Difference between revisions of "Savezelda"

From WiiBrew
Jump to navigation Jump to search
m (Added an orphan header.)
m (→‎Modified versions: fixed a typo)
 
(8 intermediate revisions by the same user not shown)
Line 1: Line 1:
{{orphan}}
+
{{Infobox homebrew
 +
| author = [[fail0verflow]]
 +
| image = [[File:Chainloader.png]]
 +
| licence = GNU GPL v2
 +
| type = loader
 +
| source = https://github.com/lewurm/savezelda/tree/master/loader
 +
| peripherals = {{FrontSD}} {{FrontSDHC}} {{USBGecko}}
 +
}}
  
'''Savezelda''' is a family of exploits that take the same general form and use some common code to load [[homebrew]]. The name comes from the original savezelda exploit, [[Twilight Hack]], which was a Legend of Zelda exploit.
+
'''Savezelda''' is a small loader designed to be bundled with exploits. The name comes from [[Twilight Hack]], the original exploit to use this loader, although the name did not come about until [[Indiana Pwns]] was released. Its sole purpose is to load <code>/boot.elf</code> from SD or [[USBGecko]], SD taking priority.
  
==Savezelda exploits==
+
== Modified versions ==
* [[Twilight Hack]]
+
Some exploits, such as [[FlashHax]] and [[str2hax]], have a slightly modified copy of Savezelda. They are built on the same core, but there is also a default target of the [[HackMii Installer]]. FlashHax accomplishes this by bundling the binary into Savezelda, while str2hax manually downloads the installer.
* [[Letterbomb]]
 
* [[Bathaxx]]
 
* [[Indiana Pwns]]
 
* [[Return of the Jodi]]
 
* [[Eri HaKawai]]
 
  
==How these work==
+
[[Bluebomb]]'s stage1 is also loaded by a modified version of Savezelda from memory; the USB code is separate.
These exploits take advantage of the fact that the Wii does not implement any address space layout randomization (ASLR), which means the moment a size isn't checked before something is loaded, the memory address where this is loaded is predetermined, so a fixed amount of padding can be added before a return address on the stack can be overwritten, which will happen perfectly every time. Doing this causes the system or game to send control over to the desired area. These exploits also package some code that can be returned to, which allows them to take full control over the Wii, and load other things such as the HackMii Installer.
 

Latest revision as of 02:06, 7 May 2021

Savezelda
Chainloader.png
General
Author(s)fail0verflow
TypeLoader
LicenceGNU GPL v2
Links
Source
Peripherals
Loads files from the Front SD slot Loads files from SDHC cards in the Front SD slot USBGecko2.svg


Savezelda is a small loader designed to be bundled with exploits. The name comes from Twilight Hack, the original exploit to use this loader, although the name did not come about until Indiana Pwns was released. Its sole purpose is to load /boot.elf from SD or USBGecko, SD taking priority.

Modified versions

Some exploits, such as FlashHax and str2hax, have a slightly modified copy of Savezelda. They are built on the same core, but there is also a default target of the HackMii Installer. FlashHax accomplishes this by bundling the binary into Savezelda, while str2hax manually downloads the installer.

Bluebomb's stage1 is also loaded by a modified version of Savezelda from memory; the USB code is separate.