Hacking Wii U Browser Exploit Leaked for v4.10

[Bug_Checker_]

Thanks to my obsessive code-commenting habits...

Best quote ever on documenting source code:
"Always code as if the guy who ends up maintaining your code will be a violent psychopath who knows where you live!"
John F. Woods
9/25/91

source: https://groups.google.com/forum/#!msg/comp.lang.c++/rYCO5yn4lXw/oITtSkZOtoUJ

 

[filfat]

WAIT A SECOND! isn't this a huge security flaw? Lets say that I publish this to website.com, and then someone visit that website on their Wii U, that would result in me running a ROP chain on their console... hmm...

 

[justinkb]

Yes. That's the idea. Compare with ios jailbreak via website few years ago. After jailbreaking you could actually fix the security hole that allowed the jailbreak.

 

[filfat]

Yeah, I realize that's the idea but while its great its the worst at the same time...

 

[filfat]

http://wiiu.minepocket.com/ <- for those who think the exploit is useful for them but they dont know how to setup a webserver.

 

[kimotori]

I did some playing around and a lot of pinging and what I got to block for IPs was http://pastebin.com/Sg3zEUWF
Though I'm pretty sure it was those last 3 IPs (96.17.161.145, 184.50.229.137, 184.50.229.158) that stopped the auto updates. HOWEVER: All I notice that's different is that when I click on system update, it immediately says the system is up to date every time, which means that it's not able to take the time to check, so I assume it's blocked. The reason I don't have nus.cdn.wup.shop.nintendo.net on that list is that the shitty web GUI for my router doesn't let me put in that long of a website name.

Are you sure?
What a kind of firmware you have?

(Pardon voddy)

 

[Deleted User]

thats the 4.1 exploit he/she uploaded
( oh sorry, i didnt know you were refering to the message you just quoted afterwards )

 

[WulfyStylez]

Also for what it's worth, this compiles fine with a properly set up Cygwin install on Windows.

 

[kettenschutz]

http://wiiu.minepocket.com/ <- for those who think the exploit is useful for them but they dont know how to setup a webserver.

Hey

Could you add one Domain for 403 as well?

 

[TeamScriptKiddies]

http://wiiu.minepocket.com/ <- for those who think the exploit is useful for them but they dont know how to setup a webserver.

So you set it up for noobs genius!!!!!

 

[Kargaroc]

And so all the noobs flock to that page on their Wii Us, and realize after a few minutes that it does nothing that looks interesting to them.

 

[kimotori]

ahuahuauhahuah homebrew channel!!! homebrew channel!!!! homebrew channel!!!

 

[filfat]

Yeah, that was the point so they could shut up XD

 

[Marionumber1]

ahuahuauhahuah homebrew channel!!! homebrew channel!!!! homebrew channel!!!

Not even close to that yet...

 

[TeamScriptKiddies]

It crashes the wii U successfully i can tell that much lmao. Now we just need some actual code to execute

 

[kettenschutz]

No its just not 4 noobs at all
Theres no advantage for noobs in visiting that page with the actually nonsense exploit in it

But you dont have to start xampp or whatever, and you have just 1 user who's taking care of updates and so on
So that will be an advantage for everyone that wants to play around with that exploit

Dont really understand all those hating and ranting out here...

Scriptkiddie, what fw are you running on your U?

 

[TeamScriptKiddies]

Not even close to that yet...

Think of this as the wii u's equivalent to the the "twilight hack." Once we actually have some homebrew to launch, this will need to be run every single time you want to launch an app. Far from being a homebrew channel as Mario stated hahah.

 

[filfat]

kettenschutz I created the page for non developer/hackers so they could see for themself that they have no use of this exploit yet.
However for us Revs/hackers its so useful that I can't describe it with words!

 

[FPSRussi4]

So this is the BootROM thing all over again: A step in the right direction, but regular people will assume it's the key to free games, then complain when it's useless to them.

 

[Wellington2k]

It crashes the wii U successfully i can tell that much lmao. Now we just need some actual code to execute

I'm having the same problem.
What is this supposed to accomplish in the end? I was hoping for some "Hello, World!" text.