Wii U Homebrew Situation and FAQ

Discussion in 'Wii U - Hacking & Homebrew' started by NWPlayer123, Jun 18, 2014.

Jun 18, 2014
    • Member

    NWPlayer123 New Member

    Member Since:
    Feb 17, 2012
    Message Count:
    252
    Location:
    Trapped Inside My Mind
    Country:
    United States
    So, we currently have a userspace exploit using the web browser that gives us basic code execution. This currently works on versions 4.0.0 to 5.1.0. It has access to read and write memory, the basic library functions, and that's about it. We can't access the filesystem or likewise install or change anything on it(not that we'd want to since we still have no idea how it works). You can find the exploit here.


    Frequently Asked Questions
    Q: Why can't we access the filesystem/*insert limitation here*?
    A: Since this is only a userspace exploit and we don't yet have access to the kernel, we only have access to what permissions the app, in this case the web browser, has. Since the browser has no need for accessing the filesystem or any external storage, we don't have access to that.


    Q: Is it safe to update to 5.1.1?
    A: NO. The bug itself that we use is fixed so we'll need to find another one, but until then, STAY AWAY FROM UPDATING.


    Q: What's the latest version that this exploit currently exists in?
    A: This currently works on 4.0.0 to 5.1.0. IT DOES NOT CURRENTLY WORK ON 5.1.1.


    Q: I won't want to miss out on homebrew, how can I update to 4.1.0?
    A: Mario Kart 8 comes with 4.1.0 on the disc, so go buy it (because it's not like it's a bad game), keep your system offline, and then update with the disc.


    Q: I want to update to 5.X.X but I don't want to have my system update on me. What do I do??
    A: There are two different things you can do.
    • One solution is to turn off Standby Mode, which as of 5.0.0 allows your Wii U to install updates while you're sleeping. Go into Settings and go to Power Settings, and then just turn off "Standby Functions". This does disable Quick Boot though.
    • Another solution would be to block the following URL with your router: nus.cdn.wup.shop.nintendo.net
    Q: So now that we have access to executing code on the system, what's next?
    A: Well, now we need to start tearing apart the kernel and IOSU, because we'll need both a kernel exploit and IOSU access to be able to dump the rest of the keys (including the common key which will allow us to simply download binaries off of NUS (Nintendo Update Service) and decrypt them for easy use). Then it's on to finding a possible way to install and run content off the system menu (since the Wii U checks signatures at load time as well as install time). Then we have to rework the SDK to allow for distribution for basic homebrew, and then it's all uphill from there.


    Q: What does this mean for the average user? Can we expect real homebrew in the near future?
    A: For the average person, this does nothing of significance other then it allows us access to basic functions that will allow us to see how the system works. We still need to find a kernel exploit and an IOSU exploit which will allow us full access to the system, and then we need to understand how the system works before we do anything significant.
    Last edited by NWPlayer123, Aug 5, 2014. Reason: 5.1.1 IS NOT SAFE. DO NOT UPDATE.


    • Member

    GorTesK New Member

    Member Since:
    Jan 29, 2013
    Message Count:
    442
    Country:
    Germany
    blocking "nus.cdn.wup.shop.nintendo.net" has been working for me so far since 4.0.2
    • Member

    the_randomizer The Temp's official fox whisperer

    Member Since:
    Apr 29, 2011
    Message Count:
    10,400
    Location:
    Unknown
    Country:
    United States

    I thought that was just for the eShop, I believe you need to block a range of actual IP addresses...?
    • Member

    newersumm New Member

    Member Since:
    Nov 11, 2013
    Message Count:
    219
    Country:
    Japan
    Gortesk your avatar still makes me pee in pants a little.
    Fantastic post otherwise NWPlayer! I hope all new users come here and read it.
    CosmoCortney and Fpsrussia117 like this.
    • Member

    NWPlayer123 New Member

    Member Since:
    Feb 17, 2012
    Message Count:
    252
    Location:
    Trapped Inside My Mind
    Country:
    United States
    Nah, like I've said before, nus is nintendo's update service, it has nothing to do with the eShop, AFAIK that IP block is all of the IPs that that URL can use.
    the_randomizer likes this.
    • Member

    GorTesK New Member

    Member Since:
    Jan 29, 2013
    Message Count:
    442
    Country:
    Germany
    makes all system software update downloads fail for me
    Last edited by GorTesK, Jun 18, 2014
    the_randomizer likes this.
    • Member

    the_randomizer The Temp's official fox whisperer

    Member Since:
    Apr 29, 2011
    Message Count:
    10,400
    Location:
    Unknown
    Country:
    United States

    Well, that makes sense now :P
    • Member

    JoostinOnline Certified Crash Test Dummy

    Member Since:
    Apr 2, 2011
    Message Count:
    9,224
    Location:
    The Twilight Zone
    Country:
    United States
    If it's anything like the Wii Shop Channel, then all the digital titles are also stored on NUS.
    • Member

    Fpsrussia117 New Member

    Member Since:
    Dec 1, 2013
    Message Count:
    145
    Country:
    Canada
    You should add to the title "NOOBS READ BEFORE POSTING"
    • Member

    GorTesK New Member

    Member Since:
    Jan 29, 2013
    Message Count:
    442
    Country:
    Germany
    but if I remember correctly, someone actually found an url or ip recently, that prevents the wiiu from finding any updates..... the beforementioned url only prevents the download, but what he found actually prevented the update check... was just recently either in 5.0 update tread or 4.1 exploit leak or the hacking discussion thread... lol cant remember where, but it was a couple of days ago
    • Member

    hundshamer New Member

    Member Since:
    May 22, 2009
    Message Count:
    949
    Location:
    United States
    Country:
    United States
    If you find it, that would be great to add to the OP!
    • Member

    Etkar.H New Member

    Member Since:
    Jul 26, 2009
    Message Count:
    193
    Location:
    Earth
    Country:
    Norway
    I don't know how to block URLs on my router, so I'll just turn off Standby download for now.
    • Member

    Bladexdsl ZOMG my posts...it's over 9000!!!

    Member Since:
    Nov 17, 2008
    Message Count:
    12,306
    Location:
    Queensland
    Country:
    Australia
    it is it's for getting patches, updates for eshop games.
    • Member

    GorTesK New Member

    Member Since:
    Jan 29, 2013
    Message Count:
    442
    Country:
    Germany
    • Reporter

    Qtis Grey Knight Inquisitor

    Member Since:
    Feb 28, 2010
    Message Count:
    3,213
    Location:
    Fortress Monastery Titan
    Country:
    Finland
    Modified the title a bit and stickied. NWPlayer123 if more obvious and repeating question start coming, add them in the OP :)
    • Member

    Goku Junior New Member

    Member Since:
    Dec 27, 2013
    Message Count:
    653
    Location:
    Buenos Aires, Argentina
    Country:
    Argentina
    Hi!, A little question, It would be possible to make a offline exploit in the future? Some user tell me I need to update my router with a firmware to block all the Nintendo adresses to make the Wii U don't update, but I've bricked it, so I don't have online for the web browser exploit, are some dev planning to do a non-internet exploit?

    Yeah, I know they don't have the kernel or all system access, but I'm only asking, something similar like BannerBomb with Wii, but they need to hack the Wii U Filesystem format for that...
    Last edited by Goku Junior, Jun 20, 2014
    • Member

    Marionumber1 New Member

    Member Since:
    Nov 7, 2010
    Message Count:
    256
    Country:
    United States
    There aren't really any other entry points besides the browser. The browser is the only component of the system which is based on open-source code, giving us a great advantage in finding bugs. It's also one of the only places where we can feed untrusted input, since external storage is now encrypted. There is no way to "hack" it, since storage is encrypted with a per-console key. A game-based exploit is a possibility, if there are some games that access external storage without encryption, but it's highly unlikely that such a thing will surface.
    filfat and Goku Junior like this.
    • Newcomer

    the-green New Member

    Member Since:
    Jan 14, 2014
    Message Count:
    65
    Country:
    Algeria
    thanks for the explanation & good luck in the futur
    just one question, are those leaked wii U SDK usefull for you or it doesn't since you don't have a kernel exploit yet ?
    thanks in advance for the answer
    • Member

    julialy Ehh, I'm so lazy.

    Member Since:
    Nov 26, 2012
    Message Count:
    791
    Country:
    United States
    i don't think the legit people want to use the leak.

    oh, and sdk is few help for kernel exploit.
    • Member

    Some1CP New Member

    Member Since:
    Sep 12, 2009
    Message Count:
    300
    Country:
    United States
    Sorry, but can anyone help me do this on dd-wrt? I already tried blocking addresses and IPs before and it didn't work.

Share This Page