From WiiBrew
(diff) ← Older revision | Latest revision (diff) | Newer revision → (diff)
Jump to navigation Jump to search

Savezelda is a family of exploits that take the same general form and use some common code to load homebrew. The name comes from the original savezelda exploit, Twilight Hack, which was a Legend of Zelda exploit.

Savezelda exploits

How these work

These exploits take advantage of the fact that the Wii does not implement any address space layout randomization (ASLR), which means the moment a size isn't checked before something is loaded, the memory address where this is loaded is predetermined, so a fixed amount of padding can be added before a return address on the stack can be overwritten, which will happen perfectly every time. Doing this causes the system or game to send control over to the desired area. These exploits also package some code that can be returned to, which allows them to take full control over the Wii, and load other things such as the HackMii Installer.