Wii U Homebrew Situation and FAQ

Discussion in 'Wii U - Hacking & Homebrew' started by NWPlayer123, Jun 18, 2014.

Jun 18, 2014
    • Member

    NWPlayer123 GBAtemp Maniac

    Joined:
    Feb 17, 2012
    Posts:
    1,179
    Location:
    The Everfree Forest
    Country:
    United States
    NOTE: MAY BE OUT OF DATE. PLEASE CHECK HERE TOO
    Currently, we have a userspace exploit that can be compiled and run via the Internet Browser. It currently works on versions 4.0.0 to 5.1.0. This isn't very useful at all for anyone who isn't a developer, however. All it allows is basic code execution, including access to certain parts of memory (assuming it isn't protected) and basic library functions. We cannot access anything the browser cannot access, such as an SD card. You have to run the exploit every time you want to do something. You can find the exploit here.

    Frequently Asked Questions
    Q: How do I install the Homebrew Channel?
    A: Wrong place to be looking, you're thinking of the sandboxed vWii (virtual Wii). For more info go here and here.

    Q: What is this?
    A: As mentioned before, it's an exploit that uses a bug in the (very old) version of WebKit that Nintendo is using for the Internet Browser to execute our code.

    Q: What is "Userspace" and what can I do with it?
    A: Userspace allows for basic access to running code, and accessing memory. You cannot access anything the original program cannot access. For example, you cannot access the SD card since the browser doesn't have access to that.

    Q: Why doesn't it work on anything after 5.1.0?
    A: We only ever found and developed one bug, and (I assume) Nintendo caught wind of the bug and patched it in 5.1.1. We would have to find another exploitable bug and develop it to run code on the latest version, which is being looked into.

    Q: What's the latest version the exploit works on?
    A: See above answer, it works on 4.0.0 through 5.1.0, and there are 3 separate versions for 4.0.X, 4.1.0 and 5.X. It was first made for 4.1.0 and then later back-ported to 4.0.X, since some addresses had changed. Later, the update that added the Quick Boot Menu (5.0.0) changed the code structure enough that we had to blindly find our addresses again and rebuild the ROP chain to get code execution again.

    Q: I don't want to miss out on potential homebrew, how should I update to a safe version?
    A: If you don't care about running code right now, feel free to update to the latest version. We are currently looking into more Webkit bugs to exploit that work on the latest version.
    If you do care about running code, try to find Mario Kart 8 version A (look at the serial on the back) which should have 4.1.0, or if that doesn't work out look for NES Remix Pack which has 4.0.2.

    Q: I want to update to the latest version but I don't want to miss out, am I safe in doing so?
    A: Feel free to update if you don't care about running code right now, a new Webkit bug is being looked into.

    Q: Should I be looking for a specific version Wii U?
    A: No, we're working on a new Webkit exploit that should work on all versions. Even if you update, you're still fine.

    Q: If I want to block Nintendo's updates, what should I block?
    A:
    • nus.c.shop.nintendowifi.net
    • nus.cdn.c.shop.nintendowifi.net
    • nus.cdn.shop.wii.com
    • nus.cdn.wup.shop.nintendo.net
    • nus.wup.shop.nintendo.net
    Q: I haven't heard anything in a while, when can we expect to see progress?
    A: I'm occasionally posting progress in this thread, so look there for any news.
    Last edited by NWPlayer123, Apr 6, 2015


    • Member

    GorTesK Mad Hatter

    Joined:
    Jan 29, 2013
    Posts:
    1,101
    Location:
    Down The Rabbit Hole
    Country:
    Germany
    blocking "nus.cdn.wup.shop.nintendo.net" has been working for me so far since 4.0.2
    Margen67 likes this.
    • Member

    the_randomizer The Temp's official fox whisperer

    Joined:
    Apr 29, 2011
    Posts:
    13,580
    Location:
    Unknown
    Country:
    United States

    I thought that was just for the eShop, I believe you need to block a range of actual IP addresses...?
    • Member

    newersumm GBAtemp Fan

    Joined:
    Nov 11, 2013
    Posts:
    372
    Country:
    Japan
    Gortesk your avatar still makes me pee in pants a little.
    Fantastic post otherwise NWPlayer! I hope all new users come here and read it.
    CosmoCortney and Fpsrussia117 like this.
    • Member

    NWPlayer123 GBAtemp Maniac

    Joined:
    Feb 17, 2012
    Posts:
    1,179
    Location:
    The Everfree Forest
    Country:
    United States
    Nah, like I've said before, nus is nintendo's update service, it has nothing to do with the eShop, AFAIK that IP block is all of the IPs that that URL can use.
    Margen67 and the_randomizer like this.
    • Member

    GorTesK Mad Hatter

    Joined:
    Jan 29, 2013
    Posts:
    1,101
    Location:
    Down The Rabbit Hole
    Country:
    Germany
    makes all system software update downloads fail for me
    Last edited by GorTesK, Jun 18, 2014
    Margen67 and the_randomizer like this.
    • Member

    the_randomizer The Temp's official fox whisperer

    Joined:
    Apr 29, 2011
    Posts:
    13,580
    Location:
    Unknown
    Country:
    United States

    Well, that makes sense now :P
    • Member

    JoostinOnline Certified Crash Test Dummy

    Joined:
    Apr 2, 2011
    Posts:
    9,945
    Location:
    The Twilight Zone
    Country:
    United States
    If it's anything like the Wii Shop Channel, then all the digital titles are also stored on NUS.
    • Member

    FPSRussi4 Clean up your act and cut the crap.

    Joined:
    Dec 1, 2013
    Posts:
    656
    Country:
    Laos
    You should add to the title "NOOBS READ BEFORE POSTING"
    • Member

    GorTesK Mad Hatter

    Joined:
    Jan 29, 2013
    Posts:
    1,101
    Location:
    Down The Rabbit Hole
    Country:
    Germany
    but if I remember correctly, someone actually found an url or ip recently, that prevents the wiiu from finding any updates..... the beforementioned url only prevents the download, but what he found actually prevented the update check... was just recently either in 5.0 update tread or 4.1 exploit leak or the hacking discussion thread... lol cant remember where, but it was a couple of days ago
    • Member

    hundshamer GBAtemp Maniac

    Joined:
    May 22, 2009
    Posts:
    1,131
    Location:
    United States
    Country:
    United States
    If you find it, that would be great to add to the OP!
    • Member

    Etkar.H GBAtemp Regular

    Joined:
    Jul 26, 2009
    Posts:
    196
    Location:
    Earth
    Country:
    Norway
    I don't know how to block URLs on my router, so I'll just turn off Standby download for now.
    • Member

    Bladexdsl ZOMG my posts...it's over 9000!!!

    Joined:
    Nov 17, 2008
    Posts:
    13,153
    Location:
    Queensland
    Country:
    Australia
    it is it's for getting patches, updates for eshop games.
    • Member

    GorTesK Mad Hatter

    Joined:
    Jan 29, 2013
    Posts:
    1,101
    Location:
    Down The Rabbit Hole
    Country:
    Germany
    • Reporter

    Qtis Grey Knight Inquisitor

    pip
    Joined:
    Feb 28, 2010
    Posts:
    3,536
    Location:
    The Forge
    Country:
    Antarctica
    Modified the title a bit and stickied. NWPlayer123 if more obvious and repeating question start coming, add them in the OP :)
    • Member

    Goku Junior GBAtemp Advanced Fan

    Joined:
    Dec 27, 2013
    Posts:
    807
    Location:
    Buenos Aires, Argentina
    Country:
    Argentina
    Hi!, A little question, It would be possible to make a offline exploit in the future? Some user tell me I need to update my router with a firmware to block all the Nintendo adresses to make the Wii U don't update, but I've bricked it, so I don't have online for the web browser exploit, are some dev planning to do a non-internet exploit?

    Yeah, I know they don't have the kernel or all system access, but I'm only asking, something similar like BannerBomb with Wii, but they need to hack the Wii U Filesystem format for that...
    Last edited by Goku Junior, Jun 20, 2014
    • Member

    Marionumber1 GBAtemp Advanced Fan

    Joined:
    Nov 7, 2010
    Posts:
    593
    Country:
    United States
    There aren't really any other entry points besides the browser. The browser is the only component of the system which is based on open-source code, giving us a great advantage in finding bugs. It's also one of the only places where we can feed untrusted input, since external storage is now encrypted. There is no way to "hack" it, since storage is encrypted with a per-console key. A game-based exploit is a possibility, if there are some games that access external storage without encryption, but it's highly unlikely that such a thing will surface.
    Margen67, filfat and Goku Junior like this.
    • Newcomer

    the-green Advanced Member

    Joined:
    Jan 14, 2014
    Posts:
    71
    Country:
    Algeria
    thanks for the explanation & good luck in the futur
    just one question, are those leaked wii U SDK usefull for you or it doesn't since you don't have a kernel exploit yet ?
    thanks in advance for the answer
    • Member

    julialy Ehh, I'm so lazy.

    Joined:
    Nov 26, 2012
    Posts:
    947
    Country:
    United States
    i don't think the legit people want to use the leak.

    oh, and sdk is few help for kernel exploit.
    • Member

    Some1CP GBAtemp Fan

    Joined:
    Sep 12, 2009
    Posts:
    332
    Country:
    United States
    Sorry, but can anyone help me do this on dd-wrt? I already tried blocking addresses and IPs before and it didn't work.

SPONSORED LINKS
 

Share This Page