Remembering how the Nintendo Wii was cracked


Modern Vintage Computing

Nintendo’s RSA implementation contained a critical flaw. They used the C strncmp() [string compare] function that has the side-effect of terminating when null is found. Nintendo was passing byte values to the strncmp(), so in the event of null bytes found early in the hash, brute-forcing the SHA1 hash could be performed in minutes. That, in turn, meant that digital signatures could be easily faked.

… they could [now] run code unsigned …

This was my favourite nugget in a great video about how Team Tweezers circumvented protections in the Wii console to run homebrew software. It proves how tenuous all this stuff can be when your cryptography is let down by one of the most fundamental C programming mistakes they teach you at uni.

Hold on, I just heard someone shout RUST! in the distance. Maybe they shouldn’t have dunked their Nintendo Wii in water.

Author bio and support


Ruben Schade is a technical writer and infrastructure architect in Sydney, Australia who refers to himself in the third person. Hi!

The site is powered by Hugo, FreeBSD, and OpenZFS on OrionVM, everyone’s favourite bespoke cloud infrastructure provider.

If you found this post helpful or entertaining, you can shout me a coffee or send a comment. Thanks ☺️.