Talk:Twilight Hack

Twilight Hack v0.1 Beta 2?

I got interested in HBC a while ago and was disappointed when I learned that it wouldn't work on firmware version 3.4u. But now that a newer version of the Twilight Hack is out, I want to install it for my Wii. However, I am still unclear what is required in order for the hack to work. Here's what's on my Wii now:

• Version 3.4u Firmware
• A D2Pro9 modchip with USB programmer
• I DO NOT have any version of HBC on my Wii

Will this work for me?

It should if the modchip doesn't interfere. --Cyndaquil 01:27, 15 December 2008 (UTC)

Picture wanted?

I made a macro picture of my zelda disc. any need for it? (explanation or so). http://web2.alster144.server4you.de/dateien/noobody/20080213154815_zelda_makro.jpg

The lightning is too uneven and the image needs cropping. It feels like it is possible to do something similar enough with vector art.--henke37 11:54, 16 March 2008 (PDT)

Odd error on PAL version

I was searching for a place for this question to be seen by developers, so excuse me if I'm bothering you with this post. Recently, I've tried the Alpha3 version of Twilight Hack, on my PAL Wii running at 576i, 60Hz on a normal TV. As soon as I boot stuff, it'll always be in black and white, with both version A and B and with different homebrew applications (I've tried ScummVM and RIN so far). Has anyone got my same problem?

Using 50Hz (576i) it should work. To make it work properly on 60Hz, you'll probably need something similar to an RGB cable. By the way, don't you mean 480i?

Component is the best, RGB SCART has some compatibility problems. Alternatively, run your Wii on a different TV, what it is is that the apps say "ooh, 480i/p, that must mean they're american" and so the american colour encoding standard, NTSC, is used instead of PAL, making a poor quality monochrome picture. Muzer 09:33, 20 April 2008 (PDT)

Playing with the modified savegame

Is it safely possible to use the remaining two save files for actual game saves? Swapping the files as I currently do, is a little bit tedious... Helsionium 12:01, 25 April 2008 (PDT)

Even if it where possible, I would not recommend it, then you would be stuck with that version if there was a new version released.

Besides, the shellcode has to be somewhere in the save, I wouldn't risk it being in one of the other save files.--henke37 23:47, 25 April 2008 (PDT)

Out of curiosity, I tried it and it actually works in a completely normal way - as long as you leave the "Twilight hack" file in slot 1. Copying and (obviously) deleting that file will prevent it from working. Since ::currently all homebrew can be run with this version of the hack, I have no desire to keep swapping save files... Helsionium 07:49, 15 May 2008 (PDT)

Source Code

Does Team Twiizers have an intention on releasing the source code to their injected code, or any information on how they achieved this miraculous feat of hacking the save file? Anything appreciated! Just a simple guy wanting to see if this exploit is possible on any other game, but there seems to be so little information on how it was done that I haven't been able to even decrypt a save file! Thank you for your time --SquidMan 17:39, 28 April 2008 (PDT)

I think they do want to do that, eventually, when nobody is in any need of it.--henke37 01:47, 3 May 2008 (PDT)

I'm not exactly sure of their reasoning, but I'm pretty sure Team Twiizers aren't releasing the code just yet because they're worried about people bricking their Wiis with incomplete code. If you download an unstable version and brick your Wii with it it won't exactly be their fault, but I think they'd rather not have that guilt. :) As for decrypting a save file, there's some information on the Savegame page, but a page on Bushing's blog refers to secret keys that are used to encrypt the data. I believe Bushing got these keys out using a combination of hardware and software hacks, but they should be extractable from your own Wii by software methods ("I may release some software to extract them from your own console; do not ask me when it will be released." -- Bushing). What he definitely won't do is release the keys themselves -- there's too much potential for animosity from Nintendo. karaken12 01:57, 10 May 2008 (PDT)

I released that program (xyzzy). We've always planned to release source for the Twilight Hack as GPL, but Segher has been taking his time cleaning up the code for release -- come on IRC and offer to help, if you'd like to see it done faster. Bushing 07:13, 23 August 2008 (UTC)

Disc serial issue

If we want to make it dead obvious, let's make an image that illustrates where on the disc to read the serial number.--henke37 01:47, 3 May 2008 (PDT)

Chainloader doesn't show up?

Hello there!

I need help with the twilight hack. I've been following your instructions perfectly, naming every folder and file on my (FAT-formated) SD correctly. But when I insert the SD card in the Wii and want to copy the Twilight hack over to the Wii, there's no save visible at the SD card. I've been trying thousands of times, but the "Chainloader" symbol doesn't show up in the menu. It's all blank! [...] (Yes, I have made the folder(s) private/wii/title/RZDP and placed the 'rzdp0.bin' file in it, naming it 'data'.bin ) [...]

I had the same issue. What's happening is that when you're renaming the RZDP file to data.bin, you're actually renaming it to data.bin.bin. To avoid that renaming problem in the future, go to Tools>Folder Options>View and uncheck "Hide extensions for Known file types" (Thanks to Cybertronics).

I also loaded tp-hack-loader.elf to the root of the SD and renamed it to boot.elf, from there - it all worked like a charm! I hope this helps. I'm no pro, but feel free to ping me with any questions.

tp-hack-loader.elf? WTF is that? Muzer 10:03, 19 May 2008 (PDT)

Shellcode

Nothing important, but I'm really interested how large your shellcode is, it seems to be quite a lot for an overflow.

Respect and keep up the great work!

~miom

Thanks. The actual overflow for the savefile is about 600 bytes; it then executes the ELF loader, which is contained in a separate file in NAND (loader.bin -- about 23k). Both could probably be made smaller, if needed. Bushing 07:13, 23 August 2008 (UTC)

Other Save Files?

Not everyone has Twilight Princess, or is a fan of the genre. Wouldn't it be better to not have all our eggs in one basket and spread homebrew access out to other games as well? Games like Super Mario Galaxy or Metroid Prime 3, or even Wii Sports. I don't know if there are even access points within those games, but the least we could do is try to find them. Boinciel 18:20, 14 August 2008 (UTC)

Nintendo has already made an attempt at stopping homebrew by targeting the Twilight Hack directly. Which sounds better: Having to buy/rent a (good) game to get homebrew, or having no chance at running homebrew at all? Right now, it's better not to release extra savegame exploits when just one will do the job. --Tona 19:06, 14 August 2008 (UTC)

I'm not sure I understand you. I'm pretty sure the tp hack is a high buffer overflow (I think I read this somewhere, but everything of from here might be totally incorrect) so technically the exploit can be recreated in a number of games as long as there is a part that uses a lot of memory and involves some sort of user input, like Epona's super long name. I don't know of Wii games like this as I don't play videogames often, but one day I was playing Halo 3 on a friend's 360 and on one of the levels, you could shoot at this "plasma" bomb thing and it would create a pretty big lag. This pushes the system to the extreme and if you could overload the system by adding some more code then you could recreate the tp hack in any game. Of course, finding a scene like what I just described would involve lot of time and constant monitoring of the Wii so the chances of finding another exploitable part of a game is most likely the hardest part of making the hack. Again I could be totally wrong. Also longer games make things more of a pain. (unsigned, by SammyPwns)

Uhhh ... no. As you predicted, everything after "high buffer overflow" is incorrect; in the future, please just ask if you don't understand something rather than saying "I don't know what I'm talking about but you should do <xxxxx>". Finding overflows in games is possible for some percentage of games -- 10%? 50%? Hard to say. Finding them is fairly easy. Taking a crash and turning it into an exploit is much more work.

To answer the original question -- Every exploit expires. It's like a carton of milk. When you go to the store, do you buy one carton of milk, or four? In the same way, we release one exploit, wait for it to "expire", and then release another. Bushing 07:03, 23 August 2008 (UTC)

you could probably use rock band 2 to do this now,when you initiate overdrive it creates a lot of lag,so a possible savegame exploit could be rock band Calthephenom 05:54, 6 September 2009 (UTC)

Can't load homebrew

For some reason, the exploit fails to read any homebrew files I've tried. After executing the exploit, I get some kind of error at the end that says something along the lines of "code not found, hanging." Does anyone know what might be wrong? I'm on 3.2U by the way. I've tried both the beta1 and alpha3 versions, yet they produce the same results. Back when I first used this exploit, it was able to run one of the emulators but now it doesn't run anything I try. -Stormfist 08:38 (UTC) 1 October 2008

are you already on 3.2U version? -Yod4z 1 October 2008 16:14 GMT+1

he said he was; the files are in the SD root and named boot.dol or boot.elf? -Noobwarrior7 1 October 2008 10:00

Problem

Hello iam from germany and use the (original) twilight Princess PAL. I see the chainloader data (rzdp) but when i copie it to my wii system, it sais ,,The file may not be copied. And when i take rzdj oder rzde some Question Marks appear. So i think i use the right file. What can i do, pls help me :( JamesHammerbro 13:21, 11 October 2008 (UTC)

help

I have a NTSC unmodded Wii I don't own Zelda: TP. I could run the Twilight Hack by renting Zelda TP, but it's a rent and i have to give the game back as result I CANT play my PAL Games, is there any way to install the Gecko OS as a CHANNEL without USING THE HOMEBREW CHANNEL???????????? help!!!!!!

• My update: 3.3
• My wii shop channel update: the latest
• My SD card: Micro SD card Sandisk.

You need the Twilight Hack only one time to install the HBC (Homebrew Channel). Once you've installed HBC, you don't need the game anymore. Take a look at Setting up your Wii for Homebrew--Zaccret 16:36, 7 November 2008 (UTC)

Stupid question

I have a really, really dumb question: Would it be OK to name the gamesave something other than "Twilight Hack0" or the like?</stupidquestion> -Shado 00:07, 7 December 2008 (UTC)

New Japanese Zelda discs (unconfirmed)

I've seen a few random "serials" for Japanese Zelda discs on the net. Anyone who can confirm or provide data, please do so. If you have one of these discs, please contact me. If you speak English, you can also contact bushing or marcan. Reported serials: RVL-RZDJ-0A-0 JPN S0 (working, confirmed), RVL-RZDJ-0A-0 USA (working, confirmed), RVL-RZDE-006 JPN (shouldn't be japanese, unconfirmed). --Tona 08:59, 8 December 2008 (UTC)

1. Fixed your tag. You question has nothing to do wth mine. 2. What's the point of this again? You apparently live somewher that's not Japan... -Shado 22:32, 10 December 2008 (UTC)

Stuck at start cluster = ffff

When I run the twilight hack it gets stuck at: start cluster = ffff

Video of what happens: http://www.vimeo.com/2509668 {—Preceding unsigned comment added by Wiiguy (talk • contribs) 00:32, 13 December 2008

I am also getting this error. Mr_Nick666 09:05, 15 May 2009 (GMT)

Installing on Wii 4.0 with Two Wiis?

So here's my situation, one wii with 4.0 that does not have HBC installed, and one wii running 4.0 that DOES have homebrew installed. Is there any way to get the Twilight Hack to the Wii that needs HBC installed on it via some other homebrew app I can install on the already hacked Wii?—Preceding unsigned comment added by Ryohumar (talk • contribs) 18:52, 3 April 2009

No. Bushing 00:43, 4 April 2009 (UTC)

Having trouble getting homebrew to work.

I have been following the instructions on how to get this to work but once I got to the part where I start Twilight Princess and load the hacked save once I do using the boot.dol file the system goes to the black screen like it seems it should but ends up giving me a message of: Could not find boot.dol - Failed to read boot.elf (-1) - hanging. The recommendation in the steps given is to make sure that your SD card is formatted, but after having gone through the steps to format it I still get the same message.

Any help would be appreciated.

Thanks

SD Card: Sandisk SD 2GB Wii Software: 3.1U

Alternatives...

Yes, that dreaded question. A friend of mine who lives over in the States has Twillight Princess - but the GameCube version. And no one around her seems to have the game, either. So, now I wonder if the "eventually" bit there, where it says other games will be supported, will come true anytime soon. I really wonder, since definately not everybody has TP (I personally couldn't care less about the Zelda-Series, for example). —Preceding unsigned comment added by Herman2000 (talk • contribs) 21:45, 5 May 2009 (UTC)

Well the hack is blocked on 4.0 so they will have to find an alternative soon. .Hyper//Hacker 00:30, 6 May 2009 (UTC)

Peripherals

shouldn't this also have the wiimote and nunchuk listed since you cant start zelda without them? Yossi 10:16, 17 June 2009 (UTC)

Twilight Hack on Wii 4.2U

In 4.2U, if you modify your sysmenu with StartPatch, you can got it again! Thanks Nintendo! --master42 04:47, 20 October 2009 (UTC)