Hacking Wii U Hacking & Homebrew Discussion

[wj44]

OK. What about memory allocation and static data limit?

We can allocate memory(OSAllocFromSystem,MEMFreeToDefaultHeap,MEMAllocFromDefaultHeapEx,MEMAllocFromDefaultHeap)(MEM 1 has enough memory)(There's a mem map http://wiiubrew.org/wiki/Cafe_OS).
32 Kbytes without elf loader.

 

[Vision62913]

Hum maybe because of the lack of games? BigN just seems to sit on their asses with their wiiU..first they didnt took time to make a proper sdk for devs, then they reports or cancel their top games.. and no freaking video/muzz player!..
..BigN was extremely disapointing with their WiiU..rather play nes fames then games with empty content.. anyway.. no new zelda..no metroid.. but i guess for new kids on wiiU its okay.. but paying 74$ for games without content meh..

We have good enough games so far. Unless that quote was before everything was revealed.

 

[ddrrmm]

I actually agree with him, wiiu has been a major disappointment and nintendo should be ashamed of themselves how they handled it and how they have treated the wiiu users.

 

[puss2puss]

We have good enough games so far.

Loll please..dont make me laugh!
you see, thats the difference between someone who thinks "well, better then nothing" and someone who thinks "they actually could have made better!"
They make game ripoffs and they lack features on their console..i always loved ninti, but its a fact that the wiiU is disapointing.. oh but yah sure, some games are worth playing..just not worth paying 74$

 

[Jacobeian]

We can allocate memory(OSAllocFromSystem,MEMFreeToDefaultHeap,MEMAllocFromDefaultHeapEx,MEMAllocFromDefaultHeap)(MEM 1 has enough memory)(There's a mem map http://wiiubrew.org/wiki/Cafe_OS).
32 Kbytes without elf loader.

What would an ELF loader change?
From my understanding, an ELF loader is copying code/data sections to memory then jump to code entry point for executing a program.
If you are limited to access 32K of memory, how would you load anything bigger?
And where can you load the ELF from? SD? USB? Are they even accessible in current User Mode state?

 

[Vision62913]

About the Wii U hacking thing, I'd love to give it a whirl. Doing simple stuff like finding unused artifacts, changing a bit of code, and messing around in general is fun as hell for me. But I'm pretty sure I have no chance of getting it before release, even if I can proof that you people can trust me.

You can test me if you want.

 

[wj44]

What would an ELF loader change?
Do you mean it's possible in User Mode to access RAM and copy ELF code/data sections to memory (which area? MEM1? others?) then jump to code entry point for executing any program?
If so, where can you load the ELF from? SD? USB? Are they accessible in current User Mode state?

You can make bigger apps.
Yes, copy the elf into the mem (MEM1) and jump to it.
SD(maybe?) and Network. Yes.

 

[Marionumber1]

You can make bigger apps.
Yes, copy the elf into the mem (MEM1) and jump to it.
SD(maybe?) and Network. Yes.

Not to mention the 32MiB JIT for storing code and rodata sections.

 

[BENETNATH]

So, let's suppose that an elf loader appears and that memory restrictions is not more a restrain, what would be a good starting point to work on ?
i mean, which language and toolkit should be used ? and how much effort would it take to convert things like emulators and other things on the wii U ?
We need a toolchain for compilation i guess, what is currently availble.

Except from Unity3D and scratch, i've never dev, but i'd love to make some simple trials with a bit of example and sources to learn (yes, i've yet crawled a bit the lib on WiiU but i did not find so many additional resources to handle GFX, sounds etc.

 

[Jacobeian]

You can make bigger apps.
Yes, copy the elf into the mem (MEM1) and jump to it.
SD(maybe?) and Network. Yes.

Ok, so the 32KB limit is only the max size of executable being loadable trough the web browser (maybe with static / BSS sections included) but executable loaded via the current exploit could in theory dynamically allocate up to 32MB (or quite) in MEM1 for its own use?

 

[Coto]

Ok, so the 32KB limit is only the max size of executable being loadable trough the web browser (maybe with static / BSS sections included) but executable loaded via the current exploit could in theory dynamically allocate up to 32MB (or quite) in MEM1 for its own use?

ROP can call symbols and load different API methods so you can copy data over whatever memory is available (not protected by MMU?), then jump there I suppose (user->kernel mode)

 

[FIX94]

Ok, so the 32KB limit is only the max size of executable being loadable trough the web browser (maybe with static / BSS sections included) but executable loaded via the current exploit could in theory dynamically allocate up to 32MB (or quite) in MEM1 for its own use?

the problem I ran into is that yes, they are 32MB for code alone usable, but there is nearly no memory for writable data on 5.3.2, its like maybe 1MB. On my 3.1.0 though I can easly use like over 300MB for writable data without any crashings or issues.

 

[JaceCearK1]

There's 1GB memory for games and 1GB for system software.
What needs to be done to get access to the "game RAM"?

 

[Vision62913]

I'm probably just begging like an idiot here, but can I please have a chance on using that exploit? Test me however you want.

 

[anon123857438]

If they wanted random people on the internet to have the exploit they'd have released it already, you're just making yourself look stupid by constantly asking and acting like you have no idea what you're doing.

 

[Vision62913]

If they wanted random people on the internet to have the exploit they'd have released it already, you're just making yourself look stupid by constantly asking and acting like you have no idea what you're doing.

I get your point, but I want an answer from a member.

 

[puss2puss]

I think they would agree to share it with you, and to give you a foot massage too..

 

[Vision62913]

I think they would agree to share it with you, and to give you a foot massage too..

Hahaha. Good one.

--------------------- MERGED ---------------------------

Not sure why people reply in a dickish manner here.

 

[BENETNATH]

Hahaha. Good one.

--------------------- MERGED ---------------------------

Not sure why people reply in a dickish manner here.

may be they are fed up with brainless enquiries like "give me your work because i'm a good boy that you don't know, and i promise i will keep it for me"

 

[Dantarion]

I've been making great progress on a lot of neat things, my exception handler can now be used to create ghetto breakpoints. It still lacks some features, but I am aiming to overhaul thecodehandler that handles all the WiiU<->PC connectivity in the next few days.