The Twilight Hack was the first widely circulated exploit for the Nintendo Wii. This hack can only be executed by playing the game The Legend of Zelda: Twilight Princess with a modified save file. As with other hacks, the Twilight Hack uses an overflow to load data that wasn't normally meant to be loaded. To cause this overflow, the name of Link's horse was modified to be incredibly long, so when the game tries to buffer it, it will automatically cause a buffer overflow.

The hack is executed whenever the name of the horse has to show on the screen, which is logically in a conversation. This conversation occurs when talking to the man at the beginning of the game (the room where the game starts if you load the hacked save file). It is also possible to leave the room, causing the man to shout to you to come back and go to the horse, executing the hack as well.

System menu 3.4 came with a fix for this hack, but some minor modifications could solve this problem. As of System menu 4.0, this exploit is permanently blocked. (One of the reasons people use Bannerbomb now.)

A short time after, the source of the Twilight Hack was released.

Only for:
System menu 3.4 or lower

Required:
* An SD card (NO SDHC) formatted to FAT(32).
* The Legend of Zelda: Twilight Princess

Links:
* Twilight hack: http://hbc.hackmii.com/download/ (get the beta1 for 3.3 and lower or beta2 for 3.4)

Guide:

OnLiNe _-¯-_-¯-_-¯-_-¯-_-¯-_-¯-_-¯-_-¯-_-¯-_-¯-_-¯-_-¯-_-¯-_-¯-_¯-_¯-_¯-_¯-_¯-_¯-_¯-_¯-_¯-_¯-_¯-_¯-_¯-_¯-_¯OffLiNe


Wii ----------------------

1. The first thing you need to do is to play the game at least once. Its enough to just start the game and save after the introduction video ends. If you have an existing Twilight Princess save that you want to keep, do so before proceeding:

1. Put your SD card in your Wii.
2. Go into Wii Options ⇒ Data Management ⇒ Save Data ⇒ Wii
3. Find your Twilight Princess save, click on it, click "Copy", and click Yes.

Computer ----------------------

2. If you want to keep your save file, make a backup of the private folder on the SD card.

3. Download the version of the Twilight Hack for your System menu. You will get a zip file with some different versions of the Twilight Hack in it.
Extract the full zip file to the root of the SD card.

4. Now for the file we want to boot with the Twilight Hack
Download a Wii app (like the Hackmii installer) and place its .dol or .elf in the root of the SD card. Be sure to rename it to boot.dol/.elf


Wii ----------------------

5. Go to the Wii data management (Wii button on the bottom left > Data management > Save files). Now delete the Zelda save file on the Wii.

6. Switch to the SD card tab and select the "Twilight Hack" save that corresponds to your game region. Click copy and then yes. Now exit out of the menu.

7. Insert the The Legend of Zelda: Twilight Princess disc and run the game.

Note: if you have an American version of the game, you need to look at the bottom of the game disc first. If it has RVL-RZDE-0A-2 USA in its inner ring, you'll have to load TwilightHack2 in the next step. If it says something else, load TwilightHack0.

8. On the title screen of the game, press A and B to go to the main menu. Now load the twilight hack save file (see the note above for American users).

9. The game will start like normal. To execute the hack, talk to the first character you see, or try to leave the room.

10. Here, the buffer overflow takes over and the the ELF file will be loaded.