There's nothing wrong with using the browser exploit to trigger a more advanced exploit, like PPC kernel or IOSU. It's not terribly inconvenient, stays applied as long as the system is on, and does not leave (any obvious) evidence of hacking on the system.
Hacking WiiU Dev Kit
- Thread starter coolshrimp
- Start date
- Views 14,337
- Replies 51
- Likes 3
There's nothing wrong with using the browser exploit to trigger a more advanced exploit, like PPC kernel or IOSU. It's not terribly inconvenient, stays applied as long as the system is on, and does not leave (any obvious) evidence of hacking on the system.
- Joined
- Jul 7, 2010
- Messages
- 3,882
- Trophies
- 2
- Location
- /dev/random
- Website
- www.gudenau.net
- XP
- 5,379
- Country
I said no obvious evidence. A completely new channel will probably stick out, bookmarks do not.
- Joined
- Jul 7, 2010
- Messages
- 3,882
- Trophies
- 2
- Location
- /dev/random
- Website
- www.gudenau.net
- XP
- 5,379
- Country
I could tell, sadly, I seem too serious all the time.
Yes, lol, relax and good work by the way. Other than the browser there is no other way to do this right? Not unless there was a boot exploit to allow like a bootmii, correct? Absolutely no way to start in vWii and go from there? Smash has SD card access BUT, not to go full TSK here, there is no way to use that route without more keys. Such as being able to take a file, modify it, then get Smash to load it and go at it like this? I read and have an imaginati9n only. Forgive me if this is child talk, lol.
Not practically, no. The browser is the best bet in any situation, it's not all that worth trying to find other entrypoints (at least at this point in time).
the sound that you just heard was the concept of hubris imploding.
Because once decrypted then decompressed you have the ability to read everything.
Encryption prior to compression is also stupid.
Encryption during compression makes things much harder. (damn near impossible)
Fortunately this method is rarely found.
webkit exploits and kernel exploits are subject to patches. Keep in mind as long as there is power to console the first os is booted....(yes first the controller)
Ray Lewis:
We never made claims before. Just videos and screenshots of communications. The fact that in some screenshots there were windows server 2003 was because that was my pc. (windows 7 uses server 2003) The fact "Marcan and others" googled countless lines in my screenshot and came up with only that part is amazing.
No matter, was just trying to show the op what to look for. You guys turned this into a credibility thing.
Also at mn1 and at nw and everyone else. I wasn't trying to downplay you guys. Just throwing out that a webkit exploit should never be a final finished product. And am assuming most people think that the webkit exploit is how homebrew will launch. And if it is (I really hope that's not as far as you are going) it will be short lived.
Constant cat and mouse. Update after update. Possible complete replacement of browser via update.
The ability to do random checks on all consoles and if active the visibility of it all. Rumor has it the big N is writing proprietary web browser. Would be a shame to see everyone update thinking it's ok only for things you didn't see to already exist within the os just waiting to be triggered.
Maybe they give up and bring a new console out. Or maybe (more likely with nintendo) they fight you to the bitter end. Only difference from the wii is they have more control of the OS.
Hope you are ready for a fight. (either with the N or with users who dl)
Anyway, I have things to do. And I'm sure you do to. If you don't agree then lets agree to disagree for now.
-TeAm_FaTaL out (for a good while at least
)This can also happen to vulnerabilities that allow us to install stuff.
It's much easier to check for unsigned code being installed than it is to definitively identify the use of a browser exploit.
I highly doubt they're writing their own web browser, given how much work that would require. WebKit has taken several years to get to where it is now. Where did you actually see this rumor?
I do have a plan to prolong our exploit ability, based on what fail0verflow did back on the Wii. It involves having multiple browser and kernel exploits, and stockpiling a few before release.
Constant cat and mouse. Update after update. Possible complete replacement of browser via update.
The ability to do random checks on all consoles and if active the visibility of it all. Rumor has it the big N is writing proprietary web browser. Would be a shame to see everyone update thinking it's ok only for things you didn't see to already exist within the os just waiting to be triggered.
Maybe they give up and bring a new console out. Or maybe (more likely with nintendo) they fight you to the bitter end. Only difference from the wii is they have more control of the OS.
Hope you are ready for a fight. (either with the N or with users who dl)
Anyway, I have things to do. And I'm sure you do to. If you don't agree then lets agree to disagree for now.
-TeAm_FaTaL out (for a good while at least
I understand where your coming from as far as the "cat and mouse" game goes, that makes sense. However, if you hack into any modern device you run into that issue as everything is fully updateable now. Make a exploit, it gets patched, and so on and so forth, but what Marionumber1 and others are doing is truly amazing and will make homebrew do able on the Wii U. People played cat and mouse on the original Wii and the'll do it on the U as well. Heck thats half the fun of it all, "beating the system."
The only way I see of "permanently" exploiting any system is to replace the OS entirely so no official updates could ever occur. Exploit the console, to flash it with a custom OS that bypasses all other security checks when the console fires on and basically hijacks it to gain control (like the original JTAG hack for 360 with XELL only). The main problem with something like that is one would lose the ability to play their games entirely (outside of emulators etc) and nobody wants that....
Games are expensive and people arent going to want to turn their $60 (US) games into frisbees just for the sake of homebrew.
I also disagree with your statements about using the browser as an entry point. Webkit is super buggy (plus Nintendo uses outdated versions to boot
), and its also open source ( a good chunk of it anyways )look at pcs for example....how do like 99.9% of viruses get into a person's computer? through a broswer exploit! Thats exactly what MN1 et al are doing to get unsigned code running (except in this case, its intentional and not with mal-intent.)
As I've said, fatal error has not given proof. Nintendo will patch it. The 3ds is a good example of running what you want to run. Basically a virtual nand right? You can "update " your virtual nand and not touch your actual os, right? I've glanced at the 3ds info but am probably misunderstanding something.I understand where your coming from as far as the "cat and mouse" game goes, that makes sense. However, if you hack into any modern device you run into that issue as everything is fully updateable now. Make a exploit, it gets patched, and so on and so forth, but what Marionumber1 and others are doing is truly amazing and will make homebrew do able on the Wii U. People played cat and mouse on the original Wii and the'll do it on the U as well. Heck thats half the fun of it all, "beating the system."
The only way I see of "permanently" exploiting any system is to replace the OS entirely so no official updates could ever occur. Exploit the console, to flash it with a custom OS that bypasses all other security checks when the console fires on and basically hijacks it to gain control (like the original JTAG hack for 360 with XELL only). The main problem with something like that is one would lose the ability to play their games entirely (outside of emulators etc) and nobody wants that....
Games are expensive and people arent going to want to turn their $60 (US) games into frisbees just for the sake of homebrew.
I also disagree with your statements about using the browser as an entry point. Webkit is super buggy (plus Nintendo uses outdated versions to boot
look at pcs for example....how do like 99.9% of viruses get into a person's computer? through a broswer exploit! Thats exactly what MN1 et al are doing to get unsigned code running (except in this case, its intentional and not with mal-intent.)
The 360 had the jtag.and rgh. The rgh was great and the dual nand solution was great also. I am shocked that there is no definitive guide to reading/writing the Wii U emmc/nand. Maybe Marcan commented BUT I cannot recall anyone saying there was some security like an effective setup to prevent downgrading. The 3ds is my point of reference. Read a 6.2 nand and then you can downgrade to it as it was signed.
Anyway, it is a safer method to avoid installing anything on the Wii U. Unless there was a bootmii and/or way to hardware flash...and avoid being banned if Nintendo has ways to detect such setups, then installing anything is silly. The 3ds emunand setup is the most logical way to progress. Instead of a cart though, we have the browser. Edit for grammar and to point out that mn1 responded in a very measured way to fatal error.
What, in excruciating detail, is the functions performed with the dev-kit, and how does it differ from a debug console like the NPDP vs NR-Reader? I always thought the actual coding was done on a computer.
Not when you control the os. (answer to first part)
(answer to second part) Well it's only a rumor because I am not posting the email from NOA. Something along the line of: To all developers, NOA (Nintendo of America) would like to put to rest the growing concern of loss of income due to piracy. NOA has countermeasures in place to handle such situations. NOA has been in development stages since 5-2-2013 of a proprietary web agent that will prevent the issue in question. Furthermore NOA has partially installed new web agent with the latest firmware update (5.3) and can be activated should a problem arise.
It's worded a lot better than that but you get the gist.
Don't belive me? Ask someone else that is a legitimate developer.
That email came 2 days after 5.3 update came. All I'm saying is you don't see things patched with current firmware because they aren't intentionally.
Once these consoles are connected online to game servers the fun will begin.
I'll look through my email folders later to see if I still have that email. Nintendo has a full team on staff to combat this issue. Just remember when you feel you've gotten ten steps ahead plan on them being a half a mile in front.
but its always been cat and mouse with every console hacking scene. so not really anythin new there. the idea is to gain access to the console is it not? so i dunno why the negativity on the web browser. its the first in so its still a success. i doubt anyone else would do a much better job at it!!
[12:20:53] <MasterF0x> Well, first off, it depends on where the developer registered at
[12:21:10] <MasterF0x> The Web Framework site
[12:21:14] <MasterF0x> Or Wario World
[12:21:32] <MasterF0x> But I can tell you that I don't see an e-mail, that's for sure
[12:24:36] <MasterF0x> If he's a developer from the developer site, he's lying
[12:24:52] <MasterF0x> If he's from Wario World, I'm not sure
Also, NUS says otherwise, there's not nearly enough data changed to be able to warrant that.
Of course, if that is true, we're not going down without a fight
I don't know masterfox. However, fatal error has been proven to be a farce. "I'll show you proof but...." If it was a general email not tailored to anyone in particular then redact YOUR info and post it. Wait...you'll say you lost it. Fatal is a person seeking attention. After being thoroughly refuted by Marcan and others who PROVEN EXPERTS fatal went silent. Suddenly for some reason they come back around.[12:20:53] <MasterF0x> Well, first off, it depends on where the developer registered at
[12:21:10] <MasterF0x> The Web Framework site
[12:21:14] <MasterF0x> Or Wario World
[12:21:32] <MasterF0x> But I can tell you that I don't see an e-mail, that's for sure
[12:24:36] <MasterF0x> If he's a developer from the developer site, he's lying
[12:24:52] <MasterF0x> If he's from Wario World, I'm not sure
Also, NUS says otherwise, there's not nearly enough data changed to be able to warrant that.
Of course, if that is true, we're not going down without a fight
Post solid proof or run along fatal wit your top secret hacks, boot exploits, ode, private key, etc. People often quote Ronald Reagan; "Tryst but verify." I don't trust you and you give nothing to verify. I suspect you might even be a dupe/troll account.
If what@FaTaL_ErRoR is true it wont be the end of the world. Sure it will make things harder but it wont stop homebrew, just slow it down .
Can any legit devs confirm fatal's statement? We must have some others kicking around with official developer status of sorts....
.Can any legit devs confirm fatal's statement? We must have some others kicking around with official developer status of sorts....
Similar threads
