Homebrew [MIGHT NOT WORK] 9.2+ Youtube Exploit (Should work on 9.4 and 9.5)

[0xFFFF]

What I am saying here is probably something that doesn't even work.
But I am sure there is something that can be exploiting in this, so give it a go.

1. Make a proxy that redirects all Youtube requests to your own server.
2. The server must contains Gateway's iFrame exploit.
3. Youtube will load that web page instead.
4. Possible hax?

 

[froatsnook]

I think I read that someone already tried this and the exploit doesn't work in youtube.

 

[Vappy]

Might want to ask for the misleading title to be changed.

 

[SelfDEstruction]

But the youtube app is useful to watch other videos from the internet.
Just find a google link on the mobile page, look under settings

 

[Deleted member 473940]

Holy shit. I thought there was a new exploit.
Let's go people. Nothing to see here.

 

[0xFFFF]

beforeload-iframe-crash.html.
Alright, outta here.

Explain?

 

[0xFFFF]

Can't.
Ah well, saying the name means it's already out. It's a not yet confirmed unexploitable html file that crashes the Wii U browser-haven't tested it on 3DS, might be exploitable there.

And what relation it have with my theory?

 

[VinsCool]

Can't.
Ah well, saying the name means it's already out. It's a not yet confirmed unexploitable html file that crashes the Wii U browser-haven't tested it on 3DS, might be exploitable there.

And you told me to not share

 

[N3XU5]

Could be possible, since youtube app is just a simple browser with flash support, if someone creates a script that will lead into a crash, than we will succeed..

Remember that you can leave the youtube itself and watch even porn with the system ( not that ive done it ....... Lol )

But hope you guys understand what im telling.

 

[0xFFFF]

None, but it might be useful on the 3DS.

It would be fun that people try the theory I posted instead of shooting file names that may or may not work with the 3DS that have 0 relations with my theory.

 

[WulfyStylez]

But nobody cares, nintendo was going to patch it anyway.

Ah yes, the fabled "my" exploit. hehe
Hax through youtube are completely possible, but aren't done since it's a little easier to hook onto spider.

 

[DarkFlare69]

Nothing here... The browser is probably the best (and only) way to go. They dont check every individual website to make sure it's not an exploit. And if they did, someone could just mirror that shit onto another host everytime it gets patched.

 

[SelfDEstruction]

The youtube app can be patched every minute, they just need to change their site. So i guess the web browser might be better.

 

[WulfyStylez]

The youtube app can be patched every minute, they just need to change their site. So i guess the web browser might be better.

Youtube also suffers from some MITM stuff and runs an older version of webkit. But yeah, browser's generally better.

 

[gamesquest1]

iirc part of what makes the browser exploit so useful is that its runs as an applet, allowing other games to be loaded+applet, which allows stuff like the rom injection hacks
not to mention the browser is just the entry point, all the big boy stuff is the later stages, taking over the system etc........and finally, how useful would an exploit be that's dependent on the user having an app that you can only download from eshop, and to download it from the eshop you need to update to the latest version.

one update later and anyone that will ever be able to use it will have to of downloaded it before the update hits.....nobody else can join the club......its always better to have any sort of exploit to be run from something that is free to use with anyone on a specific FW, not based on specific FW + specific app that can only be obtained via eshop, if it was released on retail cart, yeah sure, but that's still another cubic ninja story all over again

 

[WeedZ]

What I am saying here is probably something that doesn't even work.
But I am sure there is something that can be exploiting in this, so give it a go.

1. Make a proxy that redirects all Youtube requests to your own server.
2. The server must contains Gateway's iFrame exploit.
3. Youtube will load that web page instead.
4. Possible hax?

Whether you use the web browser or an app, the software still requires the same exploit. Is it possible to use youtube instead of spider? Doubtful considering the exploit is in spider. Even if it did work you would be confined to the resources that youtube has access to. Like with cubic ninja, you have no access to anything that the game doesn't.

It's not as simple as redirecting instructions from a proxy. In all probability it would return a 404 or crash.

How did you even decide what fw would work and which wouldn't? You could address to the gateway exploit in 9.5 but it just errors. why would any other software that uses the web browser have any different results, where ever the exploit is hosted?

And how exactly would you reach this page. You would need access to edit the youtube app to change what page it looks for, and I don't think a proxy can trick the app to look for a local ip instead of a domain which is pretty much a mask for an external ip.

Tl;Dr this is a pointless thread

 

[WulfyStylez]

Whether you use the web browser or an app, the software still requires the same exploit. Is it possible to use youtube instead of spider? Doubtful considering the exploit is in spider. Even if it did work you would be confined to the resources that youtube has access to. Like with cubic ninja, you have no access to anything that the game doesn't.

It's not as simple as redirecting instructions from a proxy. In all probability it would return a 404 or crash.

How did you even decide what fw would work and which wouldn't? You could address to the gateway exploit in 9.5 but it just errors. why would any other software that uses the web browser have any different results, where ever the exploit is hosted?

And how exactly would you reach this page. You would need access to edit the youtube app to change what page it looks for, and I don't think a proxy can trick the app to look for a local ip instead of a domain which is pretty much a mask for an external ip.

Tl;Dr this is a pointless thread

The exploit is in webkit, a library used by both youtube and spider. Youtube actually uses an even older version, in fact. It IS as easy as redirecting traffic. Like I literally just said, the youtube app is prone to MITM attacks. This was figured out like a year ago.
Version detection isn't possible with the youtube app since all versions have the same webkit version (and that doesn't update with system), but it's easy to tell users which link to go to for their system version.

Youtube still isn't a practical entry point since it's not on all devices and requires some mitm stuff rather than being entirely on-device, but I wanted to make it clear that technically there's nothing stopping an exploit from launching through the youtube app.

 

[Bug_Checker_]

Ah yes, the fabled "my" exploit. hehe
Hax through youtube are completely possible, but aren't done since it's a little easier to hook onto spider.

That can't be the same one as Kelton2's is as it was "discovered" by endoverend, and liked by Kelton2

https://gbatemp.net/threads/restricted-webkit-bug-finder.378725/#post-5290197

 

[WulfyStylez]

That can't be the same one as Kelton2's is as it was "discovered" by endoverend, and liked by Kelton2

https://gbatemp.net/threads/restricted-webkit-bug-finder.378725/#post-5290197

Ah, alright. Either way, I was just poking fun at the whole 'i discovered this bug, it's mine' business.

 

[Bug_Checker_]

Ah, alright. Either way, I was just poking fun at the whole 'i discovered this bug, it's mine' business.

I believe he phrased it even funnier like "my bug". Most people would not take credit for screwed up code.
It is like saying "I am proud 'my code' brought down xyz (like healthcare.gov). Hire me I know how to break stuff!"

After all that drama, It would be funny if that were "his bug".