Metroid Glitch!!!

Panda On Smack · September 23, 2010, 09:53:43 AM

Quote from: James0x57 on September 22, 2010, 03:11:06 AM
How do you play the game (how do you safely update Wii to 4.3)?

http://wiinewz.com/forums/index.php?/topic/12429-waninkoko-firmware-updater-v43/

Panda On Smack · September 23, 2010, 10:02:10 AM

Is it better to make a video showing you lock / unlock with a button activator?

James0x57 · September 23, 2010, 01:27:13 PM

I might since they didn't reply yet... however I'd need Y.S. to add it to the db because I'm lazy.

Thomas83Lin · September 27, 2010, 11:50:07 PM

Not sure if this as been posted anywhere on the site yet, but Nintendo finally came up with a official fix.

http://www.nintendo.com/consumer/systems/wii/en_na/ts/metroid-other-m.jsp

though, i don't think its as quick as the fix posted here.

dcx2 · September 27, 2010, 11:54:32 PM

lol, some "official fix". Reminds me of the iPhone 4 antenna "fix" - just don't hold the phone that way! ::)

dcx2 · September 27, 2010, 11:58:57 PM

Hm...I noticed at the bottom that you can mail your SD card to Nintendo and they'll fix your save.

Is there any chance we could hack an app that would parse the save file from an SD card and fix the door? This could be something that we release to the public so people don't need to mail their shit to Nintendo.

I think saves are encrypted, but don't we already know all the keys? The only problem would be if the save was encrypted with a key that is different for each Wii.

111 · September 28, 2010, 12:42:24 AM

http://www.wiibrew.org/wiki/FE100

I believe that program can be used to decrypt Wii save files, although I have never used it.

Also, the Savegame Extractor can be used to copy an unencrypted save file to your SD card. I have used that homebrew application successfully in the past. I'm not sure if it works on "3.3V2" or higher, though.

In addition, dumping the FS of your Wii will also give you the decrypted files. On the FS, they would be located at "/title/00010000." More information can be found from the link below...

http://www.wiibrew.org/wiki/Flash_filesystem

I'm not real knowledgeable on keys, so I can't say much on that. However, based on the numerous savegame exploits, along with software like Datel's Wii Powersaves, I would assume that it could be done. Here is a HackMii blog post that may help with the keys, as well...

http://www.hackmii.com/2008/04/keys-keys-keys/

dcx2 · September 28, 2010, 02:41:05 AM

I poked around the hackmii post you linked. It looks like you may need homebrew to do this sort of thing; Once you have homebrew you might as well just use Gecko OS to bypass the problem. I was hoping to make a tool that even non-homebrew types could put their save through.

At first, it looks good. There's an AES SD Key that's used to sign things as they go out to the SD card. AES is good, it's symmetrical so we know the key.

Unfortunately, there's an "MS" (Master Key?) RSA key that's used to sign the Wii's ECC key, which is then appended to the save data. RSA is assymetrical, unfortunately, so we will likely never know the necessary private key.

Now, it could be the case that we can alter the save data and re-encrypt it with the SD key, and leave the MS-encrypted ECC key alone...

EDIT: if someone wants to provide a save game that has the glitch, and an otherwise identical save game that isn't glitched, we could decrypt the saves with the SD key and diff them to see where the bit that sets the lock on the door is.

James0x57 · September 28, 2010, 03:45:45 AM

Well... It's not a fantastic plug but Joystiq linked to the video in the middle of this article:
http://www.joystiq.com/2010/09/27/nintendo-offers-impractical-solution-to-metroid-other-m-bug-in-japa/

*shrugs* lol

But yeah, there's some people who mod the crap out of save files- especially for Animal Crossing.
I don't know anything about it but that would indeed be a great solution. Especially if it only fixed that bug and didn't have any other cheating options. (though those would be the next logical thing to come and should be in another project)

ZiT · September 28, 2010, 06:00:21 AM

http://metroid.jp/info/index.html

Quoteç—‡çŠ¶ãŒç™ºç"Ÿã—ã¦ã—ã¾ã£ãŸå ´åˆã¯å¼Šç¤¾ã«ã¦ã,»ãƒ¼ãƒ–ãƒ‡ãƒ¼ã,¿ã,'ä¿®å¾©ã•ã›ã¦ã,,ãŸã ãã¾ã™ã®ã§ã€èª ã«ãŠæ‰‹æ•°ã§ã™ãŒã€
ä¸‹è¨˜å®›å...ˆã¾ã§ã,»ãƒ¼ãƒ–ãƒ‡ãƒ¼ã,¿ã®ã,³ãƒ"ãƒ¼ãŒå...¥ã£ãŸSDã,«ãƒ¼ãƒ‰ï¼ˆã¾ãŸã¯Wiiæœ¬ä½"ï¼‰ã,'ã"é€ä»˜ã,,ãŸã ãã¾ã™ã,ˆã†ã,ˆã,ã—ããŠé¡˜ã,,ã,,ãŸã—ã¾ã™ã€,

Our company will restore the save data, and, indeed sorry to trouble you, but,
send the SD card that the copy of the save data enters the following address
(Or, main body of Wii), please when the symptom occurs.

Y.S. · September 28, 2010, 10:07:01 AM

Actually, MOM has its own encryption routine. I've been looking into it for a couple of days or two.
I'll post the progress later on :-*

WiiRd forum

News:

Metroid Glitch!!!

Panda On Smack

Panda On Smack

James0x57

Thomas83Lin

dcx2

dcx2

111

dcx2

James0x57

ZiT

Y.S.