View RSS Feed

streamlinehd

Boot2 Bootmii Is Still Detectable When Removed with Hackmii

Rate this Entry
by , 01-23-2011 at 02:24 PM (3795 Views)
I've been doing some research on boot2 and Bootmii in order to help design a PC tool which can detect the boot1 and boot2 versions from a NAND dump. During this process I've found that uninstalling Bootmii using the Hackmii installer deletes the Bootmii ARM code but actually leaves the fake signature behind. This proves that Nintendo would be able to detect Bootmii was once installed on the console. See the three examples below.

1.) Boot2 - Stock (Bootmii never installed)

Stock Boot2 Cert



Bootmii Slot Stock(No ARM Code)




2.) Boot2 - Bootmii (Bootmii Installed)

Bootmii Cert (fakesigned)



Bootmii Slot (Bootmii ARM Code)




3.) Boot2 - (After Bootmii Is Uninstalled)

Boot2 Cert (Fakesigned Cert Is Still Present)



Bootmii ARM Uninstalled (Bootmii ARM Code Is Removed)

Submit "Boot2 Bootmii Is Still Detectable When Removed with Hackmii" to Digg Submit "Boot2 Bootmii Is Still Detectable When Removed with Hackmii" to del.icio.us Submit "Boot2 Bootmii Is Still Detectable When Removed with Hackmii" to StumbleUpon Submit "Boot2 Bootmii Is Still Detectable When Removed with Hackmii" to Google

Updated 01-23-2011 at 05:42 PM by streamlinehd

Categories
Uncategorized

Comments

  1. Bad_Ad84's Avatar
    • |
    • permalink
    Speaking of PC tool, I have sent you the link via PM.

    Please be as thorough as you were with the boot2 research (p.s. thanks for the help with all that)
  2. streamlinehd's Avatar
    • |
    • permalink
    Speaking of PC tool, I have sent you the link via PM.

    Please be as thorough as you were with the boot2 research (p.s. thanks for the help with all that)
    Got it thanks. Yes, I will be very thorough with the testing and will also get this posted on the Staff forum with instructions as you requested. Great work compiling the tool and I like how you left the hash detection in there as well.
  3. JoostinOnline's Avatar
    • |
    • permalink
    I don't know if this will help, and you may have already read about it, but there was an interesting article on Hackmii.com last year about Nintendo detecting mods.
    Check Disk for Pre-Repair Process
  4. streamlinehd's Avatar
    • |
    • permalink
    I don't know if this will help, and you may have already read about it, but there was an interesting article on Hackmii.com last year about Nintendo detecting mods.
    Check Disk for Pre-Repair Process
    Yeah, in that situation I'm sure they detected exactly what I've detected here. It's very obvious when Bootmii is installed as Boot2 because the fakesignature is left behind. I'm not sure why the creator's of Bootmii didn't make the Hackmii installer fix the signature upon removal. Maybe the risk for corruption was too high? Not quite sure???
    Updated 01-24-2011 at 10:31 AM by streamlinehd
  5. Bad_Ad84's Avatar
    • |
    • permalink
    Probably didnt want to have nintendos cert/code within the application? they are very anti piracy after all
  6. streamlinehd's Avatar
    • |
    • permalink
    Probably didnt want to have nintendos cert/code within the application? they are very anti piracy after all
    Yeah now that you point that out, I'm sure that is likely the reason. Good call .
    Updated 01-24-2011 at 01:15 PM by streamlinehd
  7. JoostinOnline's Avatar
    • |
    • permalink
    they are very anti piracy after all
    Lol, no joke.
    They haven't shown concern about removing traces of their software during the uninstall. This is from the HBC FAQ.

    Will this remove all traces of the channel?
    No, since there are many logs and other tidbits that remain, created by the Wii software. However, none of these should cause any issues. We will address the problems if and when they come.
  8. streamlinehd's Avatar
    • |
    • permalink
    Yeah but that's not too much of a concern since they would need to have the keys to detect traces of the Homebrew Channel. If the Wii is fully bricked, I don't believe they have a way to decrypt the data to see that. Although they may have a tool to extract the keys but that has not been proven or dis-proven. Boot blocks are not encrypted so it's much easier to detect Bootmii when installed as boot2.
  9. JoostinOnline's Avatar
    • |
    • permalink
    My point was that removing traces of their software is clearly not a priority.
  10. streamlinehd's Avatar
    • |
    • permalink
    Clearly not