[破解]Wiigator发布一个新的工具cBoot2

该用户已被禁言

WARNING: You need to make a NAND backup with Bootmii before using this tool.
This is required to recover from fatal errors.

cBoot2 is a patched Boot2. You should be able to install a patched IOS if Bootmii is installed at boot2 location. You need to remove the GC memory card from slot 2 if you run this.

Note: This package is only needed for people, who have updated without return and lost all downgrade capabilities. You will need a boot1 with a sign bug to use it.

Purpose: Start patched IOS without installing using Bootmii loader. The
original Bootmii doesn't support to modify the file system. With this
package you get around this problem.

The description is included in the file.

http://gbatemp.net/index.php?download=5924

I am not sure if this will work on all systems. Please give me some response, if this is working.

EDIT: It is configured for PAL. It should changed the mode when boot.dol is started.

Using this package you can install old IOS version
which include the sign bug, which is needed for some applications.

以上引用自Wiigator的Blog

这个工具对Boot2进行了修改（也就是“c”的含义……）
貌似作用是－－使用Bootmii这个Loader，可以实现在未安装cIOS、又升级到新的System Menu版本的情况下，安装cIOS……原始的Bootmii并不支持直接修改文件系统（或者安装cIOS；因为需要借助别的软件）
相当于对Bootmii作用的扩展吧

困了，明儿再研究到底有何好处，都能展现什么美好的前景…… [s:248]  [s:248]  [s:248].

该用户已被禁言

cBoot2
######

Author: WiiGator

WARNING: You need to make a NAND backup with Bootmii before using this tool.
This is required to recover on fatal errors.

Purpose: Start patched IOS without installing using Bootmii loader. The
original bootmii doesn't support to modify the file system. With this
package you get around this problem.
As example the wad manager from Waninkoko is in the package included,
because programs need a small patch to use the full features. Waninkoko
was not responsible for this. I used it, because it is a nice example of
what this package can do. Using this package you can install old IOS version
which include the sign bug, which is needed for some applications.
Note: You need just to extract an old game disc to get the wad files.
First you need to select uninstall and then install in the wad manager.

What does it?
#############
This archive include tools for patching Boot2. The patched file is installed
to SD "/bootmii/armboot.bin". The file can be started by the Bootmii
loader. Only direct boot is supported (Bootmii installed in boot2 location
in NAND flash, not as IOS). SD cards can't be read when starting Bootmii over the
Homebrew Channel.

cBoot2Installer installs "/bootmii/armboot.bin" to the SD card.

You need to copy the files on the SD card. The installers also try to download
the files, but the files are not available for download (Maybe in future).

Installation:
#############

Copy all files in directory sdroot to the SD card. You will see "startup.elf",
"boot.dol" and the directories in the root of the SD card. Then you need to
copy additonal files into the given directory structure. The additional files
are not included in the package.

For running cBoot2Installer you need the following directory structure on
your front SD card (the first colum is the SHA1 sum):
6571655cad06c110c8895e910ff3fe307da1c52e  /00000001/00000024/v1042/00000004
bd0f4fc7dfe0d8f137549eb36fbfd56b3dae84ee  /00000001/00000001/v2/00000000.app
932ee88b8a63c6ac0856b222ae06acec77dc33ae  /00000001/00000001/v2/tmd.2
ace0f15d2a851c383fe4657afc3840d6ffe30ad0  /00000001/00000001/v2/cetk

The files in directory v2 are Boot2. You need to extract BOOT2-v2-64.wad.out.wad.
Note: /00000001/00000001/v2/00000000.app is decrypted.

After cpoying the files, you need to run the cBoot2Installer to get the
file "/bootmii/armboot.bin" on the SD card.

How it works?
#############
cBoot2Installer will install a ARM boot binary to "/bootmii/armboot.bin" on
the SD card.
This is started by the Bootmii loader (put in SD card and power on the wii).
This will:
1. Copy SD "/startup.elf" to NAND "/tmp/cboot2/ppcboot.elf".
2. Search for an IOS starting with IOS36 and going down to IOS3.
3. It will patch the kernel of the IOS to include the sign bug and
  will add the abilty to remove an installed IOS.
4. The patched kernel will be written to NAND "/tmp/cboot2/armboot.bin".
5. Start file "/tmp/cboot2/ppcboot.elf" from NAND on Broadway.
6. Start file "/tmp/cboot2/armboot.bin" from NAND on Starlet.
7. Broadway will then load the file "boot.dol" from SD and start it.
8. In this example the wad manager is started. The file is patched to
  not load a different IOS. All executables need such a patch. Or you
  will miss the main feature this package.

NOTE: The NAND "/tmp" directory will be deleted automatically when an IOS is started.

NOTE: libfat can crash if no SD card is inserted, when trying to create a new directory.

追加一段说明

该用户已被禁言

看了！不太懂！好像是在安裝BOOTMII的基礎上安裝有簽名漏洞的IOS！不過新的機可能會不適用的，畢竟BOOTMII都沒法裝不是！
Note: This package is only needed for people, who have updated without return and lost all downgrade capabilities. You will need a boot1 with a sign bug to use it.
通過這一段，看來作者也知道應用范圍不會太廣！

该用户已被禁言

cBoot2
######

Author: WiiGator

作者：WiiGator

WARNING: You need to make a NAND backup with Bootmii before using this tool.
This is required to recover on fatal errors.

警告：请在使用本工具前，先使用Bootmii对NAND进行备份，以便出错时进行恢复。

Purpose: Start patched IOS without installing using Bootmii loader. The
original bootmii doesn't support to modify the file system. With this
package you get around this problem.
As example the wad manager from Waninkoko is in the package included,
because programs need a small patch to use the full features. Waninkoko
was not responsible for this. I used it, because it is a nice example of
what this package can do. Using this package you can install old IOS version
which include the sign bug, which is needed for some applications.
Note: You need just to extract an old game disc to get the wad files.
First you need to select uninstall and then install in the wad manager.

目的：使用Bootmii loader直接安装/运行打过补丁的IOS，而无需安装有打过补丁的IOS。原始的Bootmii并不支持直接修改文件系统（注：或者安装cIOS；因为需要借助别的软件）。用这个软件包可以解决此问题。

What does it?
#############
This archive include tools for patching Boot2. The patched file is installed
to SD "/bootmii/armboot.bin". The file can be started by the Bootmii
loader. Only direct boot is supported (Bootmii installed in boot2 location
in NAND flash, not as IOS). SD cards can't be read when starting Bootmii over the
Homebrew Channel.

cBoot2Installer installs "/bootmii/armboot.bin" to the SD card.

You need to copy the files on the SD card. The installers also try to download
the files, but the files are not available for download (Maybe in future).

它到底是个什么东西？
#############
这个软件包包含了对Boot2打补丁的工具。经过补丁处理后的文件－－"/bootmii/armboot.bin"－－安装在SD卡上，可以通过Bootmii启动运行。只支持直接启动（Bootmii要使用boot2模式安装到NAND里，不能使用IOS模式安装）。当从HBC里启动Bootmii时，将无法读取SD卡。

cBoot2Installer将把"/bootmii/armboot.bin"安装到SD卡上。

需要将文件拷到SD卡上。虽然安装器也会试图下载该文件，但是这个文件根本下载不到（也许将来会）。

Installation:
#############
Copy all files in directory sdroot to the SD card. You will see "startup.elf",
"boot.dol" and the directories in the root of the SD card. Then you need to
copy additonal files into the given directory structure. The additional files
are not included in the package.

For running cBoot2Installer you need the following directory structure on
your front SD card (the first colum is the SHA1 sum):
6571655cad06c110c8895e910ff3fe307da1c52e /00000001/00000024/v1042/00000004
bd0f4fc7dfe0d8f137549eb36fbfd56b3dae84ee /00000001/00000001/v2/00000000.app
932ee88b8a63c6ac0856b222ae06acec77dc33ae /00000001/00000001/v2/tmd.2
ace0f15d2a851c383fe4657afc3840d6ffe30ad0 /00000001/00000001/v2/cetk

The files in directory v2 are Boot2. You need to extract BOOT2-v2-64.wad.out.wad.
Note: /00000001/00000001/v2/00000000.app is decrypted.

After cpoying the files, you need to run the cBoot2Installer to get the
file "/bootmii/armboot.bin" on the SD card.

安装：
#############
把所有sdroot目录下的文件拷到SD卡上，确保"startup.elf"、"boot.dol"和目录在SD卡的根目录下。然后，再把其他文件按照软件包里的目录结构照搬到SD卡上（注：别修改目录名、相对位置等），但这些其他文件不包含在本软件包内。

为了运行cBoot2Installer，需要按下面的目录结构（第一列是SHA1校验）：
6571655cad06c110c8895e910ff3fe307da1c52e /00000001/00000024/v1042/00000004
bd0f4fc7dfe0d8f137549eb36fbfd56b3dae84ee /00000001/00000001/v2/00000000.app
932ee88b8a63c6ac0856b222ae06acec77dc33ae /00000001/00000001/v2/tmd.2
ace0f15d2a851c383fe4657afc3840d6ffe30ad0 /00000001/00000001/v2/cetk

在v2目录里的文件就是Boot2，需要解压BOOT2-v2-64.wad.out.wad才能得到。
注: /00000001/00000001/v2/00000000.app已经解密。

拷完这些文件后，运行cBoot2Installer以便把"/bootmii/armboot.bin"安装到SD卡上。

How it works?
#############
cBoot2Installer will install a ARM boot binary to "/bootmii/armboot.bin" on
the SD card.
This is started by the Bootmii loader (put in SD card and power on the wii).
This will:
1. Copy SD "/startup.elf" to NAND "/tmp/cboot2/ppcboot.elf".
2. Search for an IOS starting with IOS36 and going down to IOS3.
3. It will patch the kernel of the IOS to include the sign bug and
  will add the abilty to remove an installed IOS.
4. The patched kernel will be written to NAND "/tmp/cboot2/armboot.bin".
5. Start file "/tmp/cboot2/ppcboot.elf" from NAND on Broadway.
6. Start file "/tmp/cboot2/armboot.bin" from NAND on Starlet.
7. Broadway will then load the file "boot.dol" from SD and start it.
8. In this example the wad manager is started. The file is patched to
  not load a different IOS. All executables need such a patch. Or you
  will miss the main feature this package.

NOTE: The NAND "/tmp" directory will be deleted automatically when an IOS is started.

NOTE: libfat can crash if no SD card is inserted, when trying to create a new directory.

工作过程：
#############
cBoot2Installer将把一个基于ARM处理器的启动程序作为"/bootmii/armboot.bin"安装到SD卡上。

这个启动程序通过Bootmii loader启动运行（插入SD卡再开机）。

然后：
1、把"/startup.elf"作为"/tmp/cboot2/ppcboot.elf"拷到NAND里
2、搜索、使用IOS36的一个IOS（注：？什么意思？），然后作为IOS3安装
3、对IOS的核心打补丁，使它具有虚假签名的bug，加入删除已安装IOS的功能
4、打过补丁的IOS核心作为"/tmp/cboot2/armboot.bin"写入NAND
5、通过Broadway（注：百老汇，就是Wii的主处理器）运行NAND里的"/tmp/cboot2/ppcboot.elf"
6、通过Starlet（注：Wii的另一个处理器）运行NAND里的"/tmp/cboot2/armboot.bin"
7、Broadway将从SD卡读取"boot.dol"并运行之
8、软件包中所带的例子是wad manager，就会被运行。这个文件经过补丁，不去读入另一个IOS，所有的可执行文件都需要这个补丁，否则就没法使用软件包的主要功能。

注：当IOS启动后，NAND里的"/tmp"会被自动删除。
注：如果没插入SD卡，libfat会由于试图创建一个新目录而崩溃。


以上翻译由njtumaq@A9VG独立完成，未使用google translate或者其他翻译软件，如需转载必须注明出处和译者！

PS：译文中括号里的内容，标明“注：”之处是译者所加，否则是原文中的文字。

wiiwaker

感谢罗网大大翻译了，感谢wiigator了，使用这个版本的wad manager，我终于装上IOS36了
本以为直接注释掉IOS—Reload这个函数就可以了，原来不行么

wiiwaker

软件更新了,bootmii安装为IOS可使用了

Edit: Link to new version, which will work if Bootmii is installed as IOS and fix SD card problems.
Download cBoot2 v16

I am not sure if this will work on all systems. Please give me some response, if this is working.

It is configured for PAL. It should changed the mode when boot.dol is started.

irasit

为了运行cBoot2Installer，需要按下面的目录结构（第一列是SHA1校验）：
6571655cad06c110c8895e910ff3fe307da1c52e /00000001/00000024/v1042/00000004
bd0f4fc7dfe0d8f137549eb36fbfd56b3dae84ee /00000001/00000001/v2/00000000.app
932ee88b8a63c6ac0856b222ae06acec77dc33ae /00000001/00000001/v2/tmd.2
ace0f15d2a851c383fe4657afc3840d6ffe30ad0 /00000001/00000001/v2/cetk

能解释一下这句是什么意思么？我打开了那个目录，里面什么都没有啊。

该用户已被禁言

因为这些东西需要你自行下载，包含在软件包里的话，在国外的法律来说是违法的
可以用NUS Downloader下载

qinrick

it is a good txt.
thank a lot.

qinrick

it is a good txt.
thank a lot.