Wii Hacks, News, and Info. Find out about Wii Hacks and tricks such as: Converting video to Wii format. Running homebrew software and Games. Compile Wii Linux. Wii Home Control. Wii Web Browser. Wii WiFi Functionality
Friday, December 29, 2006
Nintendo GC / Wii Security Flaws
tmbinc did a speech at a Video Game Console Conference the other day. The video is up on youtube and has some very interesting info.
If you actually watch the whole video, not the edited version on YouTube, he clearly states that HOMEBREW is not possible on the Wii because the executables are signed. So the backdoor 2 method he describes can be used ONLY for backups. This makes it highly unlikely that the information will be released publicly, as the hackers involved do not support piracy.
If they don't support piracy, and finally don't give all the details, for what they've told, it's extremely easy to guess the hack.
Just we have to find the new connector and adapt the modchip to it. Don't worry that modchip makers know what they do... If not, wait a month and see...
So I was watching that video, and I looked up and successfully found multiple Wii mod-chips...as well as a program that runs an hdd to store games...including VC games. Check out the Viper Extreme chip (seems like the most sound of the mod-chips) and look for Wii hdloader.
I'm pretty sure any Wii modchips available for sale right now are scams. Give it another 6 months.
Also, homebrew may not be possible on the Wii using this particular hack, but the PSP uses signed executables too and people found exploits to allow arbitrary code execution on that. I think the same applies to the DS, judging by that RSA logo on the box.
The DS doesn't work through exploits in games like the PSP does, it works by installing new firmware. You have to bridge the SL1 jumper to allow the memory to be writable.
yeah...I looked into the modchip a little more and there is no way to purchase it on any of the sites that talk about it...it must be a "in development" chip.
The Wii backup theory seems sound however...I took my Wii apart actually (I know...heresy) and found the UTS port lines...I also was playing with the GC disc grabber thingy inside and might have found a way to disable it enough that it would think of a DVD disc as a GC disc...the only problem is I can't install the exploit due to lack of the SD card adapter.
Man, that's really disappointing to hear no homebrew yet, only backups. Now, backups are great in their own way... but homebrew is what is most exciting about the Wii!
Don't worry. We all know Nintendo sucks at security. It may not look like that because of gamecube's lower sales and 8cm disks.
I still belive the Virtual Console is the way to go for homebrew. Anyway Nintendo could stop piracy by letting people develop for Wii! It's not like they lose money per console sold :(
"We all know Nintendo sucks at security" i'd argue with that, seeing as the iQue seems largly secure and unhacked
"The DS doesn't work through exploits in games like the PSP does, it works by installing new firmware." not true actually. the data being sent between the game and the DS is encrypted, except for the header and the passme devices slip in some redirection code just after the header has been sent. the custom firmware just looks for DS playable code in the GBA slot without having to be redirected from a passme on this note, would a similar exploit be workable on the Wii?
Yes. I think that's the moral of the story. About iQue not being hacked I don't really see the advantage of trying to hack it, as it was only available in Japan and it's more expensive than gamecube for essencialy the same hardware (not sure about this part).
iQue was released primarily for china, as its basically has the largest piracy rate for games, so it was designed to be unpiratable...and its hardware is essentially a N64 on a chip
as far as homebrew on the Wii goes, unless someone can crack the encryption (highly unlikely) the best chance will be trying to redirect to the SD bay and run code from there...short of an official solution anyway
"Bottom line.... You cant copy games and there is no mod chip - period. From what I am seeing it looks like there will be no mod chip for the Wii."
Red Steel has been released on certain groups. Although there is currently no way to play this yet, I believe that a few months down the line we WILL see a modchip for the Wii.
If you actually watch the whole video, not the edited version on YouTube, he clearly states that HOMEBREW is not possible on the Wii because the executables are signed. So the backdoor 2 method he describes can be used ONLY for backups. This makes it highly unlikely that the information will be released publicly, as the hackers involved do not support piracy.
ReplyDeletei can't understand a damn thing he's saying. need subtitles
ReplyDeletecorrection : homebrew is not yet possible
ReplyDelete@ xian :
ReplyDeleteWhere can I find the whole Video ?
The entire presentation can be seen here...
ReplyDeletehttp://cryptosystem.org/video/tmbinc-consolehacking2k6.ogm
It's an OGM video, so you'll need something like VLC Player.
If they don't support piracy, and finally don't give all the details, for what they've told, it's extremely easy to guess the hack.
ReplyDeleteJust we have to find the new connector and adapt the modchip to it. Don't worry that modchip makers know what they do... If not, wait a month and see...
I don't want piracy but I DO want to be able to play games from other regions
ReplyDeleteI believe that the Wii can also run unsigned GameCube code. After all, it can run GC disks, and they weren't signed or encrypted in any way.
ReplyDeleteSo I was watching that video, and I looked up and successfully found multiple Wii mod-chips...as well as a program that runs an hdd to store games...including VC games. Check out the Viper Extreme chip (seems like the most sound of the mod-chips) and look for Wii hdloader.
ReplyDeleteI'm pretty sure any Wii modchips available for sale right now are scams. Give it another 6 months.
ReplyDeleteAlso, homebrew may not be possible on the Wii using this particular hack, but the PSP uses signed executables too and people found exploits to allow arbitrary code execution on that. I think the same applies to the DS, judging by that RSA logo on the box.
The DS doesn't work through exploits in games like the PSP does, it works by installing new firmware. You have to bridge the SL1 jumper to allow the memory to be writable.
ReplyDeleteyeah...I looked into the modchip a little more and there is no way to purchase it on any of the sites that talk about it...it must be a "in development" chip.
ReplyDeleteThe Wii backup theory seems sound however...I took my Wii apart actually (I know...heresy) and found the UTS port lines...I also was playing with the GC disc grabber thingy inside and might have found a way to disable it enough that it would think of a DVD disc as a GC disc...the only problem is I can't install the exploit due to lack of the SD card adapter.
Man, that's really disappointing to hear no homebrew yet, only backups. Now, backups are great in their own way... but homebrew is what is most exciting about the Wii!
ReplyDeleteDon't worry. We all know Nintendo sucks at security. It may not look like that because of gamecube's lower sales and 8cm disks.
ReplyDeleteI still belive the Virtual Console is the way to go for homebrew. Anyway Nintendo could stop piracy by letting people develop for Wii! It's not like they lose money per console sold :(
"We all know Nintendo sucks at security" i'd argue with that, seeing as the iQue seems largly secure and unhacked
ReplyDelete"The DS doesn't work through exploits in games like the PSP does, it works by installing new firmware."
not true actually. the data being sent between the game and the DS is encrypted, except for the header and the passme devices slip in some redirection code just after the header has been sent. the custom firmware just looks for DS playable code in the GBA slot without having to be redirected from a passme
on this note, would a similar exploit be workable on the Wii?
Bottom line.... You cant copy games and there is no mod chip - period. From what I am seeing it looks like there will be no mod chip for the Wii.
ReplyDeleteYes. I think that's the moral of the story. About iQue not being hacked I don't really see the advantage of trying to hack it, as it was only available in Japan and it's more expensive than gamecube for essencialy the same hardware (not sure about this part).
ReplyDeleteiQue was released primarily for china, as its basically has the largest piracy rate for games, so it was designed to be unpiratable...and its hardware is essentially a N64 on a chip
ReplyDeleteas far as homebrew on the Wii goes, unless someone can crack the encryption (highly unlikely) the best chance will be trying to redirect to the SD bay and run code from there...short of an official solution anyway
"Bottom line.... You cant copy games and there is no mod chip - period. From what I am seeing it looks like there will be no mod chip for the Wii."
ReplyDeleteRed Steel has been released on certain groups. Although there is currently no way to play this yet, I believe that a few months down the line we WILL see a modchip for the Wii.