Jump to navigation Jump to search
666 bytes added ,  00:44, 18 November 2009
added info about console keys
== The new boot1 ==
Nintendo has released a new version of [[boot1]], which disables Bootmii as a [[boot2]] hack. Fortunately, Bootmii can also be modified to work as a replacement for IOS, or as a separate IOS ([[IOS254]]). See more at [ Hackmii]. Since boot1 cannot be updated, all consoles already manufactured before this update are safe. About 10% of the consoles that ran the BootMii Checker tool have the new boot1.
== Console Keys and keys.bin ==
Instead of using [[xyzzy]], you can retrieve your console keys from the keys.bin file BootMii v3 or later produces when backing up the NAND. To view them, open keys.bin with a hex editor. Here are the offsets for each key:
<pre>ECC Private Key: 0x128 (30 bytes)
Console ID: 0x124 (4 bytes)
NAND AES key: 0x158 (16 bytes)
NAND HMAC: 0x144 (20 bytes)
Common key (AES): 0x114 (16 bytes)
PRNG seed (AES): 0x168 (16 bytes)
boot1 hash: 0x100 (20 bytes)
ng_key_id: 0x208 (4 bytes)
ng_sig: 0x20c (60 bytes)</pre>
For a full description of the purpose of each key, see [ this writeup on HackMii].
== Media ==


Navigation menu