Hacking Firmware Reverse Engineering (Info Dump)

FunThomas

FunThomas

Well-Known Member
Member
Level 10
Joined
Jan 10, 2016
Messages
652
Trophies
0
XP
2,016
Country
Gambia, The
pwsincd said:
Bumping this thread to inform all those who signed up to my forum , if they havent been in a while to check out the progress made and see if you could offer assistance ...
Click to expand...

edit: removed link if its not wanted :)

its hard in this time to do find out whats wanted or not ;-)

btw real nice introduction to ROP on your forum ;-) thanx
 
Last edited by FunThomas,
FaTaL_ErRoR

FaTaL_ErRoR

AKA ŦƕƎ ƠṀƐƝ
Member
Level 4
Joined
Mar 9, 2014
Messages
491
Trophies
0
XP
443
Country
United States
Damn, this got buried.
I actually have a question. So, does loadiine actually load modded games? (I don't know because I don't use it)
If it can load modded games then what would stop me from modding a pause menu of a game to be a terminal?
From there I could call to the sd where my capstone framework is and proceed to disassemble things.
Also, may be able to build a linux tree and install it to the sd card and run it from the terminal in my modded game.
The modded game would allow full access to all the hardware as well. I ask this because I am considering having a go at modding assassins creed black flag and taking some swings at the Uplay channel. This may also allow a way to not be so dependent on the pc running as a webserver.
Just a thought...
 
FaTaL_ErRoR

FaTaL_ErRoR

AKA ŦƕƎ ƠṀƐƝ
Member
Level 4
Joined
Mar 9, 2014
Messages
491
Trophies
0
XP
443
Country
United States
Omegadrien said:
Are you serious? ... O_O Is it possible??
Click to expand...
It should be. With the work from triunix I should be able to upright a terminal. Just need to replace a few files in the game so when it goes to pause it pulls from different library then previous pause menu. Just not sure if loadiine is capable of loading such things.

rw-r-r_0644 said:
No, it's not possible
Click to expand...
Is this confirmation loadiine cannot load unsigned files?
Because I am doing some reading and starting to see file modding is able to be done via loadiine. Much like a mod menu worked on wii I am thinking it will work for the U.
This actually appears to be real promising the more about loadiine I am reading.
 
Last edited by FaTaL_ErRoR,
R

rw-r-r_0644

Well-Known Member
Member
Level 6
Joined
Jan 13, 2016
Messages
351
Trophies
0
Age
22
XP
741
Country
Italy
FaTaL_ErRoR said:
It should be. With the work from triunix I should be able to upright a terminal. Just need to replace a few files in the game so when it goes to pause it pulls from different library then previous pause menu. Just not sure if loadiine is capable of loading such things.
Click to expand...
A. Games have not full access to hardware and 90% of them neither have access to SD
B. If you runn a Game from Loadiine making the WiiU think that you are running MiiMaker, it obviously give you the same access as MiiMaker
C. WiiU doesn't have a terminal
D. The files would anyway need a lot of patches to work in WiiU mode
E. It would be a lot easier (and would have the same results) running something from MarioNumber1's OSLoader

So sorry but no, it's not possible
 
FaTaL_ErRoR

FaTaL_ErRoR

AKA ŦƕƎ ƠṀƐƝ
Member
Level 4
Joined
Mar 9, 2014
Messages
491
Trophies
0
XP
443
Country
United States
rw-r-r_0644 said:
A. Games have not full access to hardware and 90% of them neither have access to SD
B. If you runn a Game from Loadiine making the WiiU think that you are running MiiMaker, it obviously give you the same access as MiiMaker
C. WiiU doesn't have a terminal
D. The files would anyway need a lot of patches to work in WiiU mode
E. It would be a lot easier (and would have the same results) running something from MarioNumber1's OSLoader

So sorry but no, it's not possible
Click to expand...
The game has enough access to hardware to do what I need and one could modify the game in question to access the sd the same way smash does. MiiMaker has enough access to onboard library. Wii u doesnt need a terminal as I am injecting one. And lets just say I have access to "wiiu mode" and not really worried about "patching". And if I am asking the limitations to loadiine so I can upright a terminal via a game why on earth would I want to run something from an OSLoader?
Not doing the lettering thing there.
davetheshrew said:
I had a dream about using skylanders and writing a sploit to nfc tag and had usb access...pity it was just a dream.
Click to expand...
In wii this is very possible. Works much like the twilight princess hack. And with the latest skylander game two characters and a car can be placed on the portal. Payload in the first tag, usb parameters in second tag, and hbc in third tag. Between all three tags there is enough space to execute such an attack.
 
Last edited by FaTaL_ErRoR,
  • Like
Reactions: davetheshrew
R

rw-r-r_0644

Well-Known Member
Member
Level 6
Joined
Jan 13, 2016
Messages
351
Trophies
0
Age
22
XP
741
Country
Italy
FaTaL_ErRoR said:
The game has enough access to hardware to do what I need and one could modify the game in question to access the sd the same way smash does. MiiMaker has enough access to onboard library. Wii u doesnt need a terminal as I am injecting one. And lets just say I have access to "wiiu mode" and not really worried about "patching". And if I am asking the limitations to loadiine so I can upright a terminal via a game why on earth would I want to run something from an OSLoader?
Not doing the lettering thing there.

In wii this is very possible. Works much like the twilight princess hack. And with the latest skylander game two characters and a car can be placed on the portal. Payload in the first tag, usb parameters in second tag, and hbc in third tag. Between all three tags there is enough space to execute such an attack.
Click to expand...
I'm sorry if my previous reply appeared a bit rude, that wasn't my intention
Also I guess I didn't corrctly explain some points; with WiiU Mode I mean not-vWii-mode because trinux was made to run on WiiU's vWii mode. And OSLoader is a very useful program made by MarioNumber1 that is able to load another kernel, so in that case, the Linux kernel.
Anyway there are no reasons to patch a game with loadiine when you can easily load elf files from the homebrew launcher: "just" patch a lot of source of trinux, make osldr an elf and make it load from sd and you are done ;)
 
FaTaL_ErRoR

FaTaL_ErRoR

AKA ŦƕƎ ƠṀƐƝ
Member
Level 4
Joined
Mar 9, 2014
Messages
491
Trophies
0
XP
443
Country
United States
davetheshrew said:
I had a dream about using skylanders and writing a sploit to nfc tag and had usb access...pity it was just a dream.
Click to expand...
rw-r-r_0644 said:
I'm sorry if my previous reply appeared a bit rude, that wasn't my intention
Also I guess I didn't corrctly explain some points; with WiiU Mode I mean not-vWii-mode because trinux was made to run on WiiU's vWii mode. And OSLoader is a very useful program made by MarioNumber1 that is able to load another kernel, so in that case, the Linux kernel.
Anyway there are no reasons to patch a game with loadiine when you can easily load elf files from the homebrew launcher: "just" patch a lot of source of trinux, make osldr an elf and make it load from sd and you are done ;)
Click to expand...
no not rude at all. I was saying im too lazy to do it in that format. (Abc...ect)
And I think you missed my point. My intention is to trigger this in game. And from there hope to jump through it and exploit the uplay channel. This is because the uplay channel gets triggered ingame. And uplay accesses ios. Also uplay has usb access as well. The terminal and capstone framework will help with working in console. That and smack nint in the face. And making a run at this will force another area they have to watch and patch. Which will in turn result in patches that arent so well thought out and riddled with new bugs. Im not interested in linux itself, just pushing the limits on modded games a bit in search of a new point of entry
 
  • Like
Reactions: rw-r-r_0644 and davetheshrew

Site & Scene News

Go to forum More news

Popular threads in this forum

A really, REALLY old browser exploit (for 5.3.2)?

Gaming  Online services for the 3DS and Wii U have been shutdown. Here is how to get back online!

Hacking Hardware  Wii U No Display (Logs dumped)

Hacking Gaming  Xenoblade Chronicles X - Lifeline and Enhancement Mod

Super Mario Maker Save Collection (All Event and Staff Courses Preserved, 3DS Mario Challenge Port, and More)

Watch videos on Wii U, offline, saved on SD?

Can you hack your wii u with something other than sd card

Pretendo not working with updated games?!

General chit-chat
Help Users
  • No one is chatting at the moment.
    Xdqwerty @ Xdqwerty: @SylverReZ