Blocking boot2 update?
Posted by cbkm
|
Blocking boot2 update? November 26, 2009 05:55PM | Registered: 14 years ago Posts: 15 |
This could be a really stupid idea but is there any reason why we can't block the boot2 update by poisoning a local DNS server for nus.shop.wii.com to a webserver we control and thus intercepting the GetSystemUpdate SOAP message and removing the
I've knocked up a quick PHP script which does just that while at work and haven't got around to testing it yet at home - but from everything I can see from here it should block the boot2 update by not even telling the Wii that there's an updated boot2...?
(Or am I going completely mad - lol)
Sorry if this is the wrong forum, but it was the best match I could see!
I've knocked up a quick PHP script which does just that while at work and haven't got around to testing it yet at home - but from everything I can see from here it should block the boot2 update by not even telling the Wii that there's an updated boot2...?
(Or am I going completely mad - lol)
Sorry if this is the wrong forum, but it was the best match I could see!
|
Re: Blocking boot2 update? November 26, 2009 06:53PM | Registered: 14 years ago Posts: 746 |
|
Re: Blocking boot2 update? November 26, 2009 08:02PM | Registered: 14 years ago Posts: 5,075 |
|
Re: Blocking boot2 update? November 26, 2009 11:06PM | Registered: 14 years ago Posts: 15 |
Ok so this doesn't work (yet) cause the Wii uses https:// and checks the SSL certificate it gets (self signed certs are no good here).
So the question becomes if the system menu IOS had trucha would it be possible to fake-sign a SSL certificate?
(I'm not really sure whereabouts the trucha bug lies so I guess I'm deferring here to someone like bushing...)
:-)
Update: I've yet to see if enabling the proxy server persuades the Wii to use normal http:// - it would be convenient...
Edited 1 time(s). Last edit at 11/26/2009 11:08PM by cbkm.
So the question becomes if the system menu IOS had trucha would it be possible to fake-sign a SSL certificate?
(I'm not really sure whereabouts the trucha bug lies so I guess I'm deferring here to someone like bushing...)
:-)
Update: I've yet to see if enabling the proxy server persuades the Wii to use normal http:// - it would be convenient...
Edited 1 time(s). Last edit at 11/26/2009 11:08PM by cbkm.
|
Re: Blocking boot2 update? November 27, 2009 01:21AM | Registered: 15 years ago Posts: 405 |
Quote
cbkm
Update: I've yet to see if enabling the proxy server persuades the Wii to use normal http:// - it would be convenient...
http forced proxies dont seem to work as the wii seems to use several protocols at once, i wiresharked my router and found that the wii will connect to a server via tcp, http, and udp, for some reason all of them need to work in the connection test when you only need one to connect
|
Re: Blocking boot2 update? November 27, 2009 08:37AM | Registered: 14 years ago Posts: 15 |
Aye, it passes the connection test, connecting exactly as you describe.
Once it moves onto performing the actual update, it connects to port 443 and does the TLS handshake retrieving the certificate and then kills the connection before anything hits the apache2 logs.
The wii itself then errors with error 32007.
I guess i need to see if it needs https or if there's any case where it'll fail back to standard http. Failing that, the final avenue is seeing if a SSL certificate can be fakesigned....
Once it moves onto performing the actual update, it connects to port 443 and does the TLS handshake retrieving the certificate and then kills the connection before anything hits the apache2 logs.
The wii itself then errors with error 32007.
I guess i need to see if it needs https or if there's any case where it'll fail back to standard http. Failing that, the final avenue is seeing if a SSL certificate can be fakesigned....
|
Re: Blocking boot2 update? November 27, 2009 02:37PM | Registered: 15 years ago Posts: 858 |
Sorry, only registered users may post in this forum.