DacoTaco/priiloader

Wii Mini USA Menu Hacks (v4609)

Closed this issue · 10 comments

Noticed some hacks in hacks_hash.ini have been made for system menu version 4610, the PAL Wii Mini, but not for menu version 4609, the USA Wii Mini.

I'm personally interested in one of these, [Replace Health Screen with Backmenu], but since I have the hardware/menu version I'd be willing to offer my help in implementing/testing more hacks for the USA Wii Mini.

the hacks are rather easy to port, i just don't have access to a US Wii mini.
its all a matter of taking the hash values, checking if they are in the targeted SM, test if they are correct and adjust where needed.

seeing that hack though i suspect it'll be a case of looking at the original code in the PAL version, and looking for the similar code in the US version.

i can take a dump and look at the code around the place where it patches for you to compare to the US version if that helps?

That would be greatly appreciated. I'm very new to the hacking scene, in fact its only been a week since I've bought my Wii and soft-modded it, but I have a background in computers so I feel I learn quickly.

If you could share that dump too and a little bit of the process, maybe I can figure out how to engineer the other hacks myself too!

I'm also interested in how I can port [Region Free EVERYTHING] too! Although that one seems much more complex.

sorry it took so long for me to reply.
here are some findings that could help you figure it out for the us version by looking at a hex editor :

  • the EU version of Replace Health Screen with Backmenu has 1 instruction with hex 0x8140A118 (lwz r10, -0x5ee8(0)) that it patches to 0x8140A180. first look if this instruction is also in the US version, and if the code (or hex) around it look the same. if it does, chances are all you have to do is change the minimum version of the hack in the hacks.ini. 4.3E on the mini is version 4610, US is 4609.
  • don't worry about trying hacks. the hacks are done in memory and don't alter system menu as it is on the wii's nand flash.
  • Region Free EVERYTHING might be trickier, but should overall be do-able to port if a working copy of the wii-mini exists for Europe. it is split up in 2 parts. the master code, that works for all system menu versions so far and system menu version specific parts. the master is already set up to have SM v4610 as max, so it includes US version, which means you don't have to look at that part.
  • just like before, take the hashes from the hack for version 4610 ( 380000002C0000004082001038000036900DA9B0480017 & 380000002C0000004082001038000036900DA9B0480014 ) and check if it exists in 4609 and is only in there once. if it is, just change the version and test. if its not, you'll have to find the code in the us version and write a patch. but first check if it is in there

Thanks to Gary's WIP vWii support, a few of us on the Gary's homebrew stuff Discord have been poking around with the hacks to get things working on the System Menu vWii builds. Since the Replace Health Screen with Backmenu hack requires a new set of hashes for every single revision, we came up with a new version which is far more generic:

[Replace Health Screen with Backmenu]
maxversion=6410
minversion=1
amount=1
hash=0x3800001A,0x988302BE
patch=0x3800001E

Now, those minversion/maxversion values are probably wildly optimistic, but I have personally tested this hack on:

  • 450 (4.1E)
  • 514 (4.3E)
  • 610 (vWii 5.2.0E)
  • 6409 (4.3U Mini)

It may not be able to replace all current Backmenu hacks, but it'll probably work for at least 448+, and quite possibly earlier.

To explain what it's doing, early on in the startup process, the System Menu checks the boot state (0, 1, 2, or 4) to choose how to begin:

  • 0 and 4: cold-boot Health Screen
  • 1: warm-boot Backmenu
  • 2: boot directly to Data Management

With 0 and 4, 0x1A is stored in memory for the console to use later to know which function to jump to for a startup screen. 1 (warm-boot) instead stores 0x1E. This patch just changes it so the value stored when the console is in boot state 0/4 is also 0x1E. I don't know what boot state 4 is actually for (if it's used at all?) so that behavior is technically untested, but it literally goes via the same code path as boot state 0, so I doubt there's any ill effects.

I'm also pretty sure the existing 4610 region free hack should work on 4609, so all you should need to do @alrpeary is this:

[Region Free EVERYTHING]
maxversion=4610
minversion=4609
amount=2
require=RegionFreeAllv1
hash=0x38000000,0x2C000000,0x40820010,0x38000036,0x900DA9B0,0x480017
patch=0x38000001,0x2c000000,0x900DA5D8,0x38000032
hash=0x38000000,0x2C000000,0x40820010,0x38000036,0x900DA9B0,0x480014
patch=0x38000001

That's identical to the current 4610 hack, but the minversion has been changed to 4609. I haven't actually tested it, but all of the hashes are valid matches. As DacoTaco mentioned, it won't hurt anything to just try it, as these are only temporary memory patches.

awesome work! i would also test v3.0 or something because there were a lot of changes between 3.x and 4.x since starting 4.x it started to look at new stuff and a lot of memory/instructions changed.

i assume the hacks changes will come after the vwii support has finished?

i assume the hacks changes will come after the vwii support has finished?

I believe that's the plan, yeah, they will presumably be added to the current WIP PR once vWii is ready and the new hacks have been tested.

@vaguerant is not even bragging about the [Force Boot into Data Management] hack. :)
That hack should enable quick banner brick unbricking for Wii and vWii.

He did some really awesome work.

We had a lot of discoveries while testing and will share more info after we finish the last batch we are working on currently.

now if only that video issue could be resolved... :V

now if only that video issue could be resolved... :V

Nintendont developers didn't fix it, and some were discovered about 10 years ago.
Gary is doing magic currently tbh.

We can upload the new hacks_hash.ini soon. But also maybe I should create a new note so we can do cross-system testing?

EDIT: I created the NEW NOTE so we can track cross-system hacks, support, and testing.
Also will be moving old vWii hack notes to this one soon.