Hacking Boot1 key and exploit released

[FIX94]

not quite sure how you'd do this over vwii, from what I remember from cafe2wii, the physical wiiu mem1 you use in vwii mode starts at 0x800000 instead of 0x0 which is used for this exploit. maybe I just glanced over at it wrong, I really didnt go into cafe2wii too deeply. Also the mem2 stuff may be mapped out differently as well.

 

[Billy Acuña]

Just to confirm that I alreally dumper my own boot1.bin with hexFW in case of future usage, but I don't think I will need it since if a CBHC's update comes out it will come with its own boot1 dumper

 

[wicksand420]

Just to confirm that I alreally dumper my own boot1.bin with hexFW in case of future usage, but I don't think I will need it since if a CBHC's update comes out it will come with its own boot1 dumper

is there a compiled build of hexFW somewhere?

 

[Billy Acuña]

is there a compiled build of hexFW somewhere?

Unfortunately, you need to compile it yourself since it comes in the form of the old and copyrighted fw.img.
You can follow the guide made by FIX called "Building iosuhax on Windows" but installing Python 2.7 instead of 3.5, you also need to have "devkitpro/devkitPPC/bin" in you PATH.

 

[the_randomizer]

So what will this mean for end users?

 

[Billy Acuña]

So what will this mean for end users?

Safer and free coldboothax/haxchi.

 

[the_randomizer]

Safer and free coldboothax/haxchi.

I suppose that's fair

 

[Deleted User]

I suppose that's fair

at long last.... But I need to ask a question. Given the state of the sys.xml (and because we had to write to it for coldboothax) would this exploit work even if the sys.xml was screwed. (like how bootstrap9 would work even if the system menu was busted on 3ds)

 

[the_randomizer]

at long last.... But I need to ask a question. Given the state of the sys.xml (and because we had to write to it for coldboothax) would this exploit work even if the sys.xml was screwed. (like how bootstrap9 would work even if the system menu was busted on 3ds)

I have no idea, to be honest.

 

[Billy Acuña]

at long last.... But I need to ask a question. Given the state of the sys.xml (and because we had to write to it for coldboothax) would this exploit work even if the sys.xml was screwed. (like how bootstrap9 would work even if the system menu was busted on 3ds)

Of course not, as hexkyz stated, you can use as a contenthax using the vWii channel as target, this is safer since vWii channel is signed on every retail wiiu and is a system title, screwing sys.xml is very unlikely, nobody screwed with that file, just by installing CBHC on a pirated NDS title.

Edit: Btw, the title of this thread should be renamed to "boot1hax released" [emoji14]

 

[Billy Acuña]

Looks like there is still hope to get the boot1 key:
https://twitter.com/hexkyz/status/9...share|twsrc^m5|twgr^email|twcon^7046|twterm^1

 

[Billy Acuña]

Hey guys!
Hexkys just fully documented the boot1 on wiiubrew
http://wiiubrew.org/wiki/Boot1

 

[Osakasan]

So i guess we now play the waiting game until a refined CBHC gets released? Good news in any case.

 

[Lacius]

So i guess we now play the waiting game until a refined CBHC gets released? Good news in any case.

That is correct.

 

[Osakasan]

That is correct.

I've been waiting for this to happen to be honest, and being the only non-tech illiterate user of my Wii U i've been fighting the urges to install CBHC

Now i'll just wait

 

[AxlSt00pid]

Am I reading this right? Boot1? Nice!
Now it's just a matter of time until a haxchi-less CFW coldboot method releases

 

[Billy Acuña]

Hey guys!!! (Yes, it's me again...)
@QuarkTheAwesome is REing the boot1, he just did a streaming today


Edit: Btw, it is worth of mention that Quark highly thinks that contenthax over the vWii's channel has "no real improvement over CBHC", I disagree on this one, since there is alreally 2 real improvements over the current CBHC, which is that would be permanent CFW and a lot safer than relying in a NDS title that can be easily deleted/corrupted (even Nintendo can do that by unlinking your account), but if we can get a real coldboot instead another contenthax, I like the idea [emoji14]

 

[Billy Acuña]

https://twitter.com/hedgeberg/status/959179566643400704

"Stream tonight will be writing our payload to the Wii U, as promised forever ago."

....

( ͡° ͜ʖ ͡°)

 

[SuperDan]

Im sure everyone is wondering .. as i have no clue in Code .. what would the people who know how all this works ... what would be the expected timeline for a full CFW using Boot1 ... ? .. i still have not done the Haxchi way ... Mocha is working out well .. Except the browser exploit .. It works but not every time .. Pain in the ass for using nintendont ... but works !!

 

[ShadowOne333]

https://twitter.com/hedgeberg/status/959179566643400704

"Stream tonight will be writing our payload to the Wii U, as promised forever ago."

....

( ͡° ͜ʖ ͡°)

Let's hope that leads to proper boot execution of code.