Hacking Wii U Hacking & Homebrew Discussion

[YugamiSekai]

is there one for anything above 3.1.0?

I don't think there is but the team is mainly focusing on IOSU currently.

 

[EclipseSin]

@gamesquest1 I have, I just get tired of the negativity and the impression it might leave on other users. Dude's like Sark, so I guess I'm Tron.

 

[Reecey]

i get the impression you haven't came across the randomizer before

That's what I like about him, tells it how it is, no beating around the bush without being too flippant! Just how I like it

 

[gamesquest1]

That's what I like about him, tells it how it is, no beating around the bush! Just how I like it

yeah like proper logical like, snes rom injection doesnt work 100% so everything is pointless we should all just give up

 

[ldeveraux]

So guys, any news about the firmware spoofing already? I'd really want to give Mario Maker a try already but I'm still on 5.3.2 and I have to download it from the eShop, but won't matter anyways because that game sure brings an updater with it...

Check that thread, not this one

 

[Reecey]

yeah like proper logical like, snes rom injection doesnt work 100% so everything is pointless we should all just give up

it is all in good humor though.

Edit: Exploit don't work, it crashed first time, give up!!!

 

[FR0ZN]

@Marionumber1 I recently saw one of your posts here you mentioned that FW 4.1.0 and 5.0.0 have WebKit exploits which are more stable?
Is there any place I can read up which FW has the most stable userspace exploits? Or can you quickly say what's actually unstable about the 5.3.2 userspace exploit?

I found a list here of what FW has which option for exploitation, but I thinks it's a bit wrong here and there?

http://rhcafe.us.to/

I see a lot FW version in the userspace section which are nowhere mentioned inside the OSDriver src on git? Or do some FWs share the same kernel adresses?
And what about the "unstable" note for the kernel exploit on 5.3.2 ? According to the list the kernel exploit is stable for any other FW below 5.3.2 ???

I'm confused

 

[YugamiSekai]

@Marionumber1I found a list here of what FW has which option for exploitation, but I thinks it's a bit wrong here and there?

http://rhcafe.us.to/

Just bookmarked it. I'm also seeing something about a 5.4.0 Kernel Exploit that isn't private... Would anyone care to explain?

 

[Bruno Nakayasu]

I'm also seeing something about a 5.4.0 Kernel Exploit that isn't private... Would anyone care to explain?

it's the same as the 5.3.2 one, but there is no way to run it, at least publicly since the webkit exploit is not release for that firmware yet

 

[FR0ZN]

Just bookmarked it. I'm also seeing something about a 5.4.0 Kernel Exploit that isn't private... Would anyone care to explain?

The kernel exploit for 5.4.0 is the current exploit which also works on 5.3.2.
The Problem here is, that we have no public way to execute it through a userspace wxploit (webkit exploit), so peeps are currently awaiting it.

NWPlayer mentioned the current situation here: https://gbatemp.net/threads/wii-u-hacking-homebrew-discussion.367489/page-552#post-5669495

 

[xXDungeon_CrawlerXx]

Just bookmarked it. I'm also seeing something about a 5.4.0 Kernel Exploit that isn't private... Would anyone care to explain?

True, there's a Kernel Exploit for 5.4.0 and 5.5.0 already but you're not able to use them.
Why? Because you need to use the userland-Exploit first, which isn't public yet.

 

[oumoumad]

Just bookmarked it. I'm also seeing something about a 5.4.0 Kernel Exploit that isn't private... Would anyone care to explain?

True, there's a Kernel Exploit for 5.4.0 and 5.5.0 already but you're not able to use them.
Why? Because you need to use the userland-Exploit first, which isn't public yet.

I no think there is a public 5.5.0 kernel exploit. The main reason the last kernel exploit was released is because it was patched on 5.5.0

 

[NWPlayer123]

Guess I'll post some more stuff
The first kernel exploit we made, the OSDriver one, theoretically works on 1.0 to 5.4.0, and was patched in 5.5.0, which was why it was released. There's another one made a while ago that works on 5.3.2-5.5.0, but I'm not sure how far back it can go. There's also several Webkit exploits, one that was made for 4.0.0-5.1.0 or something and I think Hykem backported it to 3.0.0+, a new one that works up to 5.3.2 (the one everyone's using), and then a new one that is confirmed working on 5.4.0 and 5.5.0.
Also, if you want to get TCPGecko and Cafiine working at the same time, you'll need to do several things. Not sure what FIX's changes do since my brain's out of it today, but basically when the kernel exploit maps stuff, it's mirrored into 0xA0000000. What this means, in I think 5.3.2+, coreinit's loaded in at 0x101C400 (it's "base"), and this
https://github.com/wiiudev/pyGecko/...fcb8222cb86b4c420bb598/installer/loader.c#L50
just patches a bctrl right before exiting in its start function, this one

Spoiler

which, when initialized by a game, it'll run the start function, and then the PowerPC instruction we install will jump to TCPGecko's codehandler we install at 0xA11DD000. Then those other 2 instructions patch nsysnet, don't remember exactly what. Since Cafiine just hooks into the functions, it doesn't need to be run, it'll run when the normal functions are ran, and it's initialized with FSInit. So all you'd need to do is move Cafiine back from 0xA11DCC00 to however far back you're able to move it, and then edit the address the TCP codehandler installs at and the instruction that jumps to it. Leave the 0xA101C55C intact. Also, that screenshot is from 5.5.0, 55C is correct for 5.3.2 and 5.4.0, and it's 56C on 5.5.0.

 

[YugamiSekai]

True, there's a Kernel Exploit for 5.4.0 and 5.5.0 already but you're not able to use them.
Why? Because you need to use the userland-Exploit first, which isn't public yet.

and then a new one that is confirmed working on 5.4.0 and 5.5.0.

Well I guess my question is answered...

 

[OncleJulien]

@gamesquest1 I have, I just get tired of the negativity and the impression it might leave on other users.

i think it's totally bollocks there there's no detailed tutorial on how to interact with that guy...but i guess we're all totally screwed forever until such time as someone never makes one ever - thanks holier-than-thou hoarding devs!

 

[the_randomizer]

anyway, after digging, vc injection is not as bad as it seemed to be.

Have you tested Snes games by chance? We think the config files are buried within the exe or wrapper that the ROMs use, curious to see what makes them hard-coded to run X games.

i get the impression you haven't came across the randomizer before

It's nice to know that I'm so loved around here. I should learn how to program and port emulators (Snes9x 1.53, PCSX-R, DeSmuME and so on) over to the Wii U out of spite

 

[gamesquest1]

Have you tested Snes games by chance? We think the config files are buried within the exe or wrapper that the ROMs use, curious to see what makes them hard-coded to run X games.


It's nice to know that I'm so loved around here. I should learn how to program and port emulators (Snes9x 1.53, PCSX-R, DeSmuME and so on) over to the Wii U out of spite

wouldn't be gbatemp without you to put a dampener on things XD

anyways im just messing about, some people try to focus on the positive, others dont, not like everyone can be in high spirits all of the time

 

[galneon]

So...no emulators are ever gonna happen? Guess we're stuck with the largely unsuccessful VC injections then We all know how well that went last week. Damn hard-coded emulators.

"Ever"? That's a bit short-sighted for someone who has been here for a few years. There will likely be additional exploits discovered, and there will certainly be new capabilities realized from exploits we already have.

 

[EclipseSin]

Like og Ninjhax eventually leading to things smea doesn't support.

 

[Ericzander]

This is great news! Unfortunately, my console auto updated recently (my fault, I moved the console to a different location). In the other thread @golden45 said that he is only working on 5.3.2 but it shouldn't be hard to port. Does that mean it should be portable to the latest version?