It seems the guys over at tehskeen have been busy, They have apparently found a way to run unsigned code on the wii console via a corrupted zelda twilight princess save.

More info Via a helpful post from Mr. Soully below. *nods

News Via tehskeen (http://www.tehskeen.com/index.php)

The site is down at the minute, but to quote from the site:


Yes, that's right - an exploit for the Nintendo Wii has been discovered and it allows you to run custom code. The method is pretty simple. Copy over a save file for Zelda, load it and the code runs. Don't get too excited yet. They have only been able to run 4 lines of code, but this is in a days work.

Segher was the one to find the exploit and Bushing has been testing it out with the aid of the USB Gecko. The process is far from simple as once you modify a save game it requires it be to signed with 3 keys. Here's some info from Bushing.

"Once the Wii decrypts the save game, it checks its signature. Every Wii has its own private key which is used to sign save games, and when you save a game, the Wii actually saves three bits of data:

* The encrypted save game
* The signature for the save game (using your console's private key)
* A copy of your console's public key, signed by Nintendo."

Of course, the end user wouldn't have to go through this process unless they were wanting to inject their own code into the save game, but that shouldn't be necessary because when I asked Bushing what his goal was he answered:

"Assuming we don't run into a wall, it should be able to lead to a homebrew loader. I hope. No promises. "

Exciting stuff!

Thats cool. I wonder if it is actually real. They need to give a little more info though.

Good news for the Wii owners... Real good news.

I reckon Nintendo will block it with the next firmware update if it's real.

Didn't they block the SD exploit?

Didn't they block the SD exploit?

I think they did (because my Wii which is on the latest firmware won't read my Gecko whereas my GameCube will), but I think that whoever has found the exploit is using an older firmware?

It's almost certainly real by the way, these are the guys that have released the encryption/decryption software recently and I believed the same guys that showed off that homebrew code at that german hacking show a few weeks ago

Sorry to all about not filling out this article a little better, I was indeed awfully busy this morning :o

It's almost certainly real by the way, these are the guys that have released the encryption/decryption software recently and I believed the same guys that showed off that homebrew code at that german hacking show a few weeks ago

Theres no doubt about it being real, but the only thing that hasn't been mentioned is if it runs on a regular firmware (obviously not the current firmware) well basically what firmware it runs from.

That's cool. Although I dont think the homebrew isnt going to be much more superior to Xbox 1's selection of homebrew (then again, I could be wrong).

lets hope sooner or later we get someway of hacking it so that it isnt as hard as they make it seem :p

I thought that you could boot SD Media Launcher with a WiiKey even if the firmware you have blocks it. Is this true? If it is, that might make it a bit easier.

I thought that you could boot SD Media Launcher with a WiiKey even if the firmware you have blocks it. Is this true? If it is, that might make it a bit easier.

Definitely true!

Discussion should continue in the actual wii section here: http://www.dcemu.co.uk/vbulletin/showthread.php?goto=newpost&t=87932