Extracting the ECC Key without xyzzy

Hi

I am trying to find my Wii's ECC encryption key, but as my Wii has been updated to system menu 4.0, the fake signing exploit in older IOS's that xyzzy would use is no longer available, so it doesn't work.

I was therefor wondering is there either a patched version of xyzzy that works on the newer IOS, or an alternative method or program to obtain the ECC, preferably that doesn't involve physically opening up the console.

My Wii has both BootMii and Homebrew Channel 1.0.3 installed.

Thank You

as far as i know you can get the keys with a nand backup (using bootmii of course)...

I just don't know how exactly to get the keys from the nand.bin file...but as long as you have this nand backup,you also should have the possibility to figure out the keys in case you really needed them.

from hackmii.com/2008/04/keys-keys-keys/

* One-Time Programmable Area: Inside the Starlet ARM core, there are a bunch of things:

1. SHA1 hash of boot1
2. Common key
3. ECC private key
4. NAND HMAC
5. NAND AES key
6. RNG seed
7. other stuff we can’t yet decipher

Quote
Sephiroth
as far as i know you can get the keys with a nand backup (using bootmii of course)...

Even if the ECC key was on the NAND, it couldn't be extracted without getting the NAND key first

Quote
daniel_c_w
from hackmii.com/2008/04/keys-keys-keys/

* One-Time Programmable Area: Inside the Starlet ARM core, there are a bunch of things:

1. SHA1 hash of boot1
2. Common key
3. ECC private key
4. NAND HMAC
5. NAND AES key
6. RNG seed
7. other stuff we can’t yet decipher

Quote
Sephiroth
as far as i know you can get the keys with a nand backup (using bootmii of course)...

Even if the ECC key was on the NAND, it couldn't be extracted without getting the NAND key first

ok i guess i was wrong...thanks for clarifying ^^

Quote
daniel_c_w
Even if the ECC key was on the NAND, it couldn't be extracted without getting the NAND key first

Well I have the following keys:

sd-key
sd-iv
md5-blanker
NG-id
NG-mac
NG-key-id
NG-sig

Is one of these the NAND key, and if so how would i use it?

Um... the entire contents of OTP (including all keys) are tacked on the end of the nand.bin dump that BootMii creates. Xyzzy is officially obsolete.

The last 1K of the file contains both the OTP and SEEPROM; you can find the structure definitions here:

[gitweb.bootmii.org]

Quote
bushing
Um... the entire contents of OTP (including all keys) are tacked on the end of the nand.bin dump that BootMii creates. Xyzzy is officially obsolete.

The last 1K of the file contains both the OTP and SEEPROM; you can find the structure definitions here:

That being the case, how do I extract this final 1k from the nand.bin file?

Quote
peter4432

Quote
bushing
Um... the entire contents of OTP (including all keys) are tacked on the end of the nand.bin dump that BootMii creates. Xyzzy is officially obsolete.

The last 1K of the file contains both the OTP and SEEPROM; you can find the structure definitions here:

That being the case, how do I extract this final 1k from the nand.bin file?

try a hex editor

Quote
1cefire
try a hex editor

How do I use a hex editor, as I have never used one in my life. I have download one called XVI32, but have not idea what I need to look for or how to use it.

Um... how exactly are you planning on using these keys? :(

To experiment and play around with FE100 Save unpacker and packer, to see what it does.

If "FE100 Save unpacker and packer" does what the name implies, shouldn't it only need the (well known) SD-key and maybe the other ID's used to sign a savegame, which can be grabbed from any savegame from your Wii?

Not according to the program description found here: FE100 Page

So can anyone advice me what hex editor to use on the nand.bin and how to use it to find the ecc key.



Edited 1 time(s). Last edit at 06/07/2009 03:41PM by peter4432.

WiiCrazy updated FE100's Key Grabber to extract the key from the nand.bin file. In his post he notes that he couldn't use the forgot-password link here, so I'm replying (this is exactly what I was looking for as well):

[wiicrazy.tepetaklak.com]

As for why you need the private key, it's explained here: [wiibrew.org]

Andrew

Quote
acertain
As for why you need the private key, it's explained here: [wiibrew.org]

That doesn't realy answer my question for me.

The SD key is well known, and any Wii's private key may be used to sign a savegame.
So unless it is illegal for reasons I do not know, I see no reason why FE100 or any other savegame manager can't be distributed with a working set of keys.

Where is my error?

Thank you all for the help, the problem in solved.

Quote
acertain
WiiCrazy updated FE100's Key Grabber to extract the key from the nand.bin file. In his post he notes that he couldn't use the forgot-password link here, so I'm replying (this is exactly what I was looking for as well):

[wiicrazy.tepetaklak.com]

As for why you need the private key, it's explained here: [wiibrew.org]

Andrew

Thanks for bringing it up here, due to lack of support from the forum admins I registered with my other nick.

@daniel_c_w : Practically I guess you can use any ecc key pair to pack a savegame since it's impossible for one wii to store all the public ecc key's of all wiis and there is no way for ninty to sign or check the actual signature.... still I didn't studied the whole process enough. there could be a catch there... about FE100, I did it while experimenting with c64 virtual console game injection. Segher's tools was in use by a few people who obtained the keys without knowing much about them (at least some of them) So once I realized which file segher's tools uses for what I created the program. It could be possible that one can pack saves with arbitrary ecc keys. Though still certain saves could be bound to specific wiis, those that have copy protection especially... I don't know if there is such a check but your wii could check if the save actually signed by your wii... As I said, I didn't test this behaviour... By the way there is already a rudimentary protection by system menu for those saves involving save header and the contents of the savefile..

Can normal Wii software (games) access the keys?
Is there any trace of them in the unpacked savegames?



@I.R.on: thanks for the answers

Quote
daniel_c_w
Can normal Wii software (games) access the keys?
Is there any trace of them in the unpacked savegames?

Normal wii software can't access the keys. System menu handles all the packing & unpacking stuff when saves are copied to and from sd and I guess it uses underlying ios to do all the encryption & decryption & signing... Thus system menu doesn't even know the keys...

There are three pieces of information you can obtain from a savefile.

1. Console id
2. Mac address of wifi interface
3. Public ecc key of that certain wii

of that specific wii that the savefile is coming from...

Quote
I.R.on
There are three pieces of information you can obtain from a savefile.

1. Console id
2. Mac address of wifi interface
3. Public ecc key of that certain wii

of that specific wii that the savefile is coming from...

You are talinkg about the packed .dat file, right?

My question was aiming at unpacked saves on the Wii's internal memory.
Is there any key related information?

By the way: how is the no-copy flag set internally?