Hacking the Nintendo Wii
Posted at 7:10pm on Tue 2nd Dec '08 by Jamie

So the other day I was walking past the local GameStation, and noticed they had relatively cheap second hand Nintendo Wii's. Typically, the first question that came to my mind was "How easy are these to hack, and what can they do?"...

Well it turns out, it is actually fairly straight forward thanks to the Twilight Hack by Team Twiizers.

Note: If you are going to try this, please make sure to read the whole page first and make sure you understand what is going on.

For this you will need:

You will need to write files onto the SD card, so you will also need an SD card reader if your computer doesn't have one built in.

The Twilight Hack was found by Team Twiizers and makes use of an exploit in "The Legend of Zelda: Twilight Princess" allowing execution of unsigned code. The exploit works by modifying the name of your horse (Epona) to cause a stack buffer overflow.

  1. Apparently for this to work you need to already have a Zelda save game so if you haven't already, play Zelda (briefly! The save will just be deleted later).

  2. If required, format the SD card. You should choose either FAT (sometimes called FAT16) or FAT32.

  3. Copy the "private" folder onto the SD card.

  4. Place the homebrew application (named "boot.dol" or "boot.elf") to run in the root directory. Here I would recommend using the Homebrew Channel mentioned below.

  5. Put the SD card into the Wii and open Wii Options -> Data Management -> Save Data -> Wii

  6. Erase the existing Zelda save

  7. Change to the SD card view, find the right Twilight Hack for your region and copy it to the Wii.

  8. Insert the "The Legend of Zelda: Twilight Princess" game disc, and run the game.

  9. Load the "Twilight Hack" save game. *

  10. Once the save has loaded talk to the man in front of you.

* If you have the USA version there will be 2 "Twilight Hack" save slots. To find out which one to load you will need to check the text on the inner ring of your game disc.

RVL-RZDP-0A-0 JPN	Europe/Australia (EUR)	Twilight Hack
RVL-RZDJ-0A-0 JPN	Asia (JPN)		Twilight Hack
RVL-RZDE-0A-0 JPN	America (USA)		TwilightHack0
RVL-RZDE-0A-0 USA	America (USA)		TwilightHack0
RVL-RZDE-0A-2 USA	America (USA)		TwilightHack2

Using this hack you can now run any homebrew app. you want! However, loading up Zelda every time you want to run an application isn't very practical. This is where the Homebrew Channel comes in.

homebrew_channel.png

The Homebrew Channel is a homebrew application loader which you can install once (using the Twilight Hack), and then use to launch all your applications whenever you want from the Wii menu, just like a normal channel.

Once you have the Homebrew Channel installed you can manually add applications by placing them in the right place on your SD card. In the root folder on your card there should be a folder called "apps", if there isn't then create it. Each application should have it's own folder inside this, in which the Homebrew Channel looks for 3 files:

  • boot.dol or boot.elf: The application itself, obviously this is fairly vital...

  • meta.xml (Optional): An XML file describing the application (format), used by the Homebrew Channel to display the author of the application, version, release date and a description.

  • icon.png (Optional): An icon to be shown, this must be 128x48 pixels and in PNG format.

The very first application I would recommend installing is the Homebrew Browser. Once installed you can use this to browse through a library of homebrew applications, then download and install them directly on your Wii. This makes organizing your applications much easier, and even automatically checks for updates.

Some popular applications which you can download and install using the Homebrew Browser include:

wii64.png Port of the popular multi-OS N64 emulator, Mupen64, to the Nintendo Wii through the libOGC library. The emulator is planned to use dynamic recompilation of the N64 machine code to PowerPC and full hardware accelerated graphics to (hopefully) achieve full-speed emulation.

scummvm.png ScummVM is a program which allows you to run certain classic graphical point-and-click adventure games, provided you already have their data files.

mplayerwii.png MPlayerWii is an audio/video player. It is a native port of the MPlayer media player. It will play almost any kind of audio file but still needs improvement on video playback.

ftpii.png ftpii is an FTP server for the Wii, giving people easy access to their SD cards without having to eject it from the Wii through there Computer.

There are of course lots of other applications available too, for a more comprehensive list try here.

Disclaimer: Running unsigned code on the Nintendo Wii violates the EULA, and hence your warranty.


Submit to reddit Submit to Digg Submit to Delicious Submit to StumbleUpon Submit to Facebook
Tagged with: console, how to

Leave your comment:

Please enter a valid email address. This will not be displayed publicly.
Write your comment here (simple BBCode allowed). Please note that these will be moderated before being displayed, so your comment will not show up instantly. Once posted these cannot be edited so please proof read it first!

  • #1 Posted by CamHart at 6:10am on Tue 16th Dec '08:

    Thanks, I'll probably end up doing this to my bro-in-laws wii.  He's been asking me about it.

Recent Articles

Tags

Archives

Actions

Statistics

  • Age: 34 days
  • Views: 729
  • Comments: 1