Page 42 of 44 FirstFirst ... 324041424344 LastLast
Results 411 to 420 of 433

Thread: NAND programming- Low Level Brick recovery without bootmii

  1. #411
    New Member
    Join Date
    Dec 2009
    Posts
    37
    Thanks
    3
    Thanked 1 Time in 1 Post
    The keys are stored in the Hollywood chip, the only way to get them that i know of is having BootMii installed as boot2 and doing a nand dump to SD card, but that all depends on whether the wii is capable of having BootMii as boot2, if not then you are out of luck as far as i know, its not even worth getting the Infectus nand programmer, your wii is basically unfixable at the moment

    Listen to Erikie he is giving you good advice, he helped me fix my first bricked wii
    Last edited by g1r9a6d8y; 10-04-2010 at 04:46 PM.

  2. #412
    New Member
    Join Date
    Mar 2010
    Posts
    10
    Thanks
    1
    Thanked 0 Times in 0 Posts

    Ca

    Quote Originally Posted by tataee1990 View Post
    someone correct me if i'm wrong...
    this is what i figure it out after google-ing all day..

    wii processor has one key and the nand memory has another.
    the boot files and everything is stored in nand memory.
    the keys differs by region, each region has it's set of keys, so when you update to v4.2 from other region then the processor one, bam! u got a nice white brick, thanks to nintendo!
    so, if i'm not wrong the nand memory contains the original key used to encrypt the files, once you access the nand you could find that key. (no matter what version you have)
    if you have a previously version of any system files stored in nand (not encrypted) you can encrypt it with your bricked key you extracted, then write your flash and you got yourself an un-bricked wii, then you can update to v4.2 for Korean wii's.

    am i right?
    You are right when you say that the key is stored on the NAND. The problem is that the NAND itself is encrypted and there is currently no publicly known way to decrypt the NAND flash dump (unless you have the key already). You can usually verify if the Wii is capable of having bootmi as boot2 by either:

    1. Look up the serial number in this database: https://spreadsheets.google.com/ccc?...3c&hl=en#gid=0

    2. If I recall correctly, another user on either this forum or another has stated that you can get an idea of the boot1 version in correlation with either the date code on the CPU or a letter in the CPU code. I'm not 100% sure on this as I have not verified it myself and it was a while ago I read this.

    What you need to know is that only boot1a and boot1b are capable of having bootmii as boot2. So boot1c and above are not compatible. (no exceptions)

    If you have either boot1a or boot1b, the only way you are ever going to recover that Wii is to flash bootmii into boot2 using a NAND flash programmer such at the Infectus chip. I'm sorry but there are no exceptions to this rule either. At least for the time being.

    Hope this helps you sort out the problem. Good luck!

  3. #413
    Retired WiiHacks Staff Krafter's Avatar
    Join Date
    Dec 2009
    Posts
    4,427
    Thanks
    460
    Thanked 1,093 Times in 857 Posts
    Blog Entries
    5
    Quote Originally Posted by neildmd View Post
    2. If I recall correctly, another user on either this forum or another has stated that you can get an idea of the boot1 version in correlation with either the date code on the CPU or a letter in the CPU code. I'm not 100% sure on this as I have not verified it myself and it was a while ago I read this.


    NOTE: If you are unsure of your boot2 version, you can use the infectus to do a full nand dump and then open up the dump in WiiNand v0.2. Click on the keys tab and you will see your boot1 version listed. Look carefully if you can't find it.Boot1a and boot1b are vulnerable and bootmii can be installed to boot2
    Source: Wii Brick Fixing: Using an infectus tutorial

  4. #414
    New Member
    Join Date
    Mar 2010
    Posts
    10
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Thanks, I forgot to mention that fact. I was just giving him the options he has as of now, since he does not have an Infectus and probably does not want to waste the money on one if his Wii ends up being a boot1c+ console.

  5. #415
    Junior Member
    Join Date
    Dec 2009
    Location
    England
    Posts
    1,304
    Thanks
    7
    Thanked 320 Times in 240 Posts
    Blog Entries
    2
    Key is stored in Hollywood, not the nand.

    If the key was in the nand, which is encrypted, how would it get decrypted to read it?

    to get the keys out of hollywood, you need to run code on the wii (i.e. bootmii)

    and yes, you can work out boot1 version based approx on serial or for certain by the date code

  6. #416
    New Member
    Join Date
    Mar 2010
    Posts
    10
    Thanks
    1
    Thanked 0 Times in 0 Posts
    Thanks for clarifying that Bad_Ad84. I knew the key was stored in the hollywood cpu, but for some reason I was under the impression that there was a copy/trace of it in the nand. Now that I think about it, that would make no sense from a security standpoint (Ha!). I know there are lots of other keys stored in the nand flash memory so I quickly assumed the nand key was there as well for comparison after decryption. I guess there would be no point for the comparison though, seeing as if it can successfully decrypt the data it's obviously the matching nand haha... It does get appended to the nand dump when dumped with bootmii.

  7. #417
    New Member
    Join Date
    May 2010
    Posts
    4
    Thanks
    0
    Thanked 0 Times in 0 Posts
    thanks for all the information's shared

    i'll try my best to fix this brick, and i'll share everything...

    i'm confused about the serial number now,
    here https://spreadsheets.google.com/ccc?...3c&hl=en#gid=0
    all the serial numbers starts with LEH or LU, and i can't find anything starting with LEH/LU either on the wii board or the external case...
    on my wii case where it says: Serial No, it starts with LKM1025...
    is that the serial number?

  8. #418
    Member
    Join Date
    Jan 2009
    Posts
    2,692
    Thanks
    254
    Thanked 396 Times in 369 Posts
    tataee1990,
    LKMxxxx means it's originally a Korean Wii. yes, it's a valid serial number.

  9. #419
    Junior Member
    Join Date
    Dec 2009
    Location
    England
    Posts
    1,304
    Thanks
    7
    Thanked 320 Times in 240 Posts
    Blog Entries
    2
    If you have a Korean wii, you will need a nand backup from before you bricked to fix it.

  10. #420
    Member
    Join Date
    Jan 2009
    Posts
    2,692
    Thanks
    254
    Thanked 396 Times in 369 Posts
    Bad_Ad84,
    i got 2 fully bricked Korean Wii motherboards on hand. looking for a handy tool to experiment unbricking it.
    have u any idea about the infectus2+injectus availability & price ? pls pm me at ur convenience.
    thx.

Page 42 of 44 FirstFirst ... 324041424344 LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •