Toggle sidebar

Hacking Wii U Hacking & Homebrew Discussion

  • Thread starter Thread starter filfat
  • Start date Start date
  • Views Views 5,093,889
  • Replies Replies 21,104
  • Likes Likes 29
the_randomizer said:
So just like that? The Wii U hacking scene is dead in the water, never to be picked up again? F*cking unbelievable.
Click to expand...
No, just people being impatient while we fix stuff. For one, this isn't how the exploit is meant to work, and it causes a lot of weird corruption. For another, we should have never pushed it out unfinished in the first place, maybe then there wouldn't be so many whiny fools.
 
  • Like
Reactions: Nym5, VinsCool and frogboy
NWPlayer123 said:
No, just people being impatient while we fix stuff. For one, this isn't how the exploit is meant to work, and it causes a lot of weird corruption. For another, we should have never pushed it out unfinished in the first place, maybe then there wouldn't be so many whiny fools.
Click to expand...

Who knows. Maybe if I actually had the balls to learn how to program and not fail the damn basic programming course three times in a row, I could somehow help :( But, I'm just another useless end user, so I can't help, really. A fifth wheel. Can't undo the unfinished release now, what's done is done.
 
NWPlayer123 said:
No, just people being impatient while we fix stuff. For one, this isn't how the exploit is meant to work, and it causes a lot of weird corruption. For another, we should have never pushed it out unfinished in the first place, maybe then there wouldn't be so many whiny fools.
Click to expand...
Honestly hoping you take your words back.
You guys did a good job, and despite that most stuff isn't working for me we're all working together and try as many things possible to sort out issues.
It's still a proof of concept for people to try out and if people aren't happy about it they should shut the **** up.
This reminds me of when Nintendo released the black Wii's and suddenly half of the homebrew broke due to timing issues I believe :)
I'm confident it'll get better over time.
 
  • Like
Reactions: otto888, I pwned U!, VinsCool and 3 others
mixelpixx said:
I am exploring all avenues for Reading and Writing the Flash (FW). The DevKit contains an eeprom_writer and a flash_writer utility so I might try to go with what is probably made to work. Going to see if a standard FTDI breakout (GND, RX, TX) will let mewrite it. but I have no image to write, as the FW in the kit is for a devkit unit, and any image I make is really going back on as an image of.
Click to expand...

The devkit flashing utility won't help you at all! You would likely brick your retail unit even if you figured out a way to get it to run and flash a retail image. Its not designed for use on a retail unit. The OS is completely different for the dev kits.

also @Hykem, @Marionumber1 and @NWPlayer123 you are all on the right track, I'm happy to see that :). I've been keeping up with your progress even though I can't participate ;) :P.
 
Like it has been said, things are not finished so failures happen. Get over it everyone. Either get nothing for another month or whatever or get started now with semi-working stuff? Next time, it might be the first option again because people don't get it.
 
  • Like
Reactions: TheZander
TheZander said:
the exit one worked and the helloworld showed %u0000%u393c
Click to expand...
Wait what, how does that even work. I'm guessing the string pointer got messed up and it read part of the HTML ??? That's a dummied out part of the code we're injecting (it has to be a certain size so we just pad the rest as file offsets)
Screenshot_1.png
 
  • Like
Reactions: Adr990
When I build examples/rpc and start rpc.py and try to connect it says "Invalid RPC command" on my Wii U.. is that normal?

Edit: Works now
 
Last edited by ,
NWPlayer123 said:
Wait what, how does that even work. I'm guessing the string pointer got messed up and it read part of the HTML ??? That's a dummied out part of the code we're injecting (it has to be a certain size so we just pad the rest as file offsets)
Click to expand...
I'll try to replicate it if its interesting enough. It only happened once, the second time I tried mostly I get the black screen.

also with the exit example, is the exploit still running in the background? Or the anture of the exploit runs in the browser so nothing is going on.
 
NWPlayer123 said:
Okay, enough picking on each other, back on topic.
Click to expand...
Good idea! :)
I tried to "dump" the header of the coreinit.rpl (at least I wanted to check out whether it works ^^) but the program just spit out some pointers.
Any idea for improvements? :) Is it even possible to access the rpl binaries from userspace?

Code: 
#include "loader.h"

void _start()
{
    long long myRPLHandle = 0;
    char cArr[40];

    OSDynLoad_Acquire("coreinit.rpl", &myRPLHandle);

    __os_snprintf(cArr, sizeof(cArr), "%x, %x, %x, %x", &myRPLHandle, &myRPLHandle + 4, &myRPLHandle + 8, &myRPLHandle + 12);
    OSFatal(cArr);
}
 
  • Like
Reactions: Adr990
JaceCearK1 said:
Good idea! :)
I tried to "dump" the header of the coreinit.rpl (at least I wanted to check out whether it works ^^) but the program just spit out some pointers.
Any idea for improvements? :) Is it even possible to access the rpl binaries from userspace?

-snip-
Click to expand...
coreinit.rpl on 5.3.2 is at 0x101c400, so read from there and you should get everything. Here's the first little bit from IDA:
CoreInit.png

The first "function" is start and the second is __PPCExit at 0x170. Also, OSDynLoad_FindExport gets you the address of any function with a symbol in the RPL you check.
 
  • Like
Reactions: I pwned U!, VinsCool, Adr990 and 1 other person
NWPlayer123 said:
coreinit.rpl on 5.3.2 is at 0x101c400, so read from there and you should get everything. Here's the first little bit from IDA:
The first "function" is start and the second is __PPCExit at 0x170. Also, OSDynLoad_FindExport gets you the address of any function with a symbol in the RPL you check.
Click to expand...
Oh!? RPLs don't have a string to identify it? (like MZ for Win32 executables)
Okay, that will make it a little harder...
I got this value through other code: 0x0102F09C
Do you know, what it exactly is? :D
 
Last edited by JaceCearK1,

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew Project  Modernized YouTube for Wii U

[discussion] what game do you wanna see next?

[discussion] Paper Mario Wii U or Mario Kart 64 wii u?

Wii Games Performance on Wii U (vWii C2W Overclock) – Community Testing & Results Sharing

Gaming Homebrew Misc Project  Roséverse - a 1:1 Miiverse revival by Project Rosé!

Can the Wii u pro controller works for Wii games ?

[PRERELEASE] Sonic 3 A.I.R. (finally) Wii U

Sonic Advance 2 Wii U (another release, this time it's playable)