Eri HaKawai
by giantpune 


This is another wii exploit.  This time for "Tales of Symphonia: Dawn of the New World"  (RT4EAF).
Copy the "private" folder from this archive to the root of your SD card and merge it with any existing folder.  And install the save to your Wii just like any other save game.
Put some homebrew you want to start on the root of your SD card (not SDHC) as boot.elf.
Then start the game, and load the save data.
Once the game starts ( and you see a retarded dog waving at you ), press PLUS to enter the game's menu.
Scroll down to "Status" and press A.
Then scroll down till you see the character named "Giantpune".  Highlite him, and press A.
Hopefully everything works out like it should and the boot.elf is loaded from your SD card.



Source code is included that I used to make the exploit ( all of it is licensed under GPLv2 ).  Its a 2-part deal.  Build the stuff in the "loader" folder, and it should produce "loader.bin".  Then, using the Qt SDK, build the "ToSHack.pro" project.  It should create a program called "ToSHack".  This program will look for a couple different files.  It reads "./loader/loader.bin" which is the loader you already built, next it reads "./baseSave/0001000052543445/01.dat" which is the data file from some save I found online.  Then, it inserts the elf loader into the original save, overwrites some stuff to create the buffer overflow, fixes the checksums, and writes it to argv[1].  Once you have this, just pack it up with segher's tools.


credits...
team twiizers - savezelda elf loader
Pierre "delroth" Bourdon - originally found the buffer overflow & managed to turn it into a working exploit (for the PAL version of the game).  checksum code for PAL which was a great start when i was doing the USA checksum stuff
giantpune - the USA version of this exploit.  including - but not limited to - disassembling, poking, breakpointing, hex editing, checksumming, artworking, twintigging, tachtigging

And big thanks to...
Segher - really useful save packing/unpacking tools
nuke, link, dcx2, brkirch, Y.S, Frank Willie, et al - usb gecko, geckoOS, vdappc, geckoDotNET
megazig, dcx2 - lots of useful knowledge concerning ASM, registers, PPC behavior, and other similar low-level stuff

