Cooooool!! Some guys have a video of it here.
In summary:
- Boot Wii in Gamecube mode (which only allows access to certain areas of memory/ GC compatable hardware). However, you can still run custom GC code.
- Mess with the physical address select lines on the memory chips so that you can manually select out of bound memory areas.
- Do a complete memory dump with the above technique from code on a custom gamecube disk.
- Extract encryption keys from said memory dump…….
And the moral is: don’t leave encryption keys lying around in memory!
adq 