Wii News
Wii Firmware Update Disassembling Galore (Wii misc)

News directly from Bushing, one of the guys behind the Twillight Hack:

Several pieces of Nintendo system software have been updated:

====== Titles Changed ======

SystemMenu
Title ID: 00000001-00000002
Version: 0x 161
Size: 23511040
Contents: 9 (of which 6 are shared)

IOS30
Title ID: 00000001-0000001e
Version: 0x a10
Size: 1933312
Contents: 15 (of which 14 are shared)

IOS31
Title ID: 00000001-0000001f
Version: 0x a10
Size: 1933312
Contents: 15 (of which 14 are shared)

bc
Title ID: 00000001-00000100
Version: 0x 4
Size: 98304
Contents: 2 (of which 0 are shared)

mios
Title ID: 00000001-00000101
Version: 0x 8
Size: 262144
Contents: 2 (of which 0 are shared)

Channel ‘HACA’
Title ID: 00010002-48414341
Version: 0x 5
Size: 8290304
Contents: 7 (of which 3 are shared)I’m currently disassembling these to see what has changed. Please do not pester me about this or ask what our response will be; this isn’t exactly easy or quick. Comments will be enabled once i’ve completed my analysis.

Update 1: IOS30 and IOS31 have been changed – specifically, the kernel. The old timestamps read:

$IOSVersion: FFS: 06/08/07 18:10:10 64M $
$IOSVersion: ES: 07/10/07 18:11:26 64M $
$IOSVersion: IOSP: 06/25/07 14:17:16 64M $The new timestamps read

$IOSVersion: FFS: 06/08/07 18:10:10 64M $
$IOSVersion: ES: 07/10/07 18:11:26 64M $
$IOSVersion: IOSP: 04/03/08 19:37:33 64M $It’s interesting that Nintendo bothered to update the IOSP timestamp, because the only change I see in IOSP is that the version reported changed (there’s a variable that stores the value “040308?). They’re trying to be clever; the actual bug fix was in ES, where the encryption code lives.

The strncmp signing bug has been fixed in IOS30, which is what the system menu uses. (The new signature-checking code is identical to that in IOS37.) This probably means that it will no longer boot Trucha-signed discs, but I have not yet tried it. Early reports on IRC indicate that the Homebrew Channel still works; this is consistent with my understanding that the system menu does not verify the content of already-installed content.

I don’t know why IOS31 was patched.

Update 2:
Okay, now this is just silly. Three functions have been added to the system menu. Guess what they do:

ipl::utility::ESMisc::DeleteSavedata((unsigned long long, EGG::Heap*))
ipl::utility::ESMisc::VerifySavedataZD((unsigned long long, EGG::Heap*))
WADCheckSavedataZD
We Are Not Impressed.

Update 3:
They wrote a special-purpose function to try to check for the exact exploit we used – specifically, if a savegame is for Zelda, it checks the length of 6 strings inside the savefile (two of which are the player name and horse name). It repeats this check for all 3 saveslots, and then another three times for all 3 backup slots.

No, we do not have a response to this yet; we will probably take a few days to formulate one. I predicted Nintendo would *not* do this; I’m disappointed. This was the first bug we found, in the first game we tried. We’ll find others, and they’ll have to try to catch up to each.

I’ll open up comments, but please only post if you have something constructive to say.

Update 4:
It’s interesting to look at the timestamps here. The System Menu has a build marker of “systemmenu.rvl.0803060727? – yes, that’s March 6, 2008, 07:27. This update to the menu only accomplished one thing, as far as I can tell – the blocking of the TP hack. (I guess we can count the IOS30 patch together with it.) They spent 3 months testing it – this isn’t actually that surprising, when you consider the potential financial damage if they roll an update out that bricks Wiis.

Congrats to tmbinc and tehpola for finding a combination of two bugs in the code that Nintendo added that — when combined – allow us to fool their check into ignoring the TP hack. More info will be forthcoming – I still wouldn’t rush to update my system, anyway.

This still leaves the issue of how to deal with IOS30; there are several different ways to deal with this — some of which have already been released by people – and we’ll need to take some time to decide on the best one to use and test it thoroughly. There’s no urgency here, no need to rush into something.

http://hackmii.com/2008/06/june-16-wii-update/

By with 0 comments
Wii Firmware v3.3 – Attention (Wii misc)

From Wiibrew:

The June 16th, or Version 3.3 update checks for and deletes Twilight Hack and any other Twilight Princess saves exploiting the same vulnerability. However, it does not do anything to existing Homebew Channel installations. It does, however, fix the Signing bug, which prevents any “trucha”-signed discs from running, including the Homebrew Channel installer ISO versions.

http://wiibrew.org/wiki/June16_update

By with 0 comments
Matching Cards v0.2 (Wii Game)

Matching Cards is another simple game for the Nintendo Wii. Pair up all the cards before the time runs out to proceed to the next level. There are 3 difficulties (easy, normal, hard) and 7 levels.

Changes:

Added difficulty setting
Now uses Wiimote IR
No more multiple JPEG card files

http://www.wiibrew.org/wiki/Homebrew_apps/Matching_Cards

By with 0 comments
WiiTCPLoader v0.0.1 (Wii Application)

Execute .elf / .dol files remotly (over tcp/ip), working with Homebrew Channel and TCPLoader Channel.

http://www.wiibrew.org/wiki/Homebrew_apps

By with 0 comments
MXML v2.5 (Wii misc)

XML library for loading/saving xml configuration files to the Wii.

http://www.wiibrew.org/wiki/Development_Applications

By with 0 comments
FTPii v0.0.6 (Wii Application)

FTPii is an early FTP server application for your Wii coded by joedj.

http://wiibrew.org/wiki/Homebrew_apps/FTPii

By with 0 comments
FTPii v0.0.5 (Wii Application)

FTPii is an early FTP server application for your Wii coded by joedj.

http://wiibrew.org/wiki/Homebrew_apps/FTPii

By with 0 comments
Duck Hunt v1.7 (Wii Game)

Duck Hunt is a very minimal, clone of the classic NES/Famicom game Duck Hunt where you shoot ducks.

http://wiibrew.org/wiki/Homebrew_apps/Duck_Hunt

By with 0 comments
PNGU v0.2b (Wii misc)

PNGU is a lib for Wii and GameCube that ‘wrap’ the famous libpng and facilitate png handling and conversions to the native Wii/GC formats. PNG format has some properties which make it interesting: A background color, a list of transparent colors, alpha channel, it doesn’t modify the colors (as jpeg do when compression), open format…

Features:

It’s based in libpng 1.2.29
Handles images of 8 and 16 bits per channel.
Handles images in RGB, RGBA, grayscale and grayscale + alpha formats.
Reads image dimensions, pixel format, background color and transparent colors list.
Converts images to YCbYCr, linear RGB565, linear RGBA8, 4×4 RGB565, 4×4 RGB5A3 and 4×4 RGBA8 formats.
Saves YCbYCr images in png RGB8 format.
Handles images stored in memory or in devoptab devices (SD, Gecko SD, etc…).
It’s ready to be used in multithreaded applications.

http://wiibrew.org/wiki/Development_Applications/PNGU

By with 0 comments
libwiisprite v0.1.9 (Wii misc)

libwiisprite is a C++ sprite library written for the Wii which utilises GX for all it’s graphical operations, meaning the GPU is used to accelerate graphics.

libwiisprite aims to make developing Wii homebrew simple and fun with better graphical results than currently existing libraries.

libwiisprite is currently under heavy development, but this version is a semi-stable version allowing most of the proposed functionality of the library.

Currently PNG w/alpha is the only supported image format.

The library comes with full Doxygen documentation to help get development started. It is also available online: http://feesh.braingravy.co.uk/libwiisprite/

Changes:

This is mainly a bugfix release, no new features included. You may need to update your sources to correctly use the display now. The examples also got updated.
Added a wrong size check to image loading errors. Image width and height have to be a multiple of 4.
The whole screen estate is used. Pointer correction is also explained in the spritetest example.
LayerManager.SetViewWindow() fixed. Displays correctly now.
Fixed TiledLayer displaying (last version crashed GX) and collision detecting with sprites.
Now doing more checks throughout the code.

http://wiibrew.org/wiki/Development_Applications/libwiisprite

By with 0 comments
Page 201 of 216« First...102030...199200201202203...210...Last »