Bannerbomb

Bannerbomb is currently the most popular exploit for hacking your Wii (on version 4.2 and lower). This is mainly because its the only exploit that can be launched from the wii menu itself, without having to buy a certain game.

It uses a malformed banner to cause a buffer overflow (as it fails to load the malformed banner, similar to a banner brick). Like this, it can load any boot.dol or boot.elf file that can be found in the root of the SD card.

If a boot.elf and a boot.dol are in the SD card root at the same time, Bannerbomb will fail to load.

The system menu 4.2 update blocked the old version of Bannerbomb. A new version was made that uses the same exploit, but on another place (the SD card menu that was added in update 4.0).

Since the new bannerbomb will only work with the SD card menu, it can only be used on System menu 4.0 and higher.

Only for:

Wii with System menu 4.2 or lower.
- For Wii with 4.3, use letterbomb/Wilbrand
- For WiiU, use a compatible exploit (or use a dedicated Wii U guide)

Required:

An SD card (Best results are with non-SDHC cards, SDHC will only work on 4.0 or above) formatted to FAT(32).

Links:

Bannerbomb v1 (system menu below 4.2): http://bannerbomb.qoid.us/index.old.php
Bannerbomb v2 (system menu 4.0 - 4.2): http://bannerbomb.qoid.us/index.new.php

Note: The author of bannerbomb does not like it when other people mirror his links. Please link to the bannerbomb site instead.

Guide:

Computer ----------------------

1. Go to the bannerbomb website (use the second link if you have System menu 4.2 and the other link for all the older versions). You will see some steps there, which you are free to follow, as this guide basically tells you the same.

2. First of all, we need to rename our private folder (this is because bannerbomb can only work if its the only file in the private folder). You can for example rename it to "privateold" or something similar. Of course you can also move the private folder to another place.

3. Download the first version of bannerbomb (aad1f_v108.zip for 4.1 and lower, abd6a_v200.zip for 4.2). Extract the zip file to the root of the SD card. You should have a private folder again, with only bannerbomb in it.

4. Download any wii app and place its .dol or .elf in the root of the SD card. Be sure to rename it to boot.dol/.elf

Wii ----------------------

5. If you enabled WiiConnect24, go to your Wii settings and disable it. This increases the chance for success (due a bug in bannerbomb)

6. Now we need to execute the bannerbomb exploit.

On 4.1 and lower: from the Wii dashboard (the screen with the channels you see after the health screen), press the big WII button at the bottom left. Now go to Data management, Choose Wii, and then go to the SD card. Since bannerbomb is on our SD card, it will execute automatically
On 4.2: go to the SD card menu and bannerbomb will execute.

7. After step 6, there are 2 things that can happen.

If it freezes, go back to the bannerbomb site and download the next version. You can find the next versions under step 6 of the bannerbomb site.
If it shows "Load boot.dol/.elf", it works and you can click YES to run it.

Note: if the wii freezes after the "Load boot.dol/.elf" prompt, this is not caused by bannerbomb but the app itself !

Additional Hackmii installer steps:

8. You will see a Scam warning screen.

Wait for the message at the bottom to appear, then press 1.

9. You will see a screen like this one:

Depending on your wii, it will show different things behind BootMii:.

If you see Can be installed, you can get BootMii as boot2 (which gives the best brick protection there is).
If you see Can only be installed as an IOS, you can only get BootMii as IOS (which will give you NO brick protection on its own).

Press A to continue.

Now we get to the main menu, where we can install everything.

First install the Homebrew Channel (choose Yes, continue).

The Homebrew Channel will now be installed on your Wii.

Optional (Recommended) Steps: Installing BootMii

BootMii is a helps greatly with Brick protection and it is recommended to install it.

10. In the HackMii main menu, choose BootMii... and press A. You will get another menu.

11. Install BootMii as IOS. This will always work.

12. If you're one of the lucky winners, choose install Bootmii as Boot2, then Yes, continue and let it install.

Once you're done, return to the Main menu and choose Exit. It will reboot the Wii.

13. Now you have to delete bannerbomb of the SD card! (just delete the "atkn" folder inside private/wii/title/).

Don't forget to restore your old private folder if you had one!

If you installed BootMii

If you installed BootMii, regardless whether it was as boot2 or IOS, it is recommended you use it to create a NAND backup. This backup can be used to restore the Wii to a working state in case you brick it.

You can learn about launching BootMii and making a backup on the BootMii page.

If you installed BootMii as Boot2, the BootMii menu will appear every time you boot your Wii.

If you don't want this, rename/move the "bootmii" folder on the SD card.
Alternatively, you can enable Wii menu auto-boot in the configuration file.

So, what's next?

It mostly depends on what you want to do.

I want to run basic homebrew applications:

=> You are already done! Visit the list of Homebrew Applications on Wiibrew. You can also view our Homebrew Channel page if you need help setting things up.

I want to load backup games from a USB drive, install WADs:

=> Continue on to install a cIOS which will allow you to use these more advanced apps.

I want to change the system menu theme:

=> First install Priiloader for additional brick protection, then read up on MyMenuify, the app which allows you to change the system menu theme.