Hacking Wii U Hacking & Homebrew Discussion

[EclipseSin]

Thanks for the post @NWPlayer123, hopefully it'll answer some users questions.

Hope things are well. Have a good Christmas everyone.

 

[zecoxao]

@Hykem or othes devs, is there any difference between the 8gb and 32gb console regarding upcoming iosu and other homebrew? I have each of one on 5.3.2 and dont now wich one i should keep. The white one has quiter fan, but only 3.5gb free space on internal storage.

with IOSU it'll be possible to use USB storage

 

[soniczx123]

If you want a better understanding of how the Wii U works, from my understanding, it's boot0 (which we've had for a while) -> boot1 (needs a special key nobody has) -> loads IOSU into the ARM processor, which starts initializing PowerPC -> Cafe OS is loaded and it starts loading the system menu. If you have access to ARM, you can skip most steps, IOSU on the ARM sets everything up, if you have access then you can do anything PowerPC side and a bunch of stuff ARM side too. Just modify memory from the ARM to add kern_read and kern_write and tada, loadiine, cafiine, tcpgecko all work. The OS isn't region specific so it should work across the board, unless it has weird buffer issues like ours does >.>
Also, since IOSU does all the hardware accessing, you can have SD and USB access in any app, access the raw data from the disc drive to dump it, and emuNAND. You *SHOULD* also be able to install your own titles then, so it can also have a permanent exploit.

So if I understand this correctly, porting loadiine, cafiine etc. to IOSU is alot simpler than what everyone is making out to be?

 

[Giodude]

Wait so is IOSU kernel or is this like the 3ds exploit?

 

[Marionumber1]

So if I understand this correctly, porting loadiine, cafiine etc. to IOSU is alot simpler than what everyone is making out to be?

Yes, IOSU-level access allows us to modify PPC kernel memory in the same way that our current PPC kernel exploits do.

 

[soniczx123]

Yes, IOSU-level access allows us to modify PPC kernel memory in the same way that our current PPC kernel exploits do.

I'll give the benefit of the doubt then and assume that @Hykem has already ported the most popular apps (sdcafiine, loadiine and tcpgecko) to IOSU-level for the release, and could be one of the causes for the one week delay along with the webkit exploit for 5.40 and 5.5.0

Of course I could be wrong though

 

[NWPlayer123]

So if I understand this correctly, porting loadiine, cafiine etc. to IOSU is alot simpler than what everyone is making out to be?

That, and I've already ported Cafiine and TCPGecko to 5.5, been using them for a while. It's all the non-standard programs I haven't poked at yet. Had to manually hack in a new version for libwiiu to compile stuff for me to use, so finding the new rop offsets for FIX's loader and dumpiine etc should be "fun". The main thing'll be undoing any spoof to correctly update to 5.5.0, should be able to just do it manually since IOSU can access the NAND. The only thing that matters for ppc kernel vs arm kernel is how to install the needed syscalls, any external programs after you do so should work fine

 

[soniczx123]

That, and I've already ported Cafiine and TCPGecko to 5.5, been using them for a while. It's all the non-standard programs I haven't poked at yet. Had to manually hack in a new version for libwiiu to compile stuff for me to use, so finding the new rop offsets for FIX's loader and dumpiine etc should be "fun". The main thing'll be undoing any spoof to correctly update to 5.5.0, should be able to just do it manually since IOSU can access the NAND. The only thing that matters for ppc kernel vs arm kernel is how to install the needed syscalls, any external programs after you do so should work fine

Is it the verison of Cafiine with SD card support?

 

[ShadowOne333]

Is it the verison of Cafiine with SD card support?

+USB

 

[NWPlayer123]

Is it the verison of Cafiine with SD card support?

No, but that shouldn't require much if any changes

 

[WulfyStylez]

Also, since IOSU does all the hardware accessing, you can have SD and USB access in any app, access the raw data from the disc drive to dump it, and emuNAND. You *SHOULD* also be able to install your own titles then, so it can also have a permanent exploit.

Just hopping in briefly to point out that so long as we don't have the boot1 "common" key, access to future system versions through emunand isn't 100% guaranteed. Basically, N can ship a boot1 update that makes some arbitrary change to IOSU ancast image decryption. This would make it impossible to have newer IOSU versions, and, and newer PPC-side stuff would likely have dependencies that older IOSU versions wouldn't support.

As it stands, IOSU maintains access to its ancast key since it's used to decrypt cafe2wii and (though i'm not sure when/if this is used on retail yet) to decrypt and reboot into another normal IOSU ancast image. If they shipped every update with IOSU and boot1 as a pair, they could have a new IOSU key for every system version. boot1 is already being updated with nearly every system update as it stands, so this wouldn't be unreasonable. If this was done, even if one version's key was leaked it wouldn't help future versions get emunand support.
Of course even if they did this, someone could sit on a private IOSU exploit/the boot1 "common" key and just release IOSU keys every update. You should hope to god this is some cool community member and not a piracy company trying to turn a profit.

tl;dr you probably won't be able to update emunand forever and whoever still has their own hax will be the only one(s) to really be able to help out with that.

 

[piratesephiroth]

Just hopping in briefly to point out that so long as we don't have the boot1 "common" key, access to future system versions through emunand isn't 100% guaranteed. Basically, N can ship a boot1 update that makes some arbitrary change to IOSU ancast image decryption. This would make it impossible to have newer IOSU versions, and, and newer PPC-side stuff would likely have dependencies that older IOSU versions wouldn't support.

As it stands, IOSU maintains access to its ancast key since it's used to decrypt cafe2wii and (though i'm not sure when/if this is used on retail yet) to decrypt and reboot into another normal IOSU ancast image. If they shipped every update with IOSU and boot1 as a pair, they could have a new IOSU key for every system version. boot1 is already being updated with nearly every system update as it stands, so this wouldn't be unreasonable. If this was done, even if one version's key was leaked it wouldn't help future versions get emunand support.
Of course even if they did this, someone could sit on a private IOSU exploit/the boot1 "common" key and just release IOSU keys every update. You should hope to god this is some cool community member and not a piracy company trying to turn a profit.

tl;dr you probably won't be able to update emunand forever and whoever still has their own hax will be the only one(s) to really be able to help out with that.

What's wrong with someone trying to make a profit?

I (and most people here) would have gladly payed for a good, Gateway-style, Wii U exploit.

 

[WulfyStylez]

What's wrong with someone trying to make a profit?

This would be pretty similar to the old trueblue situation on ps3, they could gate newer software versions behind whatever DRM they favor and cake it in obfuscation to people out.

 

[OncleJulien]

What's wrong with someone trying to make a profit?

a sentiment nintendo would surely agree with, piratesephiroth.

 

[piratesephiroth]

This would be pretty similar to the old trueblue situation on ps3, they could gate newer software versions behind whatever DRM they favor and cake it in obfuscation to people out.

It's a less restrictive DRM the the console's anyway.

a sentiment nintendo would surely agree with, piratesephiroth.

Game piracy equals to more consoles sold.
The console with the largest market base, regardless of its technology or quality, will rule the world in the end.

Or maybe you have an example of a console ruined by game piracy?
Or of a dominant gaming device with bulletproof DRM?

(They would have a serious problem if the consoles were being pirated, though)

 

[WulfyStylez]

It's a less restrictive DRM the the console's anyway.


Piracy equals to more consoles sold.
The consonle with the largest market base, regardless of its technology or quality, will rule the world in the end.

Or maybe you have an example of a console ruined by piracy?
Or of a sucessful gaming device with bulletproof DRM?

I didn't actually mean to start a debate on this, I'm just a mostly-private developer and it's a bit hard for me to filter my thoughts on people profiting on piracy.
The actual more concerning thing here is that until boot1's ticket decryption key is in the wild, Nintendo has the ability to lock people out of newer system software versions. It's very similar to the (public) state of the new3ds at the moment, for those who are familiar with that.

 

[75mak]

Team twizzers couldn't get the boot1 common key... I doubt anyone would have it privately...???

Especially doubt they would just sit on it. Either it would be "leaked" or "waiting to be sold" to some Chinese "gatewayesque" company

 

[VinsCool]

uh, hey guys, I am experiencing a very annoying issue.

I used NNU patcher to access Eshop. I got Mario Maker, but I cannot download it. The update is above it. Even if I try to prioritize it, it wouldn't download.

Any trick to get rid of update nag, to actually download my game?

 

[CosmoCortney]

uh, hey guys, I am experiencing a very annoying issue.

I used NNU patcher to access Eshop. I got Mario Maker, but I cannot download it. The update is above it. Even if I try to prioritize it, it wouldn't download.

Any trick to get rid of update nag, to actually download my game?

click the update thingy shown there and delete it. then click on the mario maker download and click "download first"

 

[VinsCool]

click the update thingy shown there and delete it. then click on the mario maker download and click "download first"

I can't.
It only shows "error" (considering that my wiiu is on parental control)

It's rather weird, I already got stuff from eshop just fine a month ago with NNU