Well come to think of it I really do think its possible to hack the wii from your computer without using the official "gecko usb". I found an app that connects between the computer and the wii and sends packets back and forth between the computer and the wii, if I can read any tiny bit of memory from the wii using the functions I found in the usb gecko source(no comments on this but I think this is where gecko os gets the memory buffer from the wii, (This method is laziness because it should be a procedure instead of a function haha because all it does is return 1 for no reason)):
int gecko_readrange(u32 memstart, u32 memend)
{
char pcresponse;
static char packetbuffer[packetsize] ATTRIBUTE_ALIGN(32);
u32 memrange;
u32 fullpackets;
u32 currentpacket;
u32 lastpacketbytes;
memrange = memend - memstart;
fullpackets = memrange / packetsize;
lastpacketbytes = memrange % packetsize;
// Full Packet Size
for (currentpacket = 0;currentpacket < fullpackets;)
{
memcpy(packetbuffer, (char*)memstart, packetsize);
usb_sendbuffer_safe(gecko_channel,&packetbuffer, packetsize);
usb_recvbuffer_safe(gecko_channel,&pcresponse,1);
if(pcresponse != 0xAA){
return 0;
}
memstart += packetsize;
currentpacket++;
}
// Remainder
if(lastpacketbytes > 0) {
memcpy(packetbuffer, (char*)memstart, lastpacketbytes);
usb_sendbuffer_safe(gecko_channel,&packetbuffer, lastpacketbytes);
}
return 1;
}
Then I can send the memory from the wii to the computer in packets, the only issue is lag could screw around with the memory values, and put them in the wrong place. The idea of this is because alot of people don't have 50 dollars to spend(such as I), and can get codes through wifi :D.
EDIT:
where is the usb_sendbuffer_safe(); located?
He probably got negative karma from some other post.
I don't recognize that source...is it the original Delphi implementation for console based WiiRD?
geckoOS doesnt get a memory range from the wii while the game is running. geckoOS itself is done running when the game has started. most code you find in geckoOS wont really help you in trying to accomplish your goal.
your goal, however, is not impossible. riivolution already supports running a game and using WiFi to alter the behavior of the game. it does stuff like redirecting game saves right to a PC and replacing files via network. if it is not already done, i dont see that it would be out of the question to add breakpoints, memory dumping, and code uploading via WiFi. but, riivolution is not open source. you would have to write it yourself or request that the authors of that program add it.
and for the record, the gecko_sendbuffer...() functions are part of libogc.
thank you giantpune so much, so this means i probably will just write from scratch in C, I want to get it working with gecko os though, I dont want to write another engine from scratch, because i have no idea how to work with the DVD reading, besides i use usbloader gx and it has orcina, and all my games are on my HDD. also where is libogc? another question to tinker about is why did the Gecko OS dev put AES encryption on there?
@dcx2 yes it is
@sharkbyte i have no idea why i quoted myself, my internet was lagging up and my computer was doing crazy things yesterday. and what i posted is indeed real.
well im gonna be gone over the weekend, going to Arlington, texas, take a guess why im going there ;D, cuz i haz a ticket to the big game. GO PACKERS!
I doubt it. USB has a host/device relationship; hosts use type A (rectangle), while devices use type B (square). In this case, the Wii is the host. A PC is also a host. To connect them, you'd need a device that you could put between them so that it wasn't two hosts trying to connect to each other.
If you get that far, then you still need to find some way to get the game to send data over USB. The USB Gecko uses the EXI interface, I think, which is pretty much RS232 aka serial (actually it's more like SPI but meh), which is significantly less complex and therefore much easier to code for.
You would need to find a way to make the code handler read/write to something besides the EXI bus.
http://www.wiibrew.org/w/images/a/aa/Wii_hw_diagram.png
See the bright green bus arrow? AHB = Advanced High-speed Bus. Anything on the AHB (that should look familiar...AHBPROT of HBC fame) is complex. USB, NAND, SD card, Wifi.
There's a smaller bus, APB = Advanced Peripheral Bus. It's much easier to interface with. It talks to the GC cards, the disc drive interface, and the GC controllers. (I think it also somehow sneaks in behind the SD Card?)
The EXI bus was preferred because it's very simple for the code handler to communicate over. The bigger the code handler becomes, the less room we have to put actual codes, so a simple bus protocol makes for a smaller code handler and room for more codes.
The best way to talk to the EXI bus is through the GameCube memory card slot. Maybe the GC controllers.
---
This doesn't even take into account that we'd need to re-write WiiRDGUI and Gecko.NET in order to recognize something other than the FTDI USB to Serial converter.
However...after looking at the diagram, I wonder...could we take a GCN controller cord, cut it up, jam some wires into an MCU with an RS232 port (like a PIC)...and then we could hook a generic FTDI Serial to USB adapter up to the serial port.
It could be all thru-hole components, so Joe Hacker could assemble it himself on a breadboard. It would use the same driver and interface as the USB Gecko, so the PC software would stay the same. It would use the APB, so changes to the code handler would be minimal.
You need to bitbang 32Mhz, so it much harder to do without a CPLD or FPGA. I know babaruss (babruss.com) which was a device made by a friend had a custom EXI to USB protocol, but i know the MCU he used was 100Mhz and it probably has a custom protocol so wouldn't be 100% compatible.
I don't think the network idea would be very stable, as even for new code i'm writing i'm really struggling for space, i.e 6K and the odd empty function.
I think the best bet for open source is to reduce the VHDL down to a cheaper xilinx chip and do a batch order at seed or something like that. You can get older CPLDs in a larger footprint which could be socketed or hand soldered easy.
Quote from: stormshellx on February 05, 2011, 12:39:46 AM
Well come to think of it I really do think its possible to hack the wii from your computer without using the official "gecko usb". I found an app that connects between the computer and the wii and sends packets back and forth between the computer and the wii, if I can read any tiny bit of memory from the wii using the functions I found in the usb gecko source(no comments on this but I think this is where gecko os gets the memory buffer from the wii, (This method is laziness because it should be a procedure instead of a function haha because all it does is return 1 for no reason)):
In C you don't have procedures, a function is the same thing. You are thinking of Delphi maybe.
The function returns 1 on success only, it returns 0 on error, this is needed as if a packet fails you need to let other code know.
The above function is from Gecko OS and it is the exact function which is in the current handler.
Quote from: Nuke on February 09, 2011, 07:18:03 AM
In C you don't have procedures, a function is the same thing. You are thinking of Delphi maybe.
The function returns 1 on success only, it returns 0 on error, this is needed as if a packet fails you need to let other code know.
The above function is from Gecko OS and it is the exact function which is in the current handler.
It would be nice if I could just find out how to handle the memory from the wii and send it through the network over to my computer so I can modify it then send it back to update. would it be really hard to do? I just need to working libraries and I'm confident I can do this.
For a homebrew application, it's not hard. You own practically all 24MB of MEM1.
However, if you want to remotely debug *games*, that's a different story. The vast majority of the Wii's memory is used by the game. You have to inject your code handler and debugger into whatever sliver of space is left unused by the game (I think this is about 6kB, although I could be wrong). The larger your debugger becomes, the less space you have for codes. This assumes that a wifi debugger is small enough to fit in this leftover space in the first place.
In fact.. there have been network debuggers in the past for Gamecube.. GCNrd for Gamecube did work if you had a broadband adapter.. however, rather than using the spare memory in MEM1 (as dcx2 said - it's about 8 KB) GCNrd required the area from 817F8000 to 81800000 - so those are comparably whopping 32 KB - in fact GCNrd had major issues with games such as Star Fox Adventure which actually used that memory area - they sometimes had graphics issues, they were unable to load data.. and well, Parasyte who did GCNrd was an expert on his field, so I believe he couldn't get his part smaller - he basically needed to implement a complete TCP/IP stack in that memory area.
On Wii I assume it would work a bit smaller.. simply TCP/IP and all of that should be provided by IOS.. however, if you can manage to squeeze it into the 6 KB of free memory which absolutely no game uses - then you would have won. However, this will be complicated I fear.
The problem with the MEM1 approach is the arena high is not static i'm sure. Maybe with some BAT register voodoo you can create some room for a handler but not sure if this will crash the game.
Btw there is always this option:
http://garden.seeedstudio.com/index.php?title=Exiusb
It was made by bushing, it uses an off the shelf the part which you can get.
Quote from: Nuke on February 19, 2011, 01:05:15 PM
The problem with the MEM1 approach is the arena high is not static i'm sure. Maybe with some BAT register voodoo you can create some room for a handler but not sure if this will crash the game.
Btw there is always this option:
http://garden.seeedstudio.com/index.php?title=Exiusb
It was made by bushing, it uses an off the shelf the part which you can get.
1. the schematic design from the link you showed me reminds me of my Digital Electronics class for PTLW at my high school. we are working on the birthday problem now, and GOD i hate truth tables and demorgans law or w/e his name is ( I forgot his name), and yes, the awful karnaugh mapping is the worst yet, anyone have any idea what I'm talking about here? Inverter's are NANDs, there are NOR, AND, OR, and seven segment displays, etc. it really sucks Im not going to lie about that class, Im passing with a C average, and Im already taking easy college math courses at Missouri Western State University.
2.well I still dont see why you cant store whats in usb gecko to the computer ram, dang i just want madden 11 cheats really bad......
3. a. can i still write codes from dumps? b. if not is it possible to get orcarina working with dolphin emu?
First of all: Please please please stop using Ocarina as a name, the name is Gecko Codes since ages.
However, yes, Dolphin does allow you to use Gecko Codes - at least several code types! C2 codes for example unfortunately HARDLY work and they make a majority of the current codes out there - simply due to the fact C2 codes change the game code in real time and Dolphin recompiles the game code to x86 assembly to achieve high-speed emulation (it could interpret PowerPC code step by step however, emulation speed would drop down to less than 10% of the recompiler speed so it's certainly NOT a feasable option at all!).
Creating codes with Dolphin is difficult admittedly, however, YOU CAN create codes with emulators - several emulators even come with debuggers and memory viewing abilities, unfortunately Dolphin DOES NOT. Still you could use Cheat Engine to find existing Gecko Codes in game read the address they normally write to and then work out on how Dolphin maps the Wii memory into your PC memory. Using that knowledge you can create basic codes for all kinda games - in the past several Nintendo 64 codes were also found purely with emulators, Nintendo DS codes were often also found just with emulators, some of them showing no debugger capabilities. So yes: it DOES work, however, you'll need MUCH patience!
To do it for free, you need a friend who can give you ram dumps, and use a power pc disassembler and hex editor offline.
Im not sure what else to suggest.
yes but only portings are possible with dumps... this could get some trouble,too (if the adresses contain branches or changing values etc...)
making codes out of it would be like never using breakpoints and searches... :-[
I couldn´t make any new codes then (if it´s not like on CoD, where you can find dvar codes in the dumps!)
Quote from: stormshellx on March 05, 2011, 05:41:33 AM
1. the schematic design from the link you showed me reminds me of my Digital Electronics class for PTLW at my high school. we are working on the birthday problem now, and GOD i hate truth tables and demorgans law or w/e his name is ( I forgot his name), and yes, the awful karnaugh mapping is the worst yet, anyone have any idea what I'm talking about here? Inverter's are NANDs, there are NOR, AND, OR, and seven segment displays, etc. it really sucks Im not going to lie about that class, Im passing with a C average, and Im already taking easy college math courses at Missouri Western State University.
Hey! Don't disparage the name of great mathematicians like Augustus DeMorgan and (to a lesser extent) Maurice Karnaugh. DeMorgan made mathematical induction rigorous over a hundred years ago. We owe the very fabric of our technological society to these great minds that laid the foundation which enabled scientific advance. We also owe Maxwell, Lenz, Farrad, Feynman, Ampere, Volta, Fourier, Boole...
And yes, I know all about boolean logic, Karnaugh maps, Sum-Of-Products, flip flops, combinatorial and sequential logic, finite state machines, and so forth. In fact, I make a living off of this knowledge.
Quote3. a. can i still write codes from dumps? b. if not is it possible to get orcarina working with dolphin emu?
We're not fond of pirates on this forum, so the Dolphin emulator falls under the same umbrella as USB loaders; we do not offer support to pirates.
actually found something interesting, its sneek/ v2 uneek.
http://rvlution.net/forums/viewtopic.php?f=7&t=30