Hacking Wii U Hacking & Homebrew Discussion

[Marionumber1]

So you got SMP working in U mode? Its just a matter of getting timing down, if i understood that correctly?

This is exciting <3....

Hykem must be helping you with running code on the starbuck (for the race attack)

It's not the Boot ROM race attack. It's one in the Cafe OS userspace, which allows us to reorganize kernel memory in a way that gives us more control.

 

[dashkiller]

Glad I didn't update my WiiU in ages

 

[JVC2]

Glad I didn't update my WiiU in ages

That risk has already been cleared by the most part,for the end user is isnt necessary to keep on older FW since the exploit still works on the newest FW,only that the way to run it is still yet to be done but should follow shortly after the exploit has been released if not almost with it hopefully.

Also props for the update on the situation guys hope you achieve the final product soon.

 

[Ray Lewis]

People should be thankful for any updates at all. Good job nw, hykem, and mn1.

 

[elmoemo]

Good timing as looks like I'll be getting a Wii u this month

 

[TeamScriptKiddies]

It's not the Boot ROM race attack. It's one in the Cafe OS userspace, which allows us to reorganize kernel memory in a way that gives us more control.

So SMP in U mode would still require an IOSU exploit to run code (race attack code) on the starbuck, much like in vWii mode, correct?

Also keep up the amazing work guys! <3

 

[Marionumber1]

So SMP in U mode would still require an IOSU exploit to run code (race attack code) on the starbuck, much like in vWii mode, correct?

Also keep up the amazing work guys! <3

In Wii U mode, you're always running with SMP enabled. The kernel exploit itself took advantage of SMP, running code on all 3 cores at the same time.

 

[IbbyPlays]

In Wii U mode, you're always running with SMP enabled. The kernel exploit itself took advantage of SMP, running code on all 3 cores at the same time.

So is the race attack kind of like using the three cores to DDOS the kernel restrictions?

 

[Marionumber1]

So is the race attack kind of like using the three cores to DDOS the kernel restrictions?

It's basically having two CPUs inserting something into kernel memory while another CPU is doing an operation, altering that operation in a way that benefits us.

 

[OncleJulien]

Good timing...

thats it exactly.

 

[IbbyPlays]

Just checking, blocking nus.cdn.wup.shop.nintendo.net and shop.wii.com will block updates right?

 

[Deleted member 342493]

Just checking, blocking nus.cdn.wup.shop.nintendo.net and shop.wii.com will block updates right?

At least for me, yes.

 

[IbbyPlays]

Would a Wii U game work if I were to delete the update partition? I know this is probably a stupid idea but I thought it might be a simpler way to prevent my Wii U from updating once splatoon is released (since the kernel exploit and new webkit exploit will most likely have been patched by then).

 

[Mr. Mysterio]

Would a Wii U game work if I were to delete the update partition? I know this is probably a stupid idea but I thought it might be a simpler way to prevent my Wii U from updating once splatoon is released (since the kernel exploit and new webkit exploit will most likely have been patched by then).

I think you would need a USB loader to boot a modified game. It will be QUITE A WHILE before those. If you really want to prevent the game from updating the system, you should probably wait until there is a homebrew app to boot the disc while blocking updates (like Gecko OS). I don't think it's even possible yet to re-encrypt a Wii U disc image after editing.

EDIT: By the time Splatoon is released, there should (hopefully) be some basic homebrew for the Wii U.

 

[IbbyPlays]

I think you would need a USB loader to boot a modified game. It will be QUITE A WHILE before those. If you really want to prevent the game from updating the system, you should probably wait until there is a homebrew app to boot the disc while blocking updates (like Gecko OS). I don't think it's even possible yet to re-encrypt a Wii U disc image after editing.

I'm not talking about completely modifying a game. The update data is on it's own partition of the disc. By erasing that partition it might be possible to prevent updates (I'm not completely sure, would need an idea of how the update process happens from a disc). It might also be possible to simply overwrite that partition with an older firmware so that the Wii U will confirm that there is an update on the disc (preventing it from refusing to read a 'tampered with' disc) so it will not update.

 

[Mr. Mysterio]

I'm not talking about completely modifying a game. The update data is on it's own partition of the disc. By erasing that partition it might be possible to prevent updates (I'm not completely sure, would need an idea of how the update process happens from a disc). It might also be possible to simply overwrite that partition with an older firmware so that the Wii U will confirm that there is an update on the disc (preventing it from refusing to read a 'tampered with' disc) so it will not update.

If you mean physically modifying the disc, I think those discs are write-once. It would definately be possible to damage the data to prevent it from updating, but it almost certainly would prevent the game from working. The worst case would be if it thought the partition contained a valid update and started installing damaged files. That would certainly brick the console. Although, all the files on the disc should be signed (yes, even the update partition) so that if even ONE BIT is wrong, the whole file is marked as "tampered with or damaged". To sum it up: If you try to modify the physical disc, it is VERY likely that you would simply have ruined you nice new (expensive) game.

PS: You're right, the update partition is less protected that the game partition, but it still has a good amount of protection.

 

[uyjulian]

I'm not talking about completely modifying a game. The update data is on it's own partition of the disc. By erasing that partition it might be possible to prevent updates (I'm not completely sure, would need an idea of how the update process happens from a disc). It might also be possible to simply overwrite that partition with an older firmware so that the Wii U will confirm that there is an update on the disc (preventing it from refusing to read a 'tampered with' disc) so it will not update.

You mean just scratch the area of the disc with the update checksum, so the Wii U can't read the checksum, and then the Wii U refuses to update because of corrupted data.

Except: how would YOU know which area of the disk to scratch?

 

[TheZander]

You mean just scratch the area of the disc with the update checksum, so the Wii U can't read the checksum, and then the Wii U refuses to update because of corrupted data.

Except: how would YOU know which area of the disk to scratch?

Yeah that sounds nuts there is no way this could be possible.

 

[Ray Lewis]

You mean just scratch the area of the disc with the update checksum, so the Wii U can't read the checksum, and then the Wii U refuses to update because of corrupted data.

Except: how would YOU know which area of the disk to scratch?

take some games and test this theory. Scratch different parts as someone mentioned and report back to us. You might be on to something useful.

 

[uyjulian]

take some games and test this theory. Scratch different parts as someone mentioned and report back to us. You might be on to something useful.

scratching the disk in random places is not going to work, you have 25 GB of data on one blu-ray, how you going to find that?
I have an idea, connect wii u disk to a computer and put a camera near the middle of the drive, put some tape on the disk, read the disk until you are at the update partition, then stop the drive, use the laser + tape positions to find the location of the update partition on the disc...
... but how are you going to find a tool small and accurate enough you won't scratch/damage other data?