Difference between revisions of "User talk:Hallowizer"

From WiiBrew
Jump to navigation Jump to search
 
(2 intermediate revisions by one other user not shown)
Line 57: Line 57:
 
:That doesn’t prove anything. If it’s not documented on the internet much, it’s probably from a leak unless you can prove otherwise. Use of leaks is prohibited on WiiBrew.
 
:That doesn’t prove anything. If it’s not documented on the internet much, it’s probably from a leak unless you can prove otherwise. Use of leaks is prohibited on WiiBrew.
 
:Note that the [snips] are from me. [[User:Hallowizer|Hallowizer]] ([[User talk:Hallowizer|talk]]) 21:54, 15 April 2022 (CEST)
 
:Note that the [snips] are from me. [[User:Hallowizer|Hallowizer]] ([[User talk:Hallowizer|talk]]) 21:54, 15 April 2022 (CEST)
 +
 +
== Boot1 page size ==
 +
 +
I'd noticed you've reverted edits where people have corrected boot1's page size. Boot0 only reads pages 0x0 through 0x2e, which is 47 total pages. I've verified this not only by looking at the code (see 0x0290) but also creating an emulator of the Starlet and monitoring NAND reads. Attempting to SHA-1 over the first 48 (rather than 47) pages of NAND also gives an incorrect boot1 hash.
 +
 +
if (stage < 0x2f) {
 +
  do {
 +
      /* wait for the NAND engine to be available */
 +
  } while (_NAND_CTRL < 0);
 +
  _NAND_DATABUF = &sram_start + stage * 0x800;
 +
  _NAND_ECCBUF = &sram_ecc_start + (stage & 1) * 0x80;
 +
  _NAND_CTRL = -0b01111111110011110100011111000000;
 +
  _NAND_ADDR2 = stage;
 +
}
 +
 +
--[[User:InvoxiPlayGames|InvoxiPlayGames]] ([[User talk:InvoxiPlayGames|talk]]) 13:56, 29 July 2022 (CEST)
 +
 +
Vouch, I discovered this myself yesterday while reversing boot0. The code that does this is a little weird. The main loop condition intentionally over-counts by 2, this is done because after page n is read from flash, page n-1 is decrypted, then page n-2 is hashed. There are checks to make sure the extra 2 pages are not read from flash and to make sure there are no out of bounds reads/writes or negative integer overflow. Interestingly, the debug port output is not protected by this check, so the debug port outputs from 0x0 - 0x30.
 +
 +
I've also emulator verified this.
 +
 +
[[User:AndrewPiroli|AndrewPiroli]] ([[User talk:AndrewPiroli|talk]]) 15:16, 29 July 2022 (CEST)

Latest revision as of 15:16, 29 July 2022

Unnecessary message

Sorry about the unnecessary message earlier, it didn't occur to me that I could just reply on my user page XXRaizekusu9987XX (talk) 08:32, 9 June 2021 (CEST)

Hey XX btw, this person has done nothing but this crap. Just see the bottom of my talk page. Hallowizer (talk) 01:00, 19 October 2021 (CEST)

Link to source for ModMii

Hello there, I have noticed that you removed the source link to the organisation instead of changing it to the repository listed there. I believe that the repository contains the source as the ModMii website under 'Credits -> Supporting Apps and Sources' refers to it as its source. Therefore I would like to add that exact link to the wiki page. -- TheMelonFromWiiSportsResorts (talk) 16:47, 9 September 2021 (CEST)

Can you show me where? I don’t see anything there besides ModMii.GitHub.io. Hallowizer (talk) 17:45, 9 September 2021 (CEST)
That is actually the source repository. The unsuitable name is just quite confusing. But as you should see the repository mostly contains batchfiles which are used by ModMii. -- TheMelonFromWiiSportsResorts (talk) 18:27, 9 September 2021 (CEST)
Oh, didn’t see that. Then it’s probably best to link to the repo itself. Hallowizer (talk) 19:42, 9 September 2021 (CEST)

Hijacking your Wii???

"I think preventing people from hijacking your Wii is more important than supporting old browsers"

I also give source for my page. o_O how is my page supposed to be more trustworthy than hackmii's? I don't get it

I wrote that cgi file in like an hour late at night, no bad intentions, it's a really simple and short wrapper. And again, I give the source for the file, right in the page, at the footer. Diego (talk) 00:27, 23 September 2021 (CEST)

I perfectly trust your code; the problem is that when changing to HTTP, attackers could hit the middle, and people who are using older browsers probably know how to switch to HTTP anyway. Hallowizer (talk) 00:30, 23 September 2021 (CEST)
Yeah, I remembered the change I did to HTTP now. I apologize, and I do agree, thank you. Diego (talk) 00:47, 23 September 2021 (CEST)

Homebrew Channel version number

I have proof for the version number of the (Open) Hombrew Channel being 1.1.3. As you can see in the repository under hbc/channel/channelapp/config.h in line 5 it states #define CHANNEL_VERSION_STR "1.1.3". Therefore the latest version of the HBC has the version number 1.1.3. The fork of the HBC by FIX94 has the version number 1.1.4 but that is not the offical HBC. -- TheMelonFromWiiSportsResorts (talk) 16:51, 30 September 2021 (CEST)

Also, for future reference, if you believe I incorrectly undid your edit, feel free to undo my undo with a reason in the edit summary :) Hallowizer (talk) 00:35, 3 October 2021 (CEST)

Hi

I just homebrewed my Wii and that was worth it. CZ2746isback (talk) 20:51, 3 October 2021 (CEST)

Cool. FYI talk pages are meant to discuss wiki matters; this kind of comment fits better on Discord (my discord is on my user page). Hallowizer (talk) 21:19, 3 October 2021 (CEST)
Oh. Ok. My wii also has prototype chnnels. CZ2746isback (talk) 14:59, 4 October 2021 (CEST)
What do you mean by that? It seems like something that could be useful for WiiBrew. Hallowizer (talk) 17:48, 4 October 2021 (CEST)
I have stuff like [names retracted by Hallowizer because they refer to illegal software] and about a few more. CZ2746isback (talk) 14:33, 18 October 2021 (CEST)
Are these leaked WADs? If so, please don’t talk about them here. Hallowizer (talk) 16:42, 18 October 2021 (CEST)
(If leaked, nobody affiliated with wiibrew or nintenbrew would or should be wanting to talk about those)DacoTaco (talk) 17:18, 18 October 2021 (CEST)
I did find some wad files for them. CZ2746isback (talk) 22:25, 18 October 2021 (CEST)
This sounds like piracy; downloading prototype channels from online is illegal, and we do not support that here. Hallowizer (talk) 05:02, 19 October 2021 (CEST)
Ok. I don't like piracy. CZ2746isback (talk) 23:18, 20 October 2021 (CEST)
I was just about to install VBA GX when I just found my GBA SP. So I just played the games on my SP. CZ2746isback (talk) 21:43, 25 October 2021 (CEST)

wiisx compatibility edit?

now edit here —Preceding unsigned comment added by Massa5959-4 (talkcontribs)

I’m not sure what you mean, can you explain? Hallowizer (talk) 17:52, 7 October 2021 (CEST)

Deleted development page

[snip] was documented my a youtuber and its in the [snip] repositoryKoolLeo11 (talk) 20:16, 15 April 2022 (CEST)

That doesn’t prove anything. If it’s not documented on the internet much, it’s probably from a leak unless you can prove otherwise. Use of leaks is prohibited on WiiBrew.
Note that the [snips] are from me. Hallowizer (talk) 21:54, 15 April 2022 (CEST)

Boot1 page size

I'd noticed you've reverted edits where people have corrected boot1's page size. Boot0 only reads pages 0x0 through 0x2e, which is 47 total pages. I've verified this not only by looking at the code (see 0x0290) but also creating an emulator of the Starlet and monitoring NAND reads. Attempting to SHA-1 over the first 48 (rather than 47) pages of NAND also gives an incorrect boot1 hash.

if (stage < 0x2f) {
  do {
     /* wait for the NAND engine to be available */
  } while (_NAND_CTRL < 0);
  _NAND_DATABUF = &sram_start + stage * 0x800;
  _NAND_ECCBUF = &sram_ecc_start + (stage & 1) * 0x80;
  _NAND_CTRL = -0b01111111110011110100011111000000;
  _NAND_ADDR2 = stage;
}

--InvoxiPlayGames (talk) 13:56, 29 July 2022 (CEST)

Vouch, I discovered this myself yesterday while reversing boot0. The code that does this is a little weird. The main loop condition intentionally over-counts by 2, this is done because after page n is read from flash, page n-1 is decrypted, then page n-2 is hashed. There are checks to make sure the extra 2 pages are not read from flash and to make sure there are no out of bounds reads/writes or negative integer overflow. Interestingly, the debug port output is not protected by this check, so the debug port outputs from 0x0 - 0x30.

I've also emulator verified this.

AndrewPiroli (talk) 15:16, 29 July 2022 (CEST)