Toggle sidebar

Hacking What is stopping us from hacking into the ISOU using the Kernel exploit?

  • Thread starter Thread starter Goopyjoe
  • Start date Start date
  • Views Views 16,985
  • Replies Replies 106
BossRoss93 said:
Well, a lot of stuff actually. I mean the developers spent a lot of time putting in security measures to make sure that nobody can get access to things they are not supposed to. Kernel and IOSU are completely different things.
Click to expand...

But the Kernel does communicate with the IOSU, right?
 
The "IOSU" is the nickname for a FW that runs on the ARM inside the Wii U.
Just like Cafe OS (the Wii U OS running on the PowerPC), it has a user and a kernel mode.

So to mess with the IOSU to its full extend, you need a IOSU kernel exploit.
To make a list, we have:

Public Wii U userpace exploit for 5.5.1
Public Wii U kernel exploit for 5.5.1
Public IOSU userspace exploit for everything below 5.2.0 (not coded yet? but documented: https://nwert.wordpress.com/2016/05/03/ioctlvhax/)
Non public IOSU kernel exploit for either 3.3.0 and 5.5.1 ??? -> They exist, but nobody outside of the dev circle knows whats beeing exploited to gain this level privs.

Also, some might think you need to chain exploits together (Wii U userspace -> Wii U kernel -> IOSU userspace -> IOSU kernel) to get to the IOSU kernel, but iirc Hykem confirmed that Wii U userspace can communicate with the IOSU and exploit it, so a Wii U kernel exploit isn't needed.
 
  • Like
Reactions: spett and FlappyFalco
Goopyjoe said:
I'm simply asking what is blocking us from accessing the ISOU from the Kernel.
Click to expand...
There are multiple processors in the Wii U. We have kernel exploits for the PPC processor, which is the system's main processor for userland apps (games). The IOSU is an ARM processor that governs the system's security, among other things, and it has its own kernel. This is why "kernel exploit" alone is deceptive -- it sounds like we should have full control over the system already but in the Wii U's case, it is like having full control over only the graphics card.
 
Kohmei said:
There are multiple processors in the Wii U. We have kernel exploits for the PPC processor, which is the system's main processor for userland apps (games). The IOSU is an ARM processor that governs the system's security, among other things, and it has its own kernel. This is why "kernel exploit" alone is deceptive -- it sounds like we should have full control over the system already but in the Wii U's case, it is like having full control over only the graphics card.
Click to expand...

Thanks for clearing that up, but what makes the IOUS any different then the Kernel, other then the code they excecute?
 
Swiftloke said:
It just pisses me off that noobs like these clutter the temp with useless threads asking dumb questions like these. There is a stickied noob question thread.
Click to expand...

Excatly the amount of dumb posts by newbies in the wiiu and 3ds forums is beyond a joke when I first joined this site we had like 95% decent and intelligent threads and 5% dumb shitposts now it's the other way about. Also why can't people be happy with what they have instead of what they don't have.
 
  • Like
Reactions: Swiftloke
Marko76 said:
Excatly the amount of dumb posts by newbies in the wiiu and 3ds forums is beyond a joke when I first joined this site we had like 95% decent and intelligent threads and 5% dumb shitposts now it's the other way about. Also why can't people be happy with what they have instead of what they don't have.
Click to expand...
For me however it has always been like that. Just the size grows.

Goopyjoe said:
Thanks for clearing that up, but what makes the IOUS any different then the Kernel, other then the code they excecute?
Click to expand...
It handles low level stuff, including security and a lot of the h/w iirc.
 
why is there not a huge front page sticky size of the screen that never leaves front page, and it is says NOOBS CLICK HERE and we have a link to all answers, anyone who asks after same thing that's asked every 5 minutes perma ban. It would save time bitching and might help a few of the people who have no idea how to use search function.
 
look the noob section is so messed up... i can litterely find every question at least being post 25 time, and get no real answers. i'm a noob and if it's irritating so be it... i wanna learn something and i won't get to learn a thing in the noob section since everyone is talking through each other without clear notice who's to know the answers... here i get maybe irritated answers but at least i do get to understand it little by little... i wanna be a contrebuter and not a leech but to get to be a contrebuter i need to learn and this is the only place i know where there are answers to such questions... that being sai, i don't think i'll be any help soon since i'm years behind in learning so please be patient...
 
Jack Daniels said:
look the noob section is so messed up... i can litterely find every question at least being post 25 time, and get no real answers. i'm a noob and if it's irritating so be it... i wanna learn something and i won't get to learn a thing in the noob section since everyone is talking through each other without clear notice who's to know the answers... here i get maybe irritated answers but at least i do get to understand it little by little... i wanna be a contrebuter and not a leech but to get to be a contrebuter i need to learn and this is the only place i know where there are answers to such questions... that being sai, i don't think i'll be any help soon since i'm years behind in learning so please be patient...
Click to expand...
We are patient with question that aren't in the FAQ. but if someone doesn't know how an exploit works, it shoudln't stay on this forum.
 
Filo97 said:
We are patient with question that aren't in the FAQ. but if someone doesn't know how an exploit works, it shoudln't stay on this forum.
Click to expand...
thanks i'll try not to ask too much. will first go and get to practise a bit of coding to get a better understanding first... sorry for taking such precious time.
 
Filo97 said:
you don't need to be a coder to be useful. you ony need to know, and help who has got REAL questions
Click to expand...
thanks, still want to get to be a coder, just maybe a little less high a level, liked to write software when i was a kid, just that was when there was only dos and win 3.11... school took my time and there was no education for coding there so i lost practice... i already actively help those with wii and psp failures as far as i understand it, those are the 2 consoles i had myself so i have tested all instructions first. but getting off topic... sorry to clutter here thanks for responding.
 
  • Like
Reactions: NichyXD
Jesus, it's not like it's unprecedented. I mean the 3DS Userland exploit allowed you to downgrade your entire firmware!

All the OP was asking was if it would be possible to force the Wii U into a situation where an exploit could be ran using a custom app on Loadiine or a patch for an existing game. Back in the Wii days, you may remember the Twilight Hack, which ran off a normal copy of Twilight Princess and could not be executed any other way. It loaded a corrupt save which would allow for custom apps to be ran, including the Homebrew installer which would permanently install the Homebrew Channel on the Wii menu. The OP wanted to know if it would be possible to create our own "Twilight Princess", a "game" that would load its save in just the right way for an exploit that allowed for IOSU access. This game could then be ran on Loadiine. While the differences between the Wii OS and IOSU may be great, the OP politely basically asked if the (extremely unlikely) example I gave would be possible.

Also, STFU about the search button, I tried just to make sure:

AlmightySearch.png

All that comes up is this thread followed by irrelevant crap (basically any page with either "kernel" or "IOSU" is mentioned).Try it for yourself, keeping in mind that any three letter words will be ignored.
 
Last edited by FlappyFalco,
  • Like
Reactions: Juiss and Gluupor
FlappyFalco said:
Jesus, it's not like it's unprecedented. I mean the 3DS Userland exploit allowed you to downgrade your entire firmware!

All the OP was asking was if it would be possible to force the Wii U into a situation where an exploit could be ran using a custom app on Loadiine or a patch for an existing game. Back in the Wii days, you may remember the Twilight Hack, which ran off a normal copy of Twilight Princess and could not be executed any other way. It loaded a corrupt save which would allow for custom apps to be ran, including the Homebrew installer which would permanently install the Homebrew Channel on the Wii menu. The OP wanted to know if it would be possible to create our own "Twilight Princess", a "game" that would load its save in just the right way for an exploit that allowed for IOSU access. This game could then be ran on Loadiine. While the differences between the Wii OS and IOSU may be great, the OP politely basically asked if the (extremely unlikely) example I gave would be possible.

Also, STFU about the search button, I tried just to make sure:

View attachment 53221

All that comes up is this thread followed by irrelevant crap (basically any page with either "kernel" or "IOSU" is mentioned).Try it for yourself, keeping in mind that any three letter words will be ignored.
Click to expand...
google "website:gbatemp [TEXTHERE]"
 
FlappyFalco said:
Jesus, it's not like it's unprecedented. I mean the 3DS Userland exploit allowed you to downgrade your entire firmware!

All the OP was asking was if it would be possible to force the Wii U into a situation where an exploit could be ran using a custom app on Loadiine or a patch for an existing game. Back in the Wii days, you may remember the Twilight Hack, which ran off a normal copy of Twilight Princess and could not be executed any other way. It loaded a corrupt save which would allow for custom apps to be ran, including the Homebrew installer which would permanently install the Homebrew Channel on the Wii menu. The OP wanted to know if it would be possible to create our own "Twilight Princess", a "game" that would load its save in just the right way for an exploit that allowed for IOSU access. This game could then be ran on Loadiine. While the differences between the Wii OS and IOSU may be great, the OP politely basically asked if the (extremely unlikely) example I gave would be possible.

Also, STFU about the search button, I tried just to make sure:

View attachment 53221

All that comes up is this thread followed by irrelevant crap (basically any page with either "kernel" or "IOSU" is mentioned).Try it for yourself, keeping in mind that any three letter words will be ignored.
Click to expand...


Exactly what I meant, so is it possible?
 
  • Like
Reactions: FlappyFalco

Site & Scene News

Go to forum More news

Popular threads in this forum

Hacking Homebrew Project  Modernized YouTube for Wii U

[discussion] what game do you wanna see next?

[discussion] Paper Mario Wii U or Mario Kart 64 wii u?

Wii Games Performance on Wii U (vWii C2W Overclock) – Community Testing & Results Sharing

[PRERELEASE] Sonic 3 A.I.R. (finally) Wii U

Can the Wii u pro controller works for Wii games ?

Homebrew Misc  Wii U Homebrew — accessing certain apps causes 160-0103 error, uncertain if Homebrew attempt is responsible

Sonic Advance 2 Wii U (another release, this time it's playable)