5,579
edits
Changes
Jump to navigation
Jump to search
“What was extracted” and “Technical explanation”
Line 2:
Line 2:
The Tweezer Attack has been patched against by Nintendo in order to prevent people from reproducing it and obtaining their Wii's private encryption keys.
The Tweezer Attack has been patched against by Nintendo in order to prevent people from reproducing it and obtaining their Wii's private encryption keys.
+
+== What was extracted ==
+From this, [[Team Twiizers]] was able to extract all of [[MIOS]]. After failing to disassemble it as PowerPC code, they discovered that it was actually ARM code. MIOS also includes the common key, which Team Twiizers now had.
+
+== Technical explanation ==
+Because in GameCube mode, only the bottom 25% of memory could be used, MIOS simply made sure not to keep any important things in that range. However, by modifying the wires, it was possible to make the PowerPC think the other parts of memory were the bottom 25%, allowing the rest of memory to be seen. All extracted data was then sent out through a GameCube controller port, which tmbinc set up to be receiving in a computer. When this procedure was repeated for all regions of memory, the entire memory was known. Overlapping sections were also taken to ensure that MIOS was not overwriting anything relative to the modified wires.
== External Links ==
== External Links ==