View RSS Feed


How to bannerbomb cboot2

Rate this Entry
by , 11-21-2010 at 09:01 AM (6300 Views)
I may be the only person who would actually want to do this, but if there happens to be others who would like to bannerbomb cboot2 apps, this is for you. It also works via disc exploit.

Doing this will allow you to load any app that can be loaded via cboot2 with bannerbomb or any disc exploit.

Download bootmii-booter
Extract bootmii-booter.elf to sd:\ and rename to boot.elf
Download Bannerbomb v1 or Bannerbomb v2
Extract bannerbomb to sd:\
Download cboot2
Extract the /bootmii/ folder to sd:\
Extract the /startup.elf to sd:\
Edit startup.elf with a hex editor, such as HxD
In hex, search and replace boot.dol with load.dol- there are two of them. Or just use this one-
Get a boot.dol app, such as Multi-Mod Manager
Extract the boot.dol to sd:\ and rename to load.dol

If using MMM or other wadmanger with a config. Edit the config and change to ios to be loaded to whatever cios you intend to install or remove the ios from the config. Other wise the app will just load on ios36-v16 and reload to the other ios, which could defeat the purpose.
I personally would set the config to load cios236, then place the cios236.wad in sd:\wad. Then in MMM, install cios236 via cboot2, MMM will then reload cios236 and install the rest of your wads with that.

Now put the sd card in the wii, run bannerbomb v1 or v2, or any disc expoit. This will load the bootmii booter, loading cboot2, loading your app. This obviously requires bootmii ios.

Useful for a few things- installing cios, installing crap on hardmoded wiis that don't want to install cios, some brick situations, use your imagination.

Submit "How to bannerbomb cboot2" to Digg Submit "How to bannerbomb cboot2" to Submit "How to bannerbomb cboot2" to StumbleUpon Submit "How to bannerbomb cboot2" to Google



Page 1 of 2 12 LastLast
  1. davepm's Avatar
    • |
    • permalink
    Thanks Mauifrog, always useful to have alternative ways of doing things, just in case!
  2. Bad_Ad84's Avatar
    • |
    • permalink
    I dont understand why you would want to do this?

    You can just bannerbomb into MMM anyway and install or run stuff from there...

    I cant think of 1 example where this would be needed?
  3. mauifrog's Avatar
    • |
    • permalink
    Well I first tried to do this when helping someone try to fix their error 1024, but it did not work. Like I said, I may be the only one who is interested it doing this. If you imagination does not bring any ideas as to what you would do with it, then you have no use for it.

    It simply allows you to install with cboot2 without having or installing the HBC, you only need bootmii ios. Many modchip user may find this useful, ones that wish to install wiiware, etc, but not install cios or HBC. So with this method they would only need to run hackmii to let bootmii ios install, install nothing else, then install any wiiware, vc, channel they wish.

    It also simplifies fixing bricks when you don't have to direct someone to load a specific ios, assuming they have bootmii ios install they can simply load MMM via cboot2 and batch wad install the needed files without being directed to load a specific ios, which they may or may not have depending on what they have done to their wii trying to fix it- especially when they try to virginiz it. At least that is what my imagination does with it.

    Bannerbomb -> cboot2 -> MMM cboot2 -> cios236 install -> MMM cios236 -> batch wad install

    There your two examples, I am sure someone else can find some other reason. At least those with some creative imagination.
  4. narse1979's Avatar
    • |
    • permalink
    Its just handy to know me thinks....
  5. Bad_Ad84's Avatar
    • |
    • permalink
    But, you can bannerbomb into MMM anyway, You HAVE to install an IOS anyway.. there is no way around this (be it bootmii IOS or a CIOS).

    and if cboot2 is using the bootmii IOS, why not just reload it in MMM? and if its not using the bootmii IOS and its just using IOS36 (Like cboot2 defaults to), you still need a patched ios36 anyway...

    As I said, i dont see how this works or would be useful, its just adding extra steps that arent needed?

    Im not trying to question you, this is a discussion as i honestly dont see how this is beneficial in anyway...?
  6. Bad_Ad84's Avatar
    • |
    • permalink
    also, booting mmm via bannerbomb =

    Bannerbomb -> MMM -> cios236 install -> MMM cios236 -> batch wad install

    which is same thing, but less steps??
  7. InvincibleSloth's Avatar
    • |
    • permalink
    It doesn't matter if it's needed or not. It's nice to have a ''just-in-case'' option, or to know that it's possible.
  8. Bad_Ad84's Avatar
    • |
    • permalink
    Of course it matters if its needed or not.

    I could make something that loads 1 loader than another in a chain of about 20 things and still end up at MMM, but if theres no use, then theres no point.

    The "just in case" is only helpful if this is another option incase one gets blocked, but it just isnt...
  9. Bad_Ad84's Avatar
    • |
    • permalink
    Also, bannerbomb is always going to allow access direct into MMM.

    bannerbomb has been fixed in later system menus, so this isnt an advantage to that.

    This is why I asked what situation is it useful in. Because in simple terms, this is no different then bannerbombing into loadmii, then loading mmm, then loading dopmii from mmm - when you could just load dopmii from bannerbomb.
  10. mauifrog's Avatar
    • |
    • permalink
    You can't bannerbomb MMM and install cios236 if the wii has no patched ios installed. MMM must run on a patched ios to install anything fakesigned, that is the point of cboot2. There also is no extra step, you bannerbomb all the same, it is just what is on the card.

    This method has been put into the semi brick guide for those who don't have cios installed and are not installing HBC. They won't notice any extra step, it is all on autopilot.
  11. Krank's Avatar
    • |
    • permalink
    Thanks for sharing this mauifrog.
  12. mauifrog's Avatar
    • |
    • permalink
    For anyone who does not know what cboot2 is and what it does, it is a method of temporarily loading a trucha patched ios into nand. With this you can install other cios. It is an alternative to TBR and AHBPROT. It works like this-
    How it works?
    cBoot2Installer will install a ARM boot binary to "/bootmii/armboot.bin" on
    the SD card.
    This is started by the Bootmii loader (put in SD card and power on the wii).
    This will:
    1. Copy SD "/startup.elf" to NAND "/tmp/cboot2/ppcboot.elf".
    2. Search for an IOS starting with IOS36 and going down to IOS3.
    3. It will patch the kernel of the IOS to include the sign bug and
    will add the abilty to remove an installed IOS.
    4. The patched kernel will be written to NAND "/tmp/cboot2/armboot.bin".
    5. Start file "/tmp/cboot2/ppcboot.elf" from NAND on Broadway.
    6. Start file "/tmp/cboot2/armboot.bin" from NAND on Starlet.
    7. Broadway will then load the file "boot.dol" from SD and start it.
    8. In this example the wad manager is started. The file is patched to
    not load a different IOS. All executables need such a patch. Or you
    will miss the main feature this package
    Typically cboot2 is only run via boot2 bootmii or from HBC, but using daco tacos boomii booter, you can load cboot2 from disc exploit or bannerbomb. How usefull is this? Not very useful, but it does provide an alternative method of restoring the trucha bug in the absence of HBC/AHBPROT, TBR, etc. And is particulary useful to modchip users who are avoiding the HBC, but may wish to install other fakesigned content with limited modification to the wii, example would be Wiijohns guide for wode users to use cboot2 to install channels. Those users can load it from bannerbomb and disc exploit if they wish.
    Cboot2 is not intended to be an app loader, like loadmii, it is used to patch the ios and load an app on that patched ios so cios can be installed.
    This is how I do my softmod guide.
    Instead of the normal-
    Hackmii -> TBR/AHBPROT -> ciosx installer -> Hermes installer -> wad install (ios/channels) -> priiloader

    I do-
    Hackmii -> cboot2 MMM -> Batch wad install -> priiloader

    So in general using cboot2 requires less steps

    This just adds the option to load such a process from bannerbomb or disc exploit, instead of the HBC, if you have bootmii.

    But as I said in my blog, most people will not find any use to this. It is only posted for shits and giggles. Some may find it mildly entertaining.
  13. Bad_Ad84's Avatar
    • |
    • permalink
    This is why I asked for an example why its useful, I didn't realise it actually patched the IOS before loading it.

    This is mostly because I don't deal with many bootmii/IOS Wii's (As I mostly buy bricked boot2 Wiis to repair cheaply), so have never noticed (all boot2 wiis, I just cboot2 into - no need for bannerbomb).

    Good stuff, just something I hadn't really ran into to notice.
  14. Bad_Ad84's Avatar
    • |
    • permalink
    Also, on bootmii/IOS Wii's I usually bannerbomb into MMM then load dopmii... I dont really use MMM for wad installation as I use a network install and dopmii does work from bannerbomb... another reason not to have noticed.
  15. willstergman's Avatar
    • |
    • permalink
    Updated 11-25-2010 at 04:11 AM by nightstah
  16. Bliepo's Avatar
    • |
    • permalink
    Nice mauifrog. Like Bad_Ad84, I didn't see a use for this technique at first, but you have one after all.
    @willstergman: Is the all caps, big letters and red really needed? You could have just pm'ed him you know.
  17. Bad_Ad84's Avatar
    • |
    • permalink
    Another reason why I've never noticed cboot2 patches the IOS is because I use dopmii for IOS installation and DOPMII does an IOS reload.

    I assume MMM is just running under the now mem patched IOS36 without reloading and therefore has the exploits needed for wad installation.
  18. Cile's Avatar
    • |
    • permalink
    Dint know that either...
    it is a method of temporarily loading a trucha patched ios into nand.
    always something to learn from you

    I like

    Hackmii -> MMM/AHBPROT -> Batch Wad Install

    cant wait till its fixed ....
  19. mauifrog's Avatar
    • |
    • permalink
    I also like MMM/AHBPROT, but I don't see it reliable until the next HBC update. It seems to be buggy at the moment. But if the next HBC fixes that, I plan to just use MMM/AHBPROT and drop cboot2.

    But then if I do that, I will have to find a way to bannerbomb AHBPROT
  20. Bliepo's Avatar
    • |
    • permalink
    Indeed, this brings priiloader v0.5 to mind. I installed it for some family of mine when it wasn't known yet that the prilloader v0.5 installer could brick a wii and he didn't have bootmii/boot2. Luckily for me, it didn't brick and all went fine, but still...
Page 1 of 2 12 LastLast