Forgot your password?
typodupeerror

Wii Internet Connection Reverse Engineered 166

Posted by CmdrTaco
from the probably-violating-some-sort-of-lame-law dept.
AlexTheBeast writes "By packet sniffing his Wi-Fi connection, this hacker has already begun to dig into the internet interactions of the new Nintendo Wii. Basically, by using Firefox and after setting the user agent correctly, anybody can easily browse many WiiShop pages including the WiiShop main page and startup manual. More advanced connections including binary and virtual console downloads are currently in the works. Come join the project."
This discussion has been archived. No new comments can be posted.

Wii Internet Connection Reverse Engineered

Comments Filter:
  • by tttonyyy (726776) on Thursday November 23, 2006 @11:11AM (#16964252) Homepage Journal
    ..when developers play with their Wii.

    (Sorry, couldn't resist YAWJ (Yet Another Wii Joke))
    • by JFMulder (59706)
      or...

      This is what happens when you spend more time playing with your wii than thinking about how to make it safe.
    • by Anonymous Coward
      Wii was a very good name to choose, just because of how much it sounds like a pet name for the penis.

      Here in Finland there used to be a brand of chocolate milk called Jukiuilla. That sounds very, very close to a word which translates best to English as "bloody assrape".

      People remembered that brand of milk. It became a hit sensation among teens just because of its name. While other chocolate milks had more benign names, that chocolate milk had a name that stood out. I think Nintendo has managed, intentionall
      • Re: (Score:3, Informative)

        by tttonyyy (726776)
        That's true. When Nintendo announced the name, many people were disappointed, upset, and even angry. There was even a petition to Nintendo of America to change the name.

        Certainly everyone talked about it.

        And now we make affectionate jokes about the name, and it's quite accepted.

        Methinks Nintendo made a very smart (or lucky) choice.
        • It's a sign of how well Nintendo have made, marketed and managed the launch of the Wii that, PS3 fanboys and 7 year olds aside (aren't those the same thing? ;), practically no-one who is a bit into gaming is genuinely sneering at the name or the product.

          Now everyone might not make it our top priority gaming purchase (I am!), but no-one can ignore the games lineup, the innovation and the quality of service that Nintendo are offering.
      • by somersault (912633) on Thursday November 23, 2006 @12:58PM (#16965074) Homepage Journal
        Wow.. interesting why anyone would want to think about pounded crap while drinking chocolate milk :s Yuck
      • by eln (21727) on Thursday November 23, 2006 @01:32PM (#16965378) Homepage
        The Finns have a word for "bloody assrape"? I'm suddenly afraid to go to Finland.
      • Re: (Score:2, Informative)

        by Anonymous Coward
        Here in Finland there used to be a brand of chocolate milk called Jukiuilla. That sounds very, very close to a word which translates best to English as "bloody assrape".

        Huh? I'm not that young but I've never heard of such product. It doesn't get a single google hit either, not even suggestions for possible typos. Also, while I know more filthy slang terms for shady activites than would be really healthy, I can't figure out how that word could mean anything at all, let alone violent sodomy in Finnish. Did th
      • Re: (Score:3, Informative)

        by smoker2 (750216)
        Wii was a very good name to choose, just because of how much it sounds like a pet name for the penis.
        In the UK, wee is the "pet" name for piss.

        Great choice, they could have called it "shite".

      • Re: (Score:2, Informative)

        by Anonymous Coward
        Here in Finland there used to be a brand of chocolate milk called Jukiuilla. That sounds very, very close to a word which translates best to English as "bloody assrape".



        Sorry to be serious but no, we didn't have that brand of chocolate milk in Finland and no, it doesn't mean "bloody assrape" nor does it mean anything else in Finnish. This whole post is a nice story but totally false.

    • before I can squirt from my Wii too all the white/brown/black zunes on the block?
  • Bad smell (Score:2, Funny)

    by Rastignac (1014569)
    I don't want to sniff out my wii. ;)
  • by HappySqurriel (1010623) on Thursday November 23, 2006 @11:12AM (#16964262)
    So ... what's next?

    Will we be getting a news story about a Hacker who had installed the Wiis web-browser on his PC by going to http://www.opera.com/ [opera.com] ?

    • by cloricus (691063) on Thursday November 23, 2006 @11:27AM (#16964364)
      I was thinking that... Seriously today at work I sat in front of ethereal for two hours sniffing packets for regular network reports and just for general knowledge of what's going on and god knows what I saw go past. It isn't at all skillful to sniff out of a agent string and use a Firefox plugin to put in what ever you want - heck if you want to be 'uber leet' you can code your own agent string into Firefox! How awesome!

      So in summery this isn't even remotely interesting. Go home script kiddies...and by home I mean digg! (Yes I do have the karma to burn.)

      ...Still four weeks till we get Wii's in Australia. :(
      • Re: (Score:3, Insightful)

        i dont think the point was to be uber by displaying l33t h4ck1ng skillz0r. :)

        but its a start at developping homebrewed apps for the wii. heck, maybe create homebrewed wiishops servers so users can share wii games.

        thats the good thing with consoles on the net, its fairly easy to fool them once you know what kind of answer they expect.
    • Re: (Score:3, Interesting)

      by SausageOfDoom (930370)
      Well, seeing as this shows that the channels are web-based, I would imagine that one possible next step would be to hijack the connection when it reaches your router, and then, depending on the page request, return your own content.

      I'm guessing this would allow you to create custom channels by returning whatever content you wanted to the Wii. Perhaps it might also bypassing the need to buy Opera, as it sounds like it's already built in.
      • by NaDrew (561847)
        Perhaps it might also bypassing the need to buy Opera, as it sounds like it's already built in.
        Opera is free [opera.com].
  • Already Locked Down (Score:5, Informative)

    by A Brand of Fire (640320) on Thursday November 23, 2006 @11:14AM (#16964274) Homepage
    Apparently Nintendo has caught wind of this and has already set up redirects to the Wii root website from these links.
  • Roms! \o/ (Score:5, Interesting)

    by remembertomorrow (959064) on Thursday November 23, 2006 @11:21AM (#16964322)
    Once the Virtual Arcade system has been worked out, someone will put up a custom server where you can download the games for 0 points. All you'll have to do is point wii.com (or whichever A/AAA records are needed) to their server.

    It seems like this system will be hacked rather easily. :/
    • unless they do some of that stuff through https...
      • Then you just make a machine appear to be a Wii. Their server is none-the-wiser.
        • Re: (Score:2, Interesting)

          by named (3909)
          This is exactly what client certs were invented for. Using https with client & server certs allows the client to authenticate the server, and vice versa. It would be pretty easy for Nintendo to issue a cert for every Wii.

          The only issue might be the extra CPU involved in using SSL, but if they're going to be preventing loss of revenue I can see the accountants springing for the extra hardware :)
    • Re:Roms! \o/ (Score:4, Insightful)

      by HappySqurriel (1010623) on Thursday November 23, 2006 @11:25AM (#16964348)
      Once the Virtual Arcade system has been worked out, someone will put up a custom server where you can download the games for 0 points. All you'll have to do is point wii.com (or whichever A/AAA records are needed) to their server.

      It seems like this system will be hacked rather easily. :/


      Well, being that Nintendo is not stupid I suspect that ever virtual console game is signed to prevent copying; on top of that (being that each game is only usable on one particular system) it is possible that Nintendo signs the signed code for each console when you buy a game. Now, unless the system is physically cracked, I think that it is nearly impossible to break this system.
      • by Lissajous (989738)

        ...on top of that (being that each game is only usable on one particular system) it is possible that Nintendo signs the signed code for each console when you buy a game. Now, unless the system is physically cracked, I think that it is nearly impossible to break this system.

        I find it doubtful that Nintendo would do this. This would be putting the private signing key on a theoretically publically accessable network. You wouldn't believe how tightly guarded signing processes are - it's normally only 2 or 3 peo

        • I find it doubtful that Nintendo would do this. This would be putting the private signing key on a theoretically publically accessable network. You wouldn't believe how tightly guarded signing processes are - it's normally only 2 or 3 people in the world that have access to it. The implications for are far too great for them to even contemplate that approach. But I do agree with you that it's not going to be easily cracked, by any means.

          Not really ...

          If Nintendo can keep their super private signing key priv
      • Re: (Score:3, Interesting)

        by Abcd1234 (188840)
        What the hell are you talking about? Signing a binary doesn't prevent copying. All it prevents is someone from modifying the ROM and then running it on the Wii. The only thing that will "prevent copying" is full-on encryption. However, the Wii would then need the key to decrypt the content, at which point you just hack the Wii to get the key.

        Basically, they're facing the exact same problem content providers are facing: you're trying to lock down content while at the same time giving the user the means
        • by k8to (9046)
          You point out (correctly) that signing of roms won't prevent duplication. Then you claim that encrypting the roms _will_ prevent duplication. How, exactly would I be unable to duplicate ecrypted roms? They're just bits.

          The key to prevent piracy is to have keys at both ends which are verifiable. The store should use a pre-arranged key the wii can verify, and the wii should use a per-wii key that the store uses to modif the files, whether via signing or encryption does not matter. In this way, the wii wil
          • by Abcd1234 (188840)
            Ahh, I believe we're running under different assumptions. I came at the discussion considering the problem of preventing ROMs from the Wii being copied and played on, say, a computer. As such, I didn't address the issue of copying material from one Wii to another. In this case, you're absolutely right, the problem is solvable (well, barring hacking of the Wii firmware or some other more advanced trickery).
      • Re: (Score:2, Informative)

        by Xenographic (557057)
        If they did any such thing to prevent people from downloading the ROMs, quite frankly, it would be a complete and utter waste of time.

        As anyone should know by now, you can download ROMs and emulators for nearly any system you want online. It's not even hard. The Pirate Bay even has nice, huge, torrents with practically every ROM ever (including tons of bad dumps I have no idea why anyone would ever want).

        So really, they shouldn't even bother. It would be a total waste of their time and money. Heck, if t
        • Re: (Score:3, Insightful)

          I suspect that Nintendo would be very careful about what code was running on their system for fear that it could be exploited to produce a soft-mod to allow for pirated games to be run.

          Imagine if a buffer overflow error was found in the emulator, which allowed for unsigned code to be run, so the hacker could replace your firmware which allowed for booting from a usb hard-drive ...
    • I've been looking forward to Wii's release for some time, especially Virtual Console. Flicking through the linked manual, I have a couple of concerns. Check this out:

      Content downloaded from the Wii Shop Channel is saved within your Wii console memory... If the content you want to download requires more memory blocks than you have available, you will need to manage your content... You can either move memory blocks to an SD card, or you can delete channels or games you no longer need ready access to. If you

  • by DrXym (126579) on Thursday November 23, 2006 @11:40AM (#16964434)
    If it uses Bluetooth as it is supposed to, what is to stop the Wii remote being used on a PC or even a PS3 if you wanted to? What's the point you may ask - well it would make for useful mouse replacement for presentations, or just for couch surfing.
  • by palad1 (571416) on Thursday November 23, 2006 @11:43AM (#16964460)
    Good news everyone!
    By setting-up a squid proxy one could be able to make homebrews appear as games requiring 0 wii points before being sent to the wii, which will gladly accept it as a runnable executable!

    Now we just have to reverse engineer the 'Virtual Game Console'. 100 say it will turn-out to be a Mame clone.

    Can't wait till the Wii gets released in Europe. Oh my :)

    Besides, we may even be able to stream a divx player using this technique.
    • Signed code You (Score:1, Insightful)

      by Anonymous Coward
      I assume the phrase "signed code" has never entered your mind?

      Something tells me they learned a few lessons from the DS and WiFiMe.
    • by EvilRyry (1025309)
      I gotta believe these executables need to be signed or something. I can't believe they'd leave the back door wide open like that.

      If not though, does it run Linux?
    • Re: (Score:3, Informative)

      by geekboy_x (410674)
      You dont need that - the Wii Opera browser can hit normal web pages just fine, so flash-based homebrews can just be served off regular ol' pages, like this:

      http://wiicade.com/Home.aspx [wiicade.com]

      Have fun!
      • by LocalH (28506)
        Homebrew doesn't refer to Flash. Homebrew refers to unlicensed software running directly on the hardware.
        • I totally disagree. Flash is just an easy way of writing and distributing these games, it's still homebrew. You still use the Wiimote in order to control it. This can be "emulated" with a mouse, much like a SNES controller can be emulated with a keyboard, but it's just not the same.

          I would love to see a homebrew community formed around flash Wii apps. People could test out ideas very quickly, and show them to others as well. In fact, once Opera is officially released I really hope to see this happen.
  • by 8127972 (73495) on Thursday November 23, 2006 @11:44AM (#16964470)
    ..... the fact that this doesn't look like some sort of custom solution that would be forever tied to the hardware. Instead it seems to be very "off the shelf" in nature from what I can see. I'm impressed that Nintendo would go that route. Many companies wouldn't.
  • by SalaciousPucker (911419) on Thursday November 23, 2006 @11:48AM (#16964496)
    Microsoft is really the only console maker that has ventured online in any substantial way. They locked down their hardware and sealed off the wild wild internet (no IE on the 360) for good reason.


    I really think the Wii and/or the PS3 are going to be hacked to death. They have browsers, neither are experienced here and with Sony in particular, the whole thing seems kinda....rushed(?). I mean, with the media they are fine - people won't be burning blu-ray cheap enough soon enough. One click pirated downloads would be even worse though...it would be much easier. Given the cost & market for the PS3, a hack like this would be instant death for developer support.

    • by iapetus (24050) on Thursday November 23, 2006 @12:05PM (#16964648) Homepage
      Yes. With potential security holes like this, I doubt it'll be long before we see some sort of crazy hack to run Linux on the PS3. Wouldn't that be great?
      • Re: (Score:2, Insightful)

        by Virgil Tibbs (999791)
        thats where yellow dog linux is going- with all macs going intel, yellow dog hasno choice but to go to the ps3 because there are no other powerpc processors
        • by wootest (694923)
          Or stay on what has to be 40+ million PowerPC-based Macs in the world, or run on Wii or Xbox 360 (both also custom PowerPC-based cores).

          I hope you're not fooling yourself that the PowerPC is now doomed, doooooomed. It's already been in embedded devices for ages, and it looks like it will be staying in consoles for the foreseeable future as well.
    • by xtracto (837672)
      Microsoft is really the only console maker that has ventured online in any substantial way. They locked down their hardware and sealed off the wild wild internet (no IE on the 360) for good reason.

      That is something I found very interesting about Microsoft's new console. I kept hearing about the Hypervisor this and the Hypervisor that and the new Xbox was unbreakable and antihacker box and all that from Microsoft, after it was released I followed some of the hacking efforts and it seemed to be very heavy loc
    • by FroBugg (24957) on Thursday November 23, 2006 @12:28PM (#16964858) Homepage
      Is this really such a terrible thing for the Wii?

      Sure, some people may end up downloading pirated games instead of buying them from Nintendo, but as iTunes shows, people are perfectly willing to pay reasonable prices for things they can get free elsewhere.

      And since the Wii hardware itself is actually profitable for Nintendo (as opposed to the PS3), they're still going to make money from people who buy a Wii with no intention of ever buying a legit Virtual Console game or even a real Wii game. And maybe once these hackers have a Wii they'll buy some games after all.
      • Re: (Score:3, Interesting)

        by xtracto (837672)
        Sure, some people may end up downloading pirated games instead of buying them from Nintendo, but as iTunes shows, people are perfectly willing to pay reasonable prices for things they can get free elsewhere.

        And I am sure their primary userbase is not the hacker that downloads from romhustler or priarrrbay but mom and dad that get out of work, turn on their Wii and choose the newly released game from the Wii Channel.

         
      • by freeweed (309734)
        Well said. The 1% of us that know how to find ROM images online (while making sure they're the right ones, and transferring them to an SD card) aren't really going to do much damage here.

        Mom and Dad will still pay the measly $5 (although I really wish they had gone with iTunes' pricing model for 20 year old games!) and just click to download.
    • by StikyPad (445176)
      with the media they are fine - people won't be burning blu-ray cheap enough soon enough

      Eh.. One of the benefits of competing formats is that they're prone to price wars. I'd be surprised if BD/HD-DVD recordable media isn't below the $5 mark by this time next year, and burners in the $200-$300 range. That would be cheap enough to attract more than a few people, especially when it's the same cost as buying 3-6 games at $50-$60 a pop.
  • DNS redirection (Score:5, Informative)

    by AsnFkr (545033) on Thursday November 23, 2006 @11:52AM (#16964520) Homepage Journal
    Using DNS redirection you can get the Wii to any website you wish. Video [youtube.com]
    • Something I would like to see someone try is to redirect to a page that contains a movie file format which the Wii supports (like MOV); this could be the easiest way to convert your Wii to a media center extender (with crappy file support).
      • i wonder if fullscreen for flash videos is enabled in wiipera. this way i somehow imagine a myth frontend, on the fly encoded by the mythbackend, in the end a tv in the tv..

        PAT

  • by creimer (824291) on Thursday November 23, 2006 @11:54AM (#16964546) Homepage
    Isn't reverse engineering the Wii packets to figure out the proper browser user string a DMCA violation?
    • by Midnight Thunder (17205) on Thursday November 23, 2006 @12:13PM (#16964742) Homepage Journal
      Isn't reverse engineering the Wii packets to figure out the proper browser user string a DMCA violation?

      Depends. Reverse engineering is not a violation, but cracking encryption is.

      Note I haven't ever read the DMCA, so am I am relying on what I have heard on forums and new sites.
    • by crossmr (957846)
      Who cares, I don't live in a country which recognizes the DMCA. Lesson 1: America's laws are not the world's laws.
      • by idonthack (883680)
        Everyone in America cares, because we do live in a country that recognizes the DMCA.
         
        Lesson 2: Just because it doesn't affect you doesn't mean it isn't a valid question.
  • by v1 (525388) on Thursday November 23, 2006 @11:59AM (#16964588) Homepage Journal
    I am very surprised we are not seeing them use public key encryption here. If the wii has microsoft's public key, it can send encrypted requests which cannot be reverse engineered unless you are able to guess microsoft's private key. The way around this would be to disasemble the code on the wii. Since they are merely using packet sniffing, the traffic must not be encrypted. If someone were to have bet me if this would have been encrypted, well, I guess I would be out some money about now. Not that it's a bad thing for us, but what is microsoft thinking?? They had to know this would happen, and I can't believe they would sit idle and let it occur.

    Though I suppose in a couple months we'll see a "software update" (i.e. they drop the portcullis) and that'll be the end of the tinkering without a screwdriver.
    • by Yosho (135835) on Thursday November 23, 2006 @12:02PM (#16964602) Homepage
      You appear to be under the misconception that the Wii is produced by Microsoft. It's not. It was created by Nintendo. Unlike Microsoft, they're not obsessed with encrypting everything under the sun. Why would they care if somebody figures out their network protocol?
      • by JFMulder (59706)
        You said : Why would they care if somebody figures out their network protocol?
        The summary said : More advanced connections including binary and virtual console downloads are currently in the works.

        I suppose this means that there could be a way to get Virtual Console games for free or to leach them from someone else downloading them. Not good for Nintendo's business. Too bad it wasn't encrypted.
        • Re: (Score:2, Insightful)

          by Yosho (135835)
          I suppose this means that there could be a way to get Virtual Console games for free or to leach them from someone else downloading them.

          I highly doubt that knowing how the protocol works will enable people to get Virtual Console games for free. Everybody knows how HTTPS works, but you don't see people getting things for free from online stores all over the world. I suppose, in theory, it might be possible for somebody to sniff the connection of a download in progress, intercept the binary game data, and
          • by powerlord (28156)
            Not to mention that you would have to have a sniffer in a place where they can see that traffic. ... of course ... considering that the Wiis primary method of internet connection (along with the PS3 60GB) seems to be a WiFi connection, there me be quite a few people that can be in the position of being able to intercept the incoming traffic.

            Now imagine that someone creates the program to sniff the packets and grab the game payload.
            The only thing missing is a way to re-inject those payloads to a Wii, and any
    • by dimer0 (461593)
      What does Microsoft have to do with this?
    • Honestly, why would you encrypt this?

      Encryption takes overhead. And since every console would have to have the same key (public not private by the way in order to sign a page with something Nintendo would recognize) the key would not remain secret for long - so it would be a bit of development trouble for zero gain.

      • The news is that someone at a 'enterprise' was able to figure that out.

        Because of all other examples we're getting recently, we expected otherwise.

  • by zepo1a (958353) on Thursday November 23, 2006 @12:51PM (#16965028)
    This is for FF 1.5 (yeah lame..haven't updated yet, I assume will work for 2.0)
    type
    about:config
    in FF Address bar
    right click in window. New->String
    use
    general.useragent.override
    for preferemce name, click ok
    use
    Opera/9.00 (Nintendo Wii; U; ; 1038-58; Wii Shop Channel/1.0; en)
    as string value. click OK. you should now be able to hit the site without a redirect to wii.com
    • by inKubus (199753)
      After doing this, try going here: http://209.67.106.203/oss/common/vc/ [209.67.106.203] and then viewing the source. It seems that there's a lot of cool java and javascrpt here. Apparently there are java objects to access the video and sound of the Wii, some other stuff.

      Lots more to explore, more later.

  • by assassinator42 (844848) on Thursday November 23, 2006 @01:37PM (#16965426)
    It seems like they have it sort of working. When will they release it? And does this mean we won't be able to use USB keyboards and mice with the browser?
  • If you're sniffing Wii packets and they smell funny, do you take it to the doctor?
  • by AbRASiON (589899) * on Thursday November 23, 2006 @07:35PM (#16968536) Journal
    Serious question, I always wondered about the MS network.

Life would be so much easier if we could just look at the source code. -- Dave Olson

Working...