NWPlayer123 teases 5.5.1 IOSU

[Ghassen-ga]

I'm not really sure they care if we believe them or not...

Wut ? so they aren't using our belief to pay for their expenses ?

 

[Fjar]

I'm not really sure they care if we believe them or not...

Of course they don't: i'm talking about all these persons who still believe this is upcoming release or something else.

 

[vgmoose]

Not really, you can develop for current Wii U's HBL, but you are limited in terms of services, you can only do what Mii Maker does.

You can do everything Smash Bros does as @Maschell demonstrated, which is also anything that an official Wii U title can do (and more).

As it's been said before, there's no denying full USB support or CFW would be new interesting avenues, but having complete and total access to everything an official developer has is not "limited" by homebrew standards. And the learning curve remains!

It's saddening to see so many potential developers turn away from the console. There's still plenty to explore here (the Gamepad is cool!) and the more dev eyes the better. ;(

 

[Logan Pockrus]

inb4 move to EoF.

EDIT: Ninja'd.

 

[CeeDee]

As it's been said before, there's no denying full USB support or CFW would be new interesting avenues, but having complete and total access to everything an official developer has is not "limited" by homebrew standards.(

Problem is, people don't want total access to the things devs have. Devs can't install warez.

 

[henn64]

inb4 move to EoF.

ninja'd

But this thread hasn't met proper shitposting standads yet...

On a scale of Serious to Gatewait, I give this a solid 3.141592653...

And it's best we keep it that way.

 

[NWPlayer123]

Is there a simple start-to-finish explanation of the WiiU security architecture, and what portion(s) are broken / to be broken?

e.g., Something similar to 3dbrew.org's list of 3DS system flaws or the Dec. 27 C3 talk that derek/smea/plutoo gave?

Um no but I can probably write something up even though I'm not that experienced in the Starbuck yet
Basically, run code via web browser (which has JIT we can copy payloads into) or from a game save which needs to be entirely ROP, then you're running in a sandbox in PowerPC/Espresso Userspace
you have access to a whole table of syscalls which is how you can exploit the kernel with malformed data http://wiiubrew.org/wiki/Cafe_OS_Kernel_Syscalls
You don't need to own the kernel but it makes it a lot easier, then you need to use IPC or something to start running code on ARM which has to be entirely ROP cause there's no JIT at all
After you've got code execution on ARM/Starbuck you have free reign to probe and exploit IOS-Kernel
All the code on ARM is from fw.img which decrypted is just an ELF with a bunch of sections it loads in http://wiiubrew.org/wiki/IOSU#Modules to memory http://wiiubrew.org/wiki/IOSU#Virtual_Memory_Map
the PPC Kernel's loaded into 0xFFE00000 (Virtual+Physical)as an ancast image and decrypted on the spot (so it also has the 0x100 header), and games running in userspace use 0x0E000000 and 0x10000000 for code+data, libraries are in 0x01000000 (these are all virtual), and the rest all builds from there, apps can access most other stuff like MEM1 and the Foreground bucket from userspace

 

[Kafluke]

Um no but I can probably write something up even though I'm not that experienced in the Starbuck yet
Basically, run code via web browser (which has JIT we can copy payloads into) or from a game save which needs to be entirely ROP, then you're running in a sandbox in PowerPC/Espresso Userspace
you have access to a whole table of syscalls which is how you can exploit the kernel with malformed data http://wiiubrew.org/wiki/Cafe_OS_Kernel_Syscalls
You don't need to own the kernel but it makes it a lot easier, then you need to use IPC or something to start running code on ARM which has to be entirely ROP cause there's no JIT at all
After you've got code execution on ARM/Starbuck you have free reign to probe and exploit IOS-Kernel
All the code on ARM is from fw.img which decrypted is just an ELF with a bunch of sections it loads in http://wiiubrew.org/wiki/IOSU#Modules to memory http://wiiubrew.org/wiki/IOSU#Virtual_Memory_Map
the PPC Kernel's loaded into 0xFFE00000 (Virtual+Physical)as an ancast image and decrypted on the spot (so it also has the 0x100 header), and games running in userspace use 0x0E000000 and 0x10000000 for code+data, libraries are in 0x01000000 (these are all virtual), and the rest all builds from there, apps can access most other stuff like MEM1 and the Foreground bucket from userspace

"Just make it say hello, it has to say hello" -SJ

 

[Vappy]

the Dec. 27 C3 talk that derek/smea/plutoo gave?

fail0verflow's talk from a few years ago if you haven't already seen it.

 

[conradcervantes]

I'm not really sure they care if we believe them or not...

Then they can have fun jerking each other off on twitter while everyone else loses interest.

 

[Deleted User]

"Just make it say hello, it has to say hello" -SJ

Omg YESS! Have you seen the new Steve jobs movie?!!

 

[Cylent1]

This is the type of BULLSHIT right here is why people on this site are sick and tired of these pansy asses always rubbing shit in our faces.
OK then if they wanna show us and then delete it because of lawsuits and what not, But every other month?
This is getting as old as Hillary Clinton...

 

[TotalInsanity4]

This is the type of BULLSHIT right here is why people on this site are sick and tired of these pansy asses always rubbing shit in our faces.
OK then if they wanna show us and then delete it because of lawsuits and what not, But every other month?
This is getting as old as Hillary Clinton...

So... a little older than middle aged? http://www.bing.com/search?FORM=U162DF&PC=U162&q=hillary+clinton+age

 

[Swiftloke]

Um no but I can probably write something up even though I'm not that experienced in the Starbuck yet
Basically, run code via web browser (which has JIT we can copy payloads into) or from a game save which needs to be entirely ROP, then you're running in a sandbox in PowerPC/Espresso Userspace
you have access to a whole table of syscalls which is how you can exploit the kernel with malformed data http://wiiubrew.org/wiki/Cafe_OS_Kernel_Syscalls
You don't need to own the kernel but it makes it a lot easier, then you need to use IPC or something to start running code on ARM which has to be entirely ROP cause there's no JIT at all
After you've got code execution on ARM/Starbuck you have free reign to probe and exploit IOS-Kernel
All the code on ARM is from fw.img which decrypted is just an ELF with a bunch of sections it loads in http://wiiubrew.org/wiki/IOSU#Modules to memory http://wiiubrew.org/wiki/IOSU#Virtual_Memory_Map
the PPC Kernel's loaded into 0xFFE00000 (Virtual+Physical)as an ancast image and decrypted on the spot (so it also has the 0x100 header), and games running in userspace use 0x0E000000 and 0x10000000 for code+data, libraries are in 0x01000000 (these are all virtual), and the rest all builds from there, apps can access most other stuff like MEM1 and the Foreground bucket from userspace

Wait, so what malformed data do we pass to what syscall and how? And, remind me again, isn't a syscall like a communication agent between userspace and the kernel?

 

[Kioku]

Come on man, we know your shtick by now, it's getting old, if you're so bothered by them all the time, just block them already and never see a post from them again, problem solved.


Sent from my iPhone using Tapatalk

That'd be too easy. Epic is in every one of these IOSU threads, bashing OP in one way or the other.

 

[TheZander]

This is the type of BULLSHIT right here is why people on this site are sick and tired of these pansy asses always rubbing shit in our faces.
OK then if they wanna show us and then delete it because of lawsuits and what not, But every other month?
This is getting as old as Hillary Clinton...

Finally a rational, calm and collected cohesive statement in this whole thread!



Actually Zander, the user you quoted was not rational or collected at all. I find it hard to believe anyone could see it like that. There was absolutely no sense of tranquility in the tone of his post. You must really be an idiot for misconstruing it as such, I hope you go on to reconsider your life choices and ambitions. Smiley face, winky face, head bashing face, eye roll face.

^^Now read that in the most over the top, mockery voice you can conjure up with.

 

[henn64]

Finally a rational, calm and collected cohesive statement in this whole thread!



Actually Zander, the user you quoted was not rational or collected at all. I find it hard to believe anyone could see it like that. There was absolutely no sense of tranquility in the tone of his post. You must really be an idiot for misconstruing it as such, I hope you go on to reconsider your life choices and ambitions. Smiley face, winky face, head bashing face, eye roll face.

^^Now read that in the most over the top, mockery voice you can conjure up with.

Save yourself the trouble and just slap an /s on that instead

Epic is in every one of these IOSU threads, bashing devs and being salty

FTFY

 

[TheZander]

Save yourself the trouble and just slap an /s on that instead

Nah, I will never do that. Cheapens the whole post. If people can not tell a genuine post from a non genuine one. They need to get used to it, otherwise in the real world if people don't obviously smirk or blurt ''just kidding!'' Then they have trained themselves to be gullible idiots. Just read and think for awhile without responding off the cuff. Not you, but these other people who were incapable of realizing Zelda had nothing to do with anything and that the suggestion was so absurd and irrelevant to the topic at hand that it must be nonsense. Instead of addressing the absurd notion more than once, truly trying to convey the truth. Apparently oblivious to insincerity in the respected replies.

Then again the whole purpose of this post was to egg 'em on again. It's late, i'll just delete this in the morning... These things seem like good ideas when it's late.

 

[Rob Blou]

About the IOSU exploit ... is it a permanent install or do we have to run it every time the wii u was powered off? If that's the case, do we need internet to run it?

 

[Bug_Checker_]

Nah, I will never do that. Cheapens the whole post. If people can not tell a genuine post from a non genuine one. They need to get used to it, otherwise in the real world if people don't obviously smirk or blurt ''just kidding!'' Then they have trained themselves to be gullible idiots. Just read and think for awhile without responding off the cuff. Not you, but these other people who were incapable of realizing Zelda had nothing to do with anything and that the suggestion was so absurd and irrelevant to the topic at hand that it must be nonsense. Instead of addressing the absurd notion more than once, truly trying to convey the truth. Apparently oblivious to insincerity in the respected replies.

Then again the whole purpose of this post was to egg 'em on again. It's late, i'll just delete this in the morning... These things seem like good ideas when it's late.

pssst, word on da street is zelda e3 demo was successful dumped by quantum 'puters. FWIW, the software was in two places @ onetime so no one noticed it <but don't say anything.>