kek
 

joda

Well-Known Member
Member
Joined
Jul 12, 2007
Messages
436
Trophies
0
Location
Umeå
XP
119
Country
-pb- said:
joda said:
-pb- said:
Can somebody compile YAL to use IOS249 instead of 222?

having hardtime to get 222 installed,
asuming that 249 rev9 contains all needed as waninkoko's loader using that one.
Doesn't work. It tries to load from the disc drive.

:-(
You tried running IOS downgrader and stuff to reimplement the signing bug?
 

-pb-

Well-Known Member
Newcomer
Joined
Mar 30, 2009
Messages
97
Trophies
0
Location
nl
Website
Visit site
XP
50
Country
Netherlands
joda said:
-pb- said:
joda said:
-pb- said:
...having hardtime to get 222 installed...
Doesn't work. It tries to load from the disc drive.
:-(
You tried running IOS downgrader and stuff to reimplement the signing bug?

Yip, tried to install on 2 different wii's:

1 is still on 3.2 with trucha. (trucha confirmed by tests)
2 is on 4.0 but upgraded using waninkoko's updater and have a trucha-patched IOS60. (trucha confirmed by tests)

No usb devices attached, allways give me the error -(some number, forgot it now) and a message unable to allocate temp buffer space for encrypted content.

could/have to try todo a ios-downgrader run again to see if some bits are missing/wrong
 

joda

Well-Known Member
Member
Joined
Jul 12, 2007
Messages
436
Trophies
0
Location
Umeå
XP
119
Country
-pb- said:
joda said:
-pb- said:
joda said:
-pb- said:
...having hardtime to get 222 installed...
Doesn't work. It tries to load from the disc drive.
:-(
You tried running IOS downgrader and stuff to reimplement the signing bug?

Yip, tried to install on 2 different wii's:

1 is still on 3.2 with trucha. (trucha confirmed by tests)
2 is on 4.0 but upgraded using waninkoko's updater and have a trucha-patched IOS60. (trucha confirmed by tests)

No usb devices attached, allways give me the error -(some number, forgot it now) and a message unable to allocate temp buffer space for encrypted content.

could/have to try todo a ios-downgrader run again to see if some bits are missing/wrong
You out of memory on NAND?
 

Site & Scene News

General chit-chat
Help Users
    James_ @ James_: finally i can say profanity in blue