Wii News
GC-Linux (Wii Application)

The GC-Linux team managed to run Linux in Wii mode – a proof of concept has been released.

Instead of writing dozens of lines, just head to the original source and enjoy.


By with 0 comments
Wii Mode MP3 Player (Wii Application)


Wii Mode MP3 Player by emu_kidid.

Built using libogc cvs for wii mode via the zelda tp exploit.

These are instrutions on how to setup your SD card to have both this .elf and
mp3’s on the same SD card.

1. Format your SD card.
2. Extract and copy the file called padding to your SD card
3. Use dd or writeelf (for windows) to copy MP3PLAY.elf to (physical)sector 2048
4. On the SD card, create a DIR called MP3 in root and place all your .mp3’s in here
(4096 is the limit of files allowed) and no subdirs allowed.
5. Run the exploit on zelda and enjoy.

Using MP3PLAY:
Press Left and right to find mp3’s, once you’ve found the mp3 you want, press A to
play it, once playing, there’s instructions on how to go back/next song. Also press
Y whilst browsing mp3’s to return to the exploit. (You may also swap sd cards at
the menu of the mp3 player but only before going to the exploit)

(c) emu_kidid ’08

credits to Team Twiizers (tmbinc, segher, bushing) without whom this would’ve
never been possible!

Thanks to http://www.wiibrew.org for the news.


By with 0 comments
EasyIOS v0.1.2 (Wii Application)

This app is for browsing the device tree, and trying out quick IOS commands w/out doing builds.


+Fixed bug causing crash related to overrunning the log
+Added easy to use Byte (binary mode) adding interface
+Fixed debug messages going to log. (More useful/detailed)
+Speed improvements related to allocating memory
+Fixed padding of bytes so output is easier to read
+Added build flags so EasyIOS can build under cygwin, linux or osx
+Added new devices based on changes on the IOS wiki


By with 0 comments
Twilight Hack v0.1 (Alpha 2) (Wii Application)

Team Twiizers released an update to their Wii homebrew loader/exploit.

How to install:

Extract the zip archive into any folder.

Backup your old Zelda save if you want to, by copying data.bin out of *SD Card*/private/wii/title/RZDP or *SD Card*/private/wii/title/RZDE and into another folder.
If you have a PAL Zelda game (identified by the code “RVL-RZDP-0A-0 JPN” around the inside on the shiny side of the disc), copy the file rzdp.bin (from the zip archive you extracted) into *SD Card*/private/wii/title/RZDP/data.bin.

If you have an NTSC later revision Zelda game (identified by the code “RVL-RZDE-0A-2 USA” around the inside on the shiny side of the disc), copy the file rzde2.bin (from the zip archive you extracted) into *SD Card*/private/wii/title/RZDE/data.bin.

If you have any other NTSC revision Zelda game (usually identified by any other code involving the letters “RZDE” around the inside on the shiny side of the disc), copy the file rzde.bin (from the zip archive you extracted) into *SD Card*/private/wii/title/RZDE/data.bin.

Now, put the SD card and Zelda into your Wii and turn it on. Go into Wii Options –> Data Management –> Save Data –> Wii. Find your Zelda save, click on it, and click “Erase”, and click Yes. Now, go into SD card, and select the “Twilight Hack” save (the icon says “Wiibrew Loader”). Click copy, and yes. Now, go back out of that menu and start the game. Select the first save file (called Twilight Hack), complete the brightness setting, and talk to the man in front of you. What will later be the ELF loader will load.

If you are a PAL user and are experiencing a line of text lost off the bottom, try changing your TV type under Wii options –> Wii settings –> screen to 576i (50hz). Please could PAL users add a post to the right section to say whether they had this problem or not with non-576i settings, as I would like to know if everyone has this problem or if it’s just my TV.


By with 0 comments
Tetris (Wii Game)

Christian Auby aka Desktopman released a homebrew Tetris game for Nintendo’s Wii console. For the download check out the linked page below, if you are more likly interested in a video then you might be right here: http://www.auby.no/files/wii/tetris.wmv

Thanks to brakken for the news and the screenshot! – http://www.tehskeen.com


By with 0 comments
Twilight Hack v0.1 (Alpha 1) (Wii Application)

Seems Bushing, Tmbinc and Segher did it! The Wii is finally exploited.

As I (Kojote) know tmbinc from various demoparties in the past and he is really a talented guy, there is no doubt about it now… The Wii has been exploited!

Check the video: http://youtube.com/watch?v=zaRhyEUOk44


By with 0 comments
Wii-GC Raw Image Dumper v0.05 (Wii misc)

A new version of the first Dual Layer ISO image dumper that has been verified to work for the Nintendo Wii has been released ( http://nekokabu.s7.xrea.com/blog/2008/02/post_34.html ). Using Wii/GC Raw Image Dumper Ver.0.05 you can dump the “second” layer of dual layer Nintendo Wii discs and with a little work join them with the first layer to produce a working backup.

Thanks to brakken / http://www.tehskeen.com for the news.


By with 0 comments
Its all about money – Wiili.org (Wii misc)

Here is another brandnew article from brakken:

Wiili.org is generally known for its attempt to gain the public’s interest in getting Linux up and running on the Nintendo Wii. They have been featured on many mainstream news site and social media sites including Digg.com. What isn’t known and should be is the fact that they site administrator is copying its content from Wiibrew.org and there is turmoil going down surrounding the situation. To sum it up – Wiili.org is feeding off of others people work for profit.

[Read the rest at it’s release page]

Not only the Wii scene is affected by such people, but I suppose generating lots of profit with others free work is a common thing in the homebrew scene. Sadly.


By with 0 comments
Wii hacked it (Wii misc)

Another fine newsitem, which you can thank brakken ( http://www.tehskeen.com ) for… :)

tmbinc has released a hughe article about how he got the Wii to run code he wants.

Read on:

After bushing had shown the first homebrew exploit, a lot of stuff has happened in the Wii-world. The exploit was based on a hole in the disc hashing&verification, but the original finder (segher) decided that he doesn’t want the bug to be published. While this caused some controversy, the reason behind this was that the hole could be patched very easily in a future firmware version, as no original function relies on it. The next goal was to find a bug which could not be patched so easily, for example a savegame exploit. Patching such game exploits is considerable harder. Of course you could patch the game code when it is loaded (like some gamecube games are fixed in compatibility mode by the “gamecube compatibility IPL”), but we could just move on to another game. We wouldn’t lose that much power if a game bug is fixed, vs. a critical system bug. I can totally understand that people are annoyed by us not doing full disclosure. Nevertheless we try our best to balance our different interests. It’s not always easy, even inside a team. Still, the rule is: If you find a bug, it’s your choice what you do with it. If you don’t like that, find your own bug.

I’ve concentrated less on the high-level things, I’m generally more interested in the system design and security architecture. So I’ve digged into the bootloader.

What we knew before was that there is a fixed block of code called “boot1?, which is supposed to be the first code executed from flash. It’s ARM (”Starlet”) code, btw, the powerpc (Broadway) is booted much later. We didn’t knew how boot1 is encrypted (rumours ranged from an LFSR-based streamcipher to AES), nor if and how it was hashed. But what we had was a program called “BC” (title id: 1-100), extracted out of a system update. We are absolutely not sure why BC does even exist (it might be used to return from GC mode to Wii mode, but why would you want to do so?), but what BC is doing matches what boot1 could be doing: Reading a bunch of sectors from flash, decrypting them, and checking a signature against a previously decoded cert chain, then jumping there. Once we re-coded the algorithm, it was clear that this in fact decrypts boot2. Encrypting a new boot2 requires signing the new hash. Now it turned out that “BC” also contains “the bug” (well, a similar one), so chances were big that boot1 also does. But flashing a new boot2 is dangerous if you have no return – there is a backup mechanism to boot another copy of boot2, but we cannot count on that for several reasons (for example, if our new boot2 code hangs, the backup would not be tried, as boot1 thinks that everything is right).

It also became clear that once we are able to execute starlet code, it will be a lot of trial&error. So what I did was to revive my old FPGA-based NAND flash emulator, which I once built for the Xbox 360. I wired the Wii’s flash pins to the FPGA. Now the Wii flash has different properties (large block, larger size, different ECC algorithm used), but I could adapt it in a matter of hours. I had to fix the RESET handling (the Wii is waiting for R/#B to go low for a short moment of time), and some minor things, but then it worked! I could boot from my FPGA instead of the original Flashrom. So I could do code changes in a matter of seconds, instead of always reprogramming the flashrom (potentially external). Because my FPGA board has “only” 512MB of RAM, I couldn’t fit the whole flash contents into the RAM. As part of the NAND emulation happens on the embedded PowerPC core in the FPGA (a Virtex 2 Pro), I just added an ethernet MAC, and used lwip to fetch the flash pages from a TCP server. That made the development cycle even easier, as I could now just modify the virtual NAND content on my PC!

[Read the rest of the article by following the link, thank you]


By with 0 comments
Nintendo Wii Repair Disc in the Wild (Wii misc)

According to http://www.tehskeen.com there is something interesting in the “wild”.

Read on:

Some more news has surfaced from #wiidev on IRC/EFNET. A member of the channel released a screen capture from the “Gay Fish” Nintendo Wii disc. This disc is used to restore Nintendo Wii consoles to their factory state and allows you to change some internal settings.

Unlike other sites that say this disc isn’t *available* it is as the person in #wiidev had to have access to it to post the screen shot. Although, I wouldn’t go asking for the disc or you’ll be banned. Maybe they should write up a BAN list for noobs (it might take up 20KB of space in a plain text file).

Source: #wiidev / IRC / EFNET

Discuss here: http://www.tehskeen.com/forums/showthread.php?t=6179


By with 0 comments
Page 215 of 216« First...102030...212213214215216