Hacking I have a question to 5.5.2 update

[Vitalij1990]

Hey i have a question to 5.5.2 update yesterday i`ve got the 5.5.2 update and now i can`t use browserhax my Problem is that i need the browserhax because i used mocha for dlc.
I doesn`t used haxchi or chbc.
Only what ive got is the nanddump from the wiiu. 32gb nanddump.
Can i restore back to 5.5.1 or not?
Thank for your help
And sorry for my bad english.

 

[Lacius]

Hey i have a question to 5.5.2 update yesterday i`ve got the 5.5.2 update and now i can`t use browserhax my Problem is that i need the browserhax because i used mocha for dlc.
I doesn`t used haxchi or chbc.
Only what ive got is the nanddump from the wiiu. 32gb nanddump.
Can i restore back to 5.5.1 or not?
Thank for your help
And sorry for my bad english.

It is currently impossible for you to run CFW of any kind on your Wii U. You shouldn't have updated to 5.5.2 without Haxchi or CBHC. You can't run browserhax on 5.5.2, and you can't downgrade to 5.5.1.

Edit: Forgot about your NAND dump. You can presumably restore it with a hardmod.

 

[EyeKey]

Don't do it. It is way too risky. If you have OTP and SEEPROM (you should have if you had rednand) you can install haxchi on 5.5.2. But there is no any tool that does it yet.

 

[Lacius]

Don't do it. It is way too risky. If you have OTP and SEEPROM (you should have if you had rednand) you can install haxchi on 5.5.2. But there is no any tool that does it yet.

OP already updated to 5.5.2 foolishly.

 

[EyeKey]

OP already updated to 5.5.2 foolishly.

I know. I said that if he has OTP and SEEPROM, it is theoretically possible to install haxchi, even on 5.5.2.

 

[Lacius]

I know. I said that if he has OTP and SEEPROM, it is theoretically possible to install haxchi, even on 5.5.2.

There's currently no way to do that. A hardmod is OP's only option right now.

 

[EyeKey]

There's currently no way to do that. A hardmod is OP's only option right now.

It is possible. There is no way to do it only because no one implemented such a tool.

You can buy DS game, move it to USB, connect the USB to PC, edit the DS game and do contenthax [such tool is needed], and you have haxchi.

 

[Lacius]

It is possible. There is no way to do it only because no one implemented such a tool.

You can buy DS game, move it to USB, connect the USB to PC, edit the DS game and do contenthax [such tool is needed], and you have haxchi.

I didn't say it was impossible. I said there's currently no way to do it.

 

[Kafluke]

If eyekey says you can do it id trust him. He's the dude that made all the nand backup and fix tools for the hardmod

 

[EyeKey]

If eyekey says you can do it id trust him. He's the dude that made all the nand backup and fix tools for the hardmod

He said the same things only in different words. You can't do it right now because there isn't any tool to edit the USB (I am working on one but I don't know when it will be ready, I am hardly working on it).

 

[Vertx]

So, when the tool is ready, would it be necessary to buy a DS game to get haxchi?

 

[EyeKey]

So, when the tool is ready, would it be necessary to buy a DS game to get haxchi?

Yes, and OTP and SEEPROM are required. (which most people who want to install haxchi on 5.5.2 probably don't have)

 

[Valery0p]

You can buy DS game, move it to USB, connect the USB to PC, edit the DS game and do contenthax [such tool is needed], and you have haxchi.

#I fkng knew it
Thanks you a LOT EyeKey, Your work will help a lot of people!
Maybe this can help you for your tool : https://github.com/yellows8/wiiu_wfsmount

Yes, and OTP and SEEPROM are required. (which most people who want to install haxchi on 5.5.2 probably don't have)

Forgive me if I'm wrong, isn't but the USB key calculated by encrypting the SEEPROM seed with the OTP usb key (which is the same for every console)?
And aren't the the first 4 bytes of the seed taken from a certain ID, i don't remember his name, who can be read from some place on the wiiu?

Also, [MAD MODE on] do you ever heard of a known plaintext attack? [MAD MODE off]

 

[EyeKey]

#I fkng knew it
Thanks you a LOT EyeKey, Your work will help a lot of people!
Maybe this can help you for your tool : https://github.com/yellows8/wiiu_wfsmount

This tool is just straightforward decrypting with the key. I have done much more research on wfs than that. It is just that I am lazy and not finishing the tool.

Forgive me if I'm wrong, isn't but the USB key calculated by encrypting the SEEPROM seed with the OTP usb key (which is the same for every console)?
And aren't the the first 4 bytes of the seed taken from a certain ID, i don't remember his name, who can be read from some place on the wiiu?

Also, [MAD MODE on] do you ever heard of a known plaintext attack? [MAD MODE off]

Hmm you may be right, so only seeprom is needed?

According to the wiki the first 4 bytes is Wii U NG ID. But even if you know them you still have 12 random bytes left...
And the crypto is fine, all the data is encrypted with cbc, with a unique iv for each sector (well because it is cbc the iv only matters for the first block, but the hash is there for the non-data blocks), and the data is also hashed (and the hash is encrypted) and the hash is checked. Not a lot that you can do.

 

[Valery0p]

This tool is just straightforward decrypting with the key. I have done much more research on wfs than that. It is just that I am lazy and not finishing the tool.

Well, at least you have something no one can interpret wfs-U right now.

According to the wiki the first 4 bytes is Wii U NG ID. But even if you know them you still have 12 random bytes left...

Again, sorry for my noob-inies, but what NG means? And we can really find it somewhere on the labeling?
Also,it will take too long to bruteforce the other bytes? Ignore that, too many combinations...

And the crypto is fine, all the data is encrypted with cbc, with a unique iv for each sector, and the data is also hashed and the hash is checked. Not a lot that you can do.

So you're saying, that two encrypted drive, from two different consoles, with the exact same content inside, will result in two different decrypted dumps?
Last thing: after you decrypted the drive USB, an excluding what you said before, there is other encryption here? @EyeKey
Sorry for annoying you so much :/

 

[piratesephiroth]

If the Wii U on 5.5.2 has seeprom.bin and otp.bin, it's possible to get its USB decryption key.
Just purchase the DS VC game and install it on a USB drive, extract that drive data on the PC and decrypt it.
Then get the USB key from another Wii U on 5.5.1 and encrypt the data with it, inject it back into the USB drive, plug it into the 5.5.1 console and install Haxchi on it.
Extract the USB drive again, decrypt it, re-encrypt with the original 5.5.2 USB key, inject it back and voilà, Haxchi on 5.5.2.

Alternatively one could provide a decrypted disk img of a USB drive with the DS Vitual Console + Haxchi already in it, so all the user would have to do would be to encrypt and use it after buying the game.

 

[EyeKey]

If the Wii U on 5.5.2 has seeprom.bin and otp.bin, it's possible to get its USB decryption key.
Just purchase the DS VC game and install it on a USB drive, extract that drive data on the PC and decrypt it.
Then get the USB key from another Wii U on 5.5.1 and encrypt the data with it, inject it back into the USB drive, plug it into the 5.5.1 console and install Haxchi on it.
Extract the USB drive again, decrypt it, re-encrypt with the original 5.5.2 USB key, inject it back and voilà, Haxchi on 5.5.2.

Alternatively one could provide a decrypted disk img of a USB drive with the DS Vitual Console + Haxchi already in it, so all the user would have to do would be to encrypt and use it after buying the game.

I already explained in the other thread why it won't work.

 

[piratesephiroth]

I already explained in the other thread why it won't work.

uh? Why wouldn't it work? We can encrypt and decrypt the usb drives fine.
Does the partition still contain additional data attaching it to the original console?

 

[EyeKey]

uh? Why wouldn't it work? We can encrypt and decrypt the usb drives fine.
Does the partition still contain additional data attaching it to the original console?

https://gbatemp.net/threads/feel-li...you-have-otp-and-seeprom.478207/#post-7463665

TL;DR: we dont encrypt/decrypt the USB fine right now.

 

[piratesephiroth]

https://gbatemp.net/threads/feel-li...you-have-otp-and-seeprom.478207/#post-7463665

TL;DR: we dont encrypt/decrypt the USB fine right now.

oh I see.. I noticed the files were broken when I looked at the dump in an hex editor but I thought it could be just some quirk of the file system.
Well so we have to wait until at least the decryption/encryption is figured out.

Hopefully you'll release this project on github or something so more people can help.
All the Wii U is really needing is a file explorer so I hope this leads to something like a libwfs.