QJ.NET | Videos | Forums | iPhone | MMORPG | Nintendo DS | Wii | PlayStation 3 | PSP | Xbox 360 | PC | Downloads | Contact Us

The Zelda exploit: Unsigned code running on Wii without modchip

Posted Jan 27, 2008 at 12:15AM by Victor B. Listed in: News, Hacks & Exploits Tags: modchip, Exploit
Ó

TehSkeen: The unsigned code running on the Wii - Image 1


Over on the TehSkeen website, Brakken reports that two Wii coders were recently able to run an exploit on the Wii that enabled them to activate their own code. Segher and Bushing were able to modify a saved game from Zelda to crash the machine and run unsigned code on it.

The process, however, isn't simple. Bushing notes that modifying a saved game requires it to be signed with three keys: the encrypted save game, the signature for the save game (using your console's private key), and a copy of your console's public key, signed by Nintendo.

Granted, it was only four lines of code, according to them, but this was just one day's work, so the future might hold something very useful for Wii users. Specifically, Bushing notes, they hope it will one day lead to the creation of a homebrew loader for the Wii. They aren't making any promises however, so we shouldn't assume anything for the moment. For now, let's just enjoy the step forward that's been made this day.

[Via TehSkeen] Permalink  |   Email this  |   Linking Blogs   |   Digg It!

Bookmark / Find this article on:

5 Jumps     Wii homebrew - Dolphin Unofficial SVN build 4525
4 Jumps     OverClocked ReMix working on DKC2 soundtrack
2 Jumps     Criterion's Need for Speed title set for 2010
2 Jumps     Watch: Eight minutes of Modern Warfare: Reflex footage
1 Jumps     Wii homebrew - Yabause Wii Unofficial r2411 alpha 9
1 Jumps     Wii homebrew - Dop-IOS MOD v8
1 Jumps     You can race Chocobos in The Crystal Bearers
1 Jumps     Wii homebrew - Dolphin Unofficial SVN build 4460

17 Comments


Sort by:
   by MyDixieNormous - 2008-01-27
 » dude
awesome! Hopefully they'll find a way to run backup dvd's without a chip :D


   Re: KingPoubar - 2008-01-27
 » Dude
Buy your *****ing Wii games you filthy pirate.
Wii need a region free hack so i can get my Manhunt 2 on on my PAL Wii.

   Re: rollypoly - 2008-01-27
 » um
he said backup dvds... not pirated isos.

his backups are no more questionable than your imports...

my modded wii has saved me tons of money in replacing games scratched by my kids.

it would be awesome if i didn't need to buy blank discs and could load games from a big SD card.

   Re: Techni - 2008-02-10
 » To KingPoo
I would buy them if they were worth the cost. But at $10 less than a 360/PS3 game, coupled with no online multiplayer, bad graphics, no HD support, last gen surround sound support, MIDI sound and no voice acting, last gen physics/AI, and basically being a minigame/glorified tech demo doesn't make it worth the cost.

Now if all Wii games cost the same as Zelda's Crossbow training, which not only includes a controller attachment but is also as much a game as any other Wii title, then I'd buy them.
   by ShadeyProphet - 2008-01-27
 » @KingPoubar
Dude... Are you sure you understand this concept of "Homebrew" we speak about often here?

The perpose of homebrew is To allow Us and other people to run unsigned code, Allowing us to play "homebrew" programs that "Homebrew Coders" create. Umm I'm all for people buying their commercial games, Hell I have a few myself. But I just wanted to make sure that you knew what this scene was "really about"

   by FreePlay - 2008-01-27
 » Fake.
"The process, however, isn't simple. Bushing notes that modifying a saved game requires it to be signed with three keys: the encrypted save game, the signature for the save game (using your console's private key), and a copy of your console's public key, signed by Nintendo."

And since we don't know exactly how they're encrypted, there's no possible way that they re-encrypted the data after decrypting and modifying it.

So yeah. Fake.


   Re: xLinkinwormx - 2008-01-27
 » its fake?
well if they ever release this then we'll know for sure wont we, but as you said no one knows how nintendo encrypts there stuff, we can hope though right? lol

   Re: TPot - 2008-01-28
 » They can unencrypt.
If you read a previous article, you will know that Bushing was involved in a hack that was demonstrated at a convention. They had code running on the Wii in front of an audience. They also mentioned that they had used the Wii functions to decrypt data.

So yes - they can decrypt items, and once you can decrypt I don't believe it would be hard to encrypt.
   by Advertising -
   by KodewerxDotNet - 2008-01-27
 » I think someone jumped the gun on that one.
The screenshot clearly shows an exception handler, which clearly shows how the game crashed; a DSI exception. On the PowerPC architecture, a DSI occurs when an instruction attempts to read unmapped memory. This is not indicative of code injection, but data injection. A pointer was replaced with 0x34567788, which caused the exception as the code attempted to access that memory address.

Now if it were an ISI instruction, that would be something worth noting; in such a case, the CPU is attempting to execute an instruction which lies in unmapped memory. That is a better indication of code injection; causing the CPU to execute code from any memory address you wish.


   Re: Matt-N - 2008-01-28
 » And...
... what does that mean in English lol?

   Re: TPot - 2008-01-28
 » Go to the source.
At tehskeen, they have more screenshots.
   by ISOHaven - 2008-01-28
 » WTF!?!?!?!?!
"modifying a saved game requires it to be signed with three keys: the encrypted save game, the signature for the save game (using your console's private key), and a copy of your console's public key, signed by Nintendo."

"Power saves" are neither encrypted with a machine key or a Nintendo key and they work fine.

What am I missing?


   Re: KirbySS - 2008-01-29
 » .
They're still legitimate saves, though. This one isn't (clearly).

   Re: ISOHaven - 2008-01-29
 » WTF!?!?!?!?!
That's my point, "IF" they require all that encryption in order to be legitimate saves then obviously we DO know how to do that and some people's comments are wrong.

Or they can be legitimate without all that crap and the article is wrong.

Seems to me, either way, someone is dead wrong.
   by TheSilenceOfNoOne - 2008-01-29
 » This is making no sense right about now.
Can Virtual Console read saves from an SD Card? NO.
How can this be done on a non-modded Wii when we can't get it to load the save? Exactly.

   by Wanker2.0 - 2008-01-29
 » ...wow...ignorance...damn.
"Can Virtual Console read saves from an SD Card? NO.
How can this be done on a non-modded Wii when we can't get it to load the save? Exactly."
What virtual console? They're running the Wii version of Zelda, which can read from the SD card.

"Now if it were an ISI instruction, that would be something worth noting;"
I think the major thing here is that they were able to make it read ANYTHING from another location. It is a step forwards.

"And since we don't know exactly how they're encrypted, there's no possible way that they re-encrypted the data after decrypting and modifying it."
If you know how to decode, you can reencode. I can't think of any exceptions to that.

"So yeah. Fake."
Too soon to say that. Maybe not as big as they are making it out, but a good start.

   by gr8tlegend - 2008-01-29
 » RRRRRrrrrr
RRRRrrrr rollypolly you have children Rrrr I love me homebrew P.s don't mention the i*s's they boot you for mentioning those.... the matrix has you....



Contact Us:

The QJ.net Network

RSS Feeds
Site Feed
QJ.NET RSS
Nintendo DS RSS
PlayStation 3 RSS
PSP Updates RSS
Wii RSS
Xbox 360 RSS
MMORPG RSS
Personal Computer Games RSS
iPhone - iPod Touch RSS
QJ.NET Forums RSS
Add QJ.NET
Add to My Yahoo!
Google Reader Subscribe with Bloglines
Add to your Kinja digest Subscribe in NewsGator Online
Subscribe with Pluck RSS reader Add 'www.qj.net' to Newsburst from CNET News.com
Subscribe with SearchFox RSS del.icio.us www.qj.net
Add to Technorati Favorite! Add to My AOL
furl! it Stumble for Treehugger!
User Favorites - November
Most Commented
(74)
(43)
(39)
(35)
(34)
(30)
(22)
(21)
(21)
(19)
(17)
(13)
(12)
(11)
(10)
(10)
(9)
(9)
(8)
(7)
User Favorites - November
Top Jumps
PS3 has outsold the Wii in .. (63)
Media Create hardware sales.. (54)
Playing games is top entert.. (53)
Famitsu hardware sales: Oct.. (42)
Iwata: Digital distribution.. (40)
Criterion's Need for Speed.. (38)
Reggie: New Super Mario Bro.. (36)
X gon' give it to...the mu.. (35)
Dragon Quest IX tops global.. (29)
QuickJump QuickPeek Hallowe.. (27)
ONN reports: Modern Warfare.. (27)
Nintendo Game Boy inducted .. (26)
EA sacks 1,500, cans 12 una.. (26)
Rumor: IO Interactive has a.. (25)
On Shelves This Week: Novem.. (25)
Homebrew game - Powder rele.. (25)
Black Panther also on his w.. (22)
The White Stripes, The Damn.. (21)
Court to young repeat offen.. (16)
Activision in 2010: New Cal.. (15)
Miyamoto's wish fulfilled:.. (15)
Infinity Ward: Wii can't d.. (13)
And the winners of the 27th.. (13)
If there was a gaming churc.. (12)
Wii homebrew - Dop-IOS MOD .. (11)

 Username: 
 Password:
Forgot password
New user registration



Categories
Titles
Archives



Use of this Web site constitutes acceptance of the TERMS & CONDITIONS and PRIVACY POLICY
Copyright © 2009, QJ.NET. All Rights Reserved.
Contact Us