Hacking Wii U Hacking & Homebrew Discussion

[golden45]

So you just create a CPU1 thread for RPC?

Yes, nothing more.

It can still crash the loader if the connection is ended on computer side.

For the dump_mem function, I'm sure it's not working good. So I made another function, here it is:

def dump(self, address, num_words, filename):
        total_words = 0

        mem = open(filename, 'wb')
        step = 100
        while total_words < num_words:
                        data = []
                        words_to_read = step
                        if ((total_words + words_to_read) > num_words):
                            words_to_read = num_words - total_words

                        # Build an RPC request and send it
                        request = struct.pack(">III", 0, address, words_to_read)
                        self.conn[0].sendall(request)

                        # Block for a reply
                        reply = self.conn[0].recv(512)
                        fmt = '>' + str(words_to_read) + 'I'
                        data.extend(struct.unpack(fmt, reply[4:4+(words_to_read*4)]))
                        address += (4 * words_to_read)
                        total_words += (4 * words_to_read)

                        for word in data:
                            mem.write(struct.pack(">I", word))
                        print "%d/%d" % (total_words, num_words)

        print("Dumped to " + filename)
        mem.close()

 

[soneek]

Spoiler: Did another thing with Sm4sh music

 

[the_randomizer]

Damn, seeing the SSB4 music hacks makes waiting for it all the harder to endure ><

 

[Cyan]

Also I've seen others post about this as well; I have openDNS set up, and up until a few days ago the download manager was X'd out in the home screen. Now it isn't and its status says updating something every time I turn on the wii. My IP did not change and I'm still on 5.3.2 (and I don't know what its downloading), but that's happening to me.

openDNS is maybe not safe.
You could try to download/access some files using your browser to see if OpenDNS is correctly filtering them.
You should see an html page with a forbidden message.

if you block the "nus.cdn*" but not the "nus.wup.shop*" then it will initiate update downloading, but the downloaded files from nus.cdn should be replaced by the forbidden message. After the download the console will try to install the update but will fail and delete corrupted files.

Check your openDNS account to be sure all 5 URLs are correctly added. Maybe there are other URLs used to update that we don't know (from akamai for example).

You could add these to the filters for additional safety:
ecs.wup.shop.nintendo.net // download environment check
ias.wup.shop.nintendo.net
ccs.wup.shop.nintendo.net
tagaya.wup.shop.nintendo.net // update environment check
or just block all wup subdomain "*.wup.shop.nintendo.net"

I noticed that a hard reset (keep power pressed for 4 seconds) sometime removes the "X'd out in the home screen" and the download/update info in the download manager. Maybe it also deletes temporarily downloaded files.

 

[AntagonistX]

I've been watching this thread for about a month since buying my wii u and thought it was time to try and help out. I'm a computer science major at University of Michigan and while I understand the C code in the repository, I don't have much of a clue when it comes to the reverse engineering. I tried to get the RPC working to mess around with it, but it wouldn't work, either with a crash or "Invalid RPC command."

Anyways, what's a step in the right direction? I probably won't have time to learn anything new so I don't need to you PM me any keys or anything, but as I already have experience with C I might as well try and mess around with this in my spare time during summer break.

Also I've seen others post about this as well; I have openDNS set up, and up until a few days ago the download manager was X'd out in the home screen. Now it isn't and its status says updating something every time I turn on the wii. My IP did not change and I'm still on 5.3.2 (and I don't know what its downloading), but that's happening to me.

A good place to start with reversing is understanding asm and debugging with say, win32dasm. Start with cracking a basic nag screen (serial number, modify je to jne).
Mario 1, the gamepad can be off while the system is running. Turning the gamepad on jumps right into the app. Could sniffinf the data and sending some false signals open any doors

 

[JaceCearK1]

A good place to start with reversing is understanding asm and debugging with say, win32dasm. Start with cracking a basic nag screen (serial number, modify je to jne).
Mario 1, the gamepad can be off while the system is running. Turning the gamepad on jumps right into the app. Could sniffinf the data and sending some false signals open any doors

I think there's only a function in the RPL's that turns off the Gamepad, screen not the entire Gamepad!

 

[JustPingo]

A good place to start with reversing is understanding asm and debugging with say, win32dasm. Start with cracking a basic nag screen (serial number, modify je to jne).
Mario 1, the gamepad can be off while the system is running. Turning the gamepad on jumps right into the app. Could sniffinf the data and sending some false signals open any doors

If I remember right the console only streams image and sounds and receive the inputs from the Gamepad. So I guess there's nothing to steal.

 

[Sammi Husky]

Spoiler: Did another thing with Sm4sh music

Have you tried using my app to make any moveset edits yet? Or do we still need dt/ls access for that at the moment?

 

[lupo90]

I would actually help/try to help - anyone has private contacts (skype, whatsapp..) to fast forward me to the point of being helpful?
Also if someone links me all the important stuff to read/know, github, keys, etc, in private I can meanwhile study them.
I am quite expert in web development and styling, mobile application (either android and iOS) and desktop applications (java, multi-platform).
I am not into reverse engineering or such but I am very willing to learn and we could help each other and share knowledge
Once I get into something, I get very obsessive until I get what I want - even if new programming languages are involved I am ready to learn.
I studied C in university, I've not programmed anything with it to be honest so I quietly forgot it, but I can jump on it again and also I loved its bestial difficulty :-)

 

[NWPlayer123]

Have you tried using my app to make any moveset edits yet? Or do we still need dt/ls access for that at the moment?

Can only edit stuff in memory, like the MSBT with all the text, so that isn't exactly the easiest thing

 

[starerik]

It has been a few weeks since I actively checked this thread and suddenly things are happening but too much is happening. I would like to know, is it possible to use custom music in The Wind Waker HD at the moment?

 

[sj33]

Also I've seen others post about this as well; I have openDNS set up, and up until a few days ago the download manager was X'd out in the home screen. Now it isn't and its status says updating something every time I turn on the wii. My IP did not change and I'm still on 5.3.2 (and I don't know what its downloading), but that's happening to me.

I feel that CCProxy is a safer option than OpenDNS because it relies on a MAC address rather than a potentially-changing variable such as an IP address. You should still turn your console off as soon as it looks like it's downloading something though because there's no 100% safe solution and it's better to be safe than sorry.

I've said this before, but people should really delete their internet settings every time and only re-add them when they actually intend to use the Wii U exploit. It's a pain, but it avoids these kinds of accidents such as updating in the background. Also, unplug the console from the wall socket (or use one of those multiplugds with individual on/off switches) rather than trusting your console to not update in standby mode.

 

[pedro702]

I feel that CCProxy is a safer option than OpenDNS because it relies on a MAC address rather than a potentially-changing variable such as an IP address. You should still turn your console off as soon as it looks like it's downloading something though because there's no 100% safe solution and it's better to be safe than sorry.

I've said this before, but people should really delete their internet settings every time and only re-add them when they actually intend to use the Wii U exploit. It's a pain, but it avoids these kinds of accidents such as updating in the background. Also, unplug the console from the wall socket (or use one of those multiplugds with individual on/off switches) rather than trusting your console to not update in standby mode.

Or like me use a lan adapter and just unplug the ethernet cable much simpler.

 

[nastys]

Why don't you just disable standby mode, auto-updates, SpotPass downloading and such?

 

[sj33]

Indeed, using a LAN adaptor and disconnecting works too. The issue is people leaving their console connected to the internet in standby mode then complaining that their console has auto-updated because they trust OpenDNS/CCProxy/their router blacklist too much.

Just disabling standby settings isn't enough. The Wii U will *always* auto-update in the background as long as it is in any kind of standby mode i.e. the red light is lit up on the front of the console.

 

[wj44]

I used ninja_carver's guide to block my updates
https://gbatemp.net/threads/create-your-own-dns-server-to-block-nintendo-updates.384648/

 

[pedro702]

Indeed, using a LAN adaptor and disconnecting works too. The issue is people leaving their console connected to the internet in standby mode then complaining that their console has auto-updated because they trust OpenDNS/CCProxy/their router blacklist too much.

Just disabling standby settings isn't enough. The Wii U will *always* auto-update in the background as long as it is in any kind of standby mode i.e. the red light is lit up on the front of the console.

not really i had my automatic downloads off and it only tryed to download the update when i turned it on.most people have automatic downloads on thats why they update in standbymode.

 

[sj33]

I still don't understand the purpose of leaving your console in standby mode and inviting unnecessary risk.

Just use your country's equivalent of one of these and switch off your console manually.
http://ecx.images-amazon.com/images/I/51wFL8YIKFL._SX300_.jpg

 

[soneek]

Can only edit stuff in memory, like the MSBT with all the text, so that isn't exactly the easiest thing

I cracked down and figured it out last night actually. I can at least edit anything that's included in update files. The big thing will be making custom patches.

Have you tried using my app to make any moveset edits yet? Or do we still need dt/ls access for that at the moment?

I can try it out. I'll do another video if I get some noticeable edits working.

 

[Gamnaught]

Any reason why you guys are using openDNS that sounds unreliable and a pain to setup instead of PsvProxy modified to block all of Nintendos update servers?
PsvProxy works like a charm and is ready to start blocking right away, seems like the better choice to me.