Hacking Wii U Hacking & Homebrew Discussion

[VinsCool]

hmm i guess, i never had a ps3 nor i knew about its scene

It was a gregory rasputin drama fest with geohot sued, kakarotto, waninkoko, and dongles and drm dongles.

Golden era

 

[Kafluke]

It was a gregory rasputin drama fest with geohot sued, kakarotto, waninkoko, and dongles and drm dongles.

Golden era

Yeah I remember those days. I hacked my ps3 with a TI calculator lol

 

[GuyInDogSuit]

Where should I buy a console if I plan to hack it? What version should I look for and how do I tell what version it has? Is it like the 3DS where you can guess by serial number?

 

[BossRoss93]

Hey everyone, I had a question. Does GC-to-Vpad work in Loadiine?

 

[realize]

People are just gonna keep berating me until I make another exploit and I know that, that's all I am to this community lmao
Maybe I should have some site post an article that Nintendo raided me and that I had to erase my hard drive and go into hiding, I don't think anyone's done that before

You're more than that. [emoji6]
You've done already a lot for the community and help out as much as you can!
THANK YOU!

I love you're character, it reminds me a bit of myself. Don't give a f** what the most "ARR-kiddies" saying. They can't imagine how much work you're doing for all of that and how much time you spent in this.

Keep ya head up! [emoji4]

 

[NWPlayer123]

Hey everyone, I had a question. Does GC-to-Vpad work in Loadiine?

Just glancing at it, not without changing some addresses or integrating it, cause although it only hooks into VPAD functions that loadiine only uses 3 of, it still installs its payload to 0x011DD000 which is probably where the Gecko codehandler is still installed
EDIT: Also, I'm just grumpy today, don't mind me

 

[Zap Rowsdower]

While yes it does share the same area as Gecko, it can be done with the current builds. And if you don't own Smash, well then shame on you.

 

[EclipseSin]

Just glancing at it, not without changing some addresses or integrating it, cause although it only hooks into VPAD functions that loadiine only uses 3 of, it still installs its payload to 0x011DD000 which is probably where the Gecko codehandler is still installed
EDIT: Also, I'm just grumpy today, don't mind me

Have a grumpy cat and feel better lol

 

[NightsOwl]

People are just gonna keep berating me until I make another exploit and I know that, that's all I am to this community lmao
Maybe I should have some site post an article that Nintendo raided me and that I had to erase my hard drive and go into hiding, I don't think anyone's done that before

Please don't group all of GBATemp together. I for one, am extremely thankful for any kind of Homebrew for any system. The fact people put time into any kind of exploit, homebrew, PoC or anything similarly, is greatly appreciated by me for one small reason.

It takes time to do these things. Some may not take too long, but I'm sure some/a lot take a LOAD of time, and then to release that work for free for other people to enjoy is what I'd consider beyond kind. Even if some may just be trying to show off. (I don't think anyone has done this)

I do not feel owed, or obligated anything anyone on this site works on. So it upsets me to be lumped together with the blithering idiots who are going full idiot trying to get free games. I'm sitting and waiting patiently and politely for any kind of Exploit/Homebrew on any system I own. If it happens, cool. If it doesn't, I'm fine and I understand. But GBATemp as a whole isn't all bad.

That being said, your opinion is yours, and I respect you if you leave and never post here again, or if you stay.

Just kinda wanted to stick up for the people (and myself) who aren't being silly, and to let you know, there are some people who appreciate the work anyone on this site does to further the community.

 

[GuyInDogSuit]

Where should I buy a console if I plan to hack it? What version should I look for and how do I tell what version it has? Is it like the 3DS where you can guess by serial number?

Bump.

 

[NWPlayer123]

Bump.

Um, yes, there's a whole wiki page here, and you can probably find any more answers in this thread.


Also, I just realized filfat gave me permission to update the original post on here, I should get around to that some time soon.

 

[BossRoss93]

Just glancing at it, not without changing some addresses or integrating it, cause although it only hooks into VPAD functions that loadiine only uses 3 of, it still installs its payload to 0x011DD000 which is probably where the Gecko codehandler is still installed
EDIT: Also, I'm just grumpy today, don't mind me

Right on

Thanks for the reply. I didn't think you were rude at all so don't worry. That might be fun to try to implement.

 

[shadowharold]

To be honest I understand that the exploit won't be released( at least not yet) however what happens if a new update comes and changes nothing? The exploit will continue to be private, I don't have the knowledge or the skills to make an exploit myself from the ground up, nor the time to learn how, it sucks that its private, yes it does, however the amount of time put by the devs is admirable,and they can do with the exploit whatever they want. I want loadiine to play the 5 or so games that I can't find here, but to be honest I will eventually get them.I am happy with the games that I have, and if the exploit gets released cool if not cool.

 

[NWPlayer123]

Well, I'm on a side venture poking at more undocumented functions in OSv10, have the start of another page http://wiiubrew.org/wiki/nsysccr.rpl (also added to coreinit the OSGetSystemInfo mentioned)

 

[Deleted member 388531]

--To all the as*holes that put hykem off gbatemp.

 

[Antonio Ricardo]

Edited.

 

[QuarkTheAwesome]

Well, I'm on a side venture poking at more undocumented functions in OSv10, have the start of another page http://wiiubrew.org/wiki/nsysccr.rpl (also added to coreinit the OSGetSystemInfo mentioned)

I'm assuming we can't use nsysccr kexploit-less?

Even so, being able to tweak the update system could yield some interesting results. <speculation type="baseless"> For instance, if anyone working on the ARM/IOSU knows what happens when it receives that CCRH signal they may be able to insert their own files into the process, allowing us to basically flash anything we want onto the Wii U disguised as a software update. (A copy of coreinit that never calls OSGetAppFlags and assumes we have permission for anything, maybe?) </speculation>
Baseless speculation update - Turns out the firmware update mode mentioned in nsysccr refers to the gamepad, not the console itself. Oops! My speculation is still possible once we find the methods for the actual console, however.

Also, could we write a program to pretend to be the NUS and deliver fake updates, thus not really needing a proper exploit at all? With the help of something like TubeHax DNS it wouldn't be that hard to do such a thing.

Also, apparently Nintendo can't grammar ;3

 

[Giodude]

So this thread is speculation cancer as always. I wish that was meant in a good or bad light. This thread hasn't progressed.

 

[NWPlayer123]

I'm assuming we can't use nsysccr kexploit-less?

Even so, being able to tweak the update system could yield some interesting results. <speculation type="baseless"> For instance, if anyone working on the ARM/IOSU knows what happens when it receives that CCRH signal they may be able to insert their own files into the process, allowing us to basically flash anything we want onto the Wii U disguised as a software update. (A copy of coreinit that never calls OSGetAppFlags and assumes we have permission for anything, maybe?) </speculation>

Also, apparently Nintendo can't grammar ;3

Well, I was just calling everything from TCPGecko running in userspace in the browser, it was returning weird results with all the CCRCDCSysGet functions that call the ccr_cdc dev node with IoctlvAsync tho :\ opened up IOSU briefly and it's a problem on that side, I'd have to dig more to see why it's complaining, probably like wrong core or something (returning CCR_ERROR_BASE + 0x66 or 0xFFEE0066).

Have a bunch more pseudocode I can't put up just yet cause not finished figuring out wtf it's doing lmao, ccr_cdc_handle is at 10000618, 02000BA0 opens the devnode with IOS_Open which is eventually called by start which is why all the Startup and Teardown functions are "depricated". You're supposed to be able to use it with userspace, that's what IOS_Ioctl(v)(Async) are for, unless it's ARM only in which case welp but considering they give an entire lib, doubtful

 

[punderino]

So this thread is speculation cancer as always. I wish that was meant in a good or bad light. This thread hasn't progressed.

At least most the people in this thread are actually working on shit, calling it "speculation cancer" has to be one of the most hypocritic phrases I've ever heard. You're just adding to the "cancer" part of that, so grow up and knock it off.