Twilight hack

The Twilight hack is the name given to the exploit found by Team Twiizers of Wiibrew.org in The Legend of Zelda: Twilight Princess that allows users to run unofficial homebrew software from an SD Card, if one has been inserted into the Wii. This is the first method used to boot homebrew software without the use of hardware modifications to the Wii console.

The hack exploits a buffer overflow error caused by loading a specially crafted save file for The Legend of Zelda: Twilight Princess. "Twilight Princess" save files store the name of Link's horse in the game (originally "Epona"). The save file used by the hack presents a much longer name than the game would expect. As a result, the excess characters in the horse's name overwrite a portion of the game's program in memory with a special loader program, causing The Legend of Zelda: Twilight Princess to crash as it runs the loader program. When the loader program runs, any program that is placed in the root directory of the SD card, with the filename "boot.elf" or "boot.dol", can be run.

Numerous applications have been written that can be run using this method. Because the hack loads an application through a glitch in The Legend of Zelda: Twilight Princess, the game originally had to be loaded whenever the user wished to run a homebrew application. Certain programs have been made to install custom Wii Menu channels, such as the Homebrew Channel, so that the applications can be run directly from the Wii Menu instead of through the Twilight hack.

Nintendo's response
On June 16, 2008, Nintendo released 3.3 update which automatically deletes and prevents the further storage of the unauthorized save files.

However, within six hours of the update's release, community members found two bugs in the update that in conjunction can allow a slightly modified Twilight hack to operate and have released a new version of the hack that work for Wiis with the 3.3 update. A release for 3.4 firmware was later released for the general public to be able to run the Twilight hack, even though each time the Wii boots it will delete the 'hacked' save file from the system memory. However, this does not prevent users from copying the file from the SD card to the system memory back each time the Wii is turned on and running the exploit without restarting the Wii first.

System Menu 4.0 blocks any version of the hack from being copied.