Hacking FST patcher new coldboot for WiiU

SuperDan · Dec 2, 2020

How does it works

It will make each File/Dir entry in the FST file point to a secondary header with flags 0x0200 The IOSU, then, will not check if the data is signed or not (it means, you can alter /code, /content, /meta and the IOSU will simply ignore)

The patched title needs to be a VALID title at first (system titles, eshop games, etc..)

Video tutorial: HBL under WiiU Chat (on a stock console, not running CFW)

dojafoja · Dec 2, 2020

Im assuming there's no reason why system.xml couldn't be modified to boot directly to the patched title, effectively getting "CBHC like" behavior. Pretty cool!

The Koopa Kingdom · Dec 2, 2020

This technically isn't quite a coldboot exploit. Coldboot exploits occur ealier in the boot process; like "ColdBoot" HaxChi, this setup only kicks in after the bootloader, and after some of CafeOS has loaded.

This exploit was discovered by Maschell, and the tools for installing and uninstalling it are under development by the For the Users team. Maschell shared this exploit with NexoCube/Rambo6Glaz under the pretense of it not being made public until the 4TU team is ready with an environment for it.

The ethics of using leaked information aside, please understand that this tool does not have full featured safety checks, and is not meant for non-advanced end users.

rw-r-r_0644 · Dec 2, 2020

Please do not use this tool. This implementation of the leaked vulnerability does not perform any kind of check, which makes it very easy to brick your own console. There is a reason the vulnerability had not yet been released. A much safer installer, and a whole lot of other things were being developed by Maschell prior to this release, so I would recommend anyone tempted to try this to wait.

lordelan · Dec 2, 2020

SuperDan said:
How does it works

It will make each File/Dir entry in the FST file point to a secondary header with flags 0x0200 The IOSU, then, will not check if the data is signed or not (it means, you can alter /code, /content, /meta and the IOSU will simply ignore)

The patched title needs to be a VALID title at first (system titles, eshop games, etc..)

Video tutorial: HBL under WiiU Chat (on a stock console, not running CFW)

Not a single word about Maschell? Man ...
As already stated in this thread he did that and he has to decide whether and when this is being made public.
Just wait for him to polish things up and be patient.

huma_dawii · Dec 2, 2020

SuperDan said:
How does it works

It will make each File/Dir entry in the FST file point to a secondary header with flags 0x0200 The IOSU, then, will not check if the data is signed or not (it means, you can alter /code, /content, /meta and the IOSU will simply ignore)

The patched title needs to be a VALID title at first (system titles, eshop games, etc..)

Video tutorial: HBL under WiiU Chat (on a stock console, not running CFW)

Why is nobody talking about this... it needs a better title to catch the attention of people

ZoNtendo · Dec 2, 2020

huma_dawii said:
Why is nobody talking about this... it needs a better title to catch the attention of people

maybe the fact that this is not a *true* coldboot exploit and because most devs/users sadly lost interest in this console

SuperDan · Dec 2, 2020

I just found it interesting boys... !! Just a little find.. If I hear anything more I will report back.... As of now it's still a WUP but it has lots of promise.. I done hack my WIIU years ago but for the new guys this could possibly be a safer easier way of doing it... Perhaps..

susi91 · Dec 2, 2020

SuperDan said:
I just found it interesting boys... !! Just a little find..

Yes, it is interesting. Thank you

Really nice to have some more options for the Wii U. I like it^^

godreborn · Dec 2, 2020

Been using cbhc for 3 or 4 years, play the system daily and never had a problem with it. However, I'm always hoping for something safer.

huma_dawii · Dec 2, 2020

godreborn said:
Been using cbhc for 3 or 4 years, play the system daily and never had a problem with it. However, I'm always hoping for something safer.

I've been waiting for a way to unbrick a console, that way we can be safe for sure.

godreborn · Dec 2, 2020

huma_dawii said:
I've been waiting for a way to unbrick a console, that way we can be safe for sure.

I thought of using wup server to fix cbhc since it works on the home menu but it requires an ious hack.

--------------------- MERGED ---------------------------

I talked to @GaryOderNichts bout it but it seems like a deadend

SuperDan · Dec 2, 2020

godreborn said:
Been using cbhc for 3 or 4 years, play the system daily and never had a problem with it. However, I'm always hoping for something safer.

Same here mate CBHC for about 3 years no problems as I know what not to do never had any issues with my WIIU... & still play it from time to time....

godreborn · Dec 2, 2020

SuperDan said:
Same here mate CBHC for about 3 years no problems as I know what not to do never had any issues with my WIIU... & still play it from time to time....

it's not too bad really (not nearly as dangerous at it might seem). though, I probably wouldn't recommend it if you have others playing the system (especially kids).

MikaDubbz · Dec 2, 2020

Cool to see new exploits, I'm sure for those that were to stingy to shell out the $5 or so for a DS VC game, this will be appealing to. Likewise, maybe for those that filled up all 300 titles in the Wii U menu might be compelled to switch from CBHC to this new exploit, just to get one more title onto their menu. Though I'd question how safe it even is to move from an already installed CBHC to this. And for just one more title to be freed up for another game, certainly doesn't feel worth the risk, which it definitely seems like it will be even riskier to implement this new exploit than CBHC was.

--------------------- MERGED ---------------------------

godreborn said:
it's not too bad really (not nearly as dangerous at it might seem). though, I probably wouldn't recommend it if you have others playing the system (especially kids).

Honestly the only real thing a kid could do would be to delete or move the CBHC icon to USB or if they were doing things in FTPiiU that they shouldnt' be, and if a kid is playing my Wii U and think it'd be more fun to mess around in the system settings than to play any of the many titles and emulators installed to the system, then there is something wrong with that kid, and I can't imagine a kid would be able to get into FTPiiU and do any damage as they'd have to know what to do on the PC as well.

godreborn · Dec 2, 2020

MikaDubbz said:
Cool to see new exploits, I'm sure for those that were to stingy to shell out the $5 or so for a DS VC game, this will be appealing to. Likewise, maybe for those that filled up all 300 titles in the Wii U menu might be compelled to switch from CBHC to this new exploit, just to get one more title onto their menu. Though I'd question how safe it even is to move from an already installed CBHC to this. And for just one more title to be freed up for another game, certainly doesn't feel worth the risk, which it definitely seems like it will be even riskier to implement this new exploit than CBHC was.

--------------------- MERGED ---------------------------

Honestly the only real thing a kid could do would be to delete or move the CBHC icon to USB or if they were doing things in FTPiiU that they shouldnt' be, and if a kid is playing my Wii U and think it'd be more fun to mess around in the system settings than to play any of the many titles and emulators installed to the system, then there is something wrong with that kid, and I can't imagine a kid would be able to get into FTPiiU and do any damage as they'd have to know what to do on the PC as well.

you'd honestly let a kid play with your system? kids are a lot smarter these days, so I don't see how any of that is outside the realms of possibility. there are also many grown ups who won't install it, because they don't trust that they won't one day fuck it up.

MikaDubbz · Dec 2, 2020

godreborn said:
you'd honestly let a kid play with your system? kids are a lot smarter these days, so I don't see how any of that is outside the realms of possibility. there are also many grown ups who won't install it, because they don't trust that they won't one day fuck it up.

My nephews play it all the time, no problems, been letting them do so for years. Just explained to them that there is nothing in the system menu options that's any fun. Good kids, smart too, but I made it clear to them that if they mess with the settings it could mean no more fun on the Wii U ever again. Just be real with them, and they get it. And I know they aren't going to mess with FTP, because as soon as you open the app it's boring and does nothing, and if I really were worried about FTPiiU I could just remove the app anytime I bring the Wii U over to their father's place.

MikaDubbz · Dec 2, 2020

The Koopa Kingdom said:
This technically isn't quite a coldboot exploit. Coldboot exploits occur ealier in the boot process; like "ColdBoot" HaxChi, this setup only kicks in after the bootloader, and after some of CafeOS has loaded.

This exploit was discovered by Maschell, and the tools for installing and uninstalling it are under development by the For the Users team. Maschell shared this exploit with NexoCube/Rambo6Glaz under the pretense of it not being made public until the 4TU team is ready with an environment for it.

The ethics of using leaked information aside, please understand that this tool does not have full featured safety checks, and is not meant for non-advanced end users.
View attachment 236321

I recall Maschell talking about something like this a long time ago. Is this part of that setup that will supposedly lead to even more functionality than what CBHC has? I recall him saying something like that, though I don't remember what the supposed benefits this could bring over CBHC beyond writing over a useless system app instead of a title slot you'd prefer to reserve for an actual game, but there were a few if this is indeed what I recall him talking about.

RHOPKINS13 · Dec 2, 2020

I already have CBHC, so I won't be trying this out until it's properly released with Maschell's blessings. But this is very exciting, even if it's not "true" coldboot, it could open up something similar to CBHC without requiring specific titles to be installed. That's great, considering Nintendo has already announced the shutdown of Mario Maker's online service, I feel like the Wii U eShop's days are limited. At which point CBHC won't be an option for newcomers.

Alexander1970 · Dec 2, 2020

I think it is maybe not about the new "Exploit" (or whatever).
It seems most of the "Excitement" is HOW this News comes to the Light....

In April (2020), Maschell was working on an update for JNUSLib and discovered that some flags in the file system table (FST) of the title are undocumented.

Maschell will publish a more extensive statement soon. He shared the "error" with NexoCube / Rambo6Glaz, among others, who made it public, although it was agreed that a stable, tested environment should be provided first.

Source (german)

Hacking FST patcher new coldboot for WiiU

Im Aware ... Im Unaware

life elevated

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Well-Known Member

Im Aware ... Im Unaware

Well-Known Member

Welcome to the Machine

Well-Known Member

Welcome to the Machine

Im Aware ... Im Unaware

Welcome to the Machine

Well-Known Member

Welcome to the Machine

Well-Known Member

Well-Known Member

Geek

XP not matters.

Similar threads

Popular threads in this forum