Hacking Coding vWii 3-core support - everything you need to know.

[Snailface]

Well you motivated some people who could turn out to be experts.

https://mobile.twitter.com/WiidevU

You may not've released the exploit but you gave us the next best thing which is an idea of how to go about getting it.

He sure did gave them some motivation, just maybe not the type you imagined
https://twitter.com/Condorstrike/status/418530429742772224

 

[the_randomizer]

Boy that escalated quickly

 

[Ray Lewis]

He sure did gave them some motivation, just maybe not the type you imagined
https://twitter.com/Condorstrike/status/418530429742772224

I want a log from irc #wiidevu chat. Anyone have it?

I only heard people say caw is cool. He does not seem arrogant. "We want experienced people involved" they say...then apparently talk garbage when somebody does show interest. Is caw horrible or what am I missing? Lol, again, I've seen that and other channels (different names and IP as well). Some must have the log. Copy/paste to me in pm please.

 

[delroth]

"Experts"? Everything so far has shown that these people have no idea what they're doing and that they're more interested in monetizing their work via donation or ads instead of actually having some work done.

Just look at http://webcache.googleusercontent.c...u.wikia.com/wiki/Cafe2Wii+&cd=1&hl=en&ct=clnk . Anyone that has a clue about reverse engineering should find that laughable. More than that, anyone who has a clue about the Wii U should understand that you can't even have c2w plaintext until very far into the effort (that was one of the last pieces RE'd by f0f, for a good reason).

 

[marcan_troll]

I am always amazed at how console scenes have the ability to bring together people who clearly have no idea what they're doing, where the topic and goal at hand are way above their heads, and anyone with half a clue can see that, and yet they themselves seem to be incapable of realizing that fact.

Everywhere else where this happens, it's usually one person at a time, and all everyone else can do is shake their heads and continue moving on (or not moving on, depending). But here, somehow, every now and then a random little "groups" or "teams" pops up, full of apparently clueless people, all reinforcing each other and yet ultimately incapable of doing anything useful for the subject at hand. The collective Dunning-Kruger effect in full swing.

And then, when we point this out, we're branded elitists.

Seriously, guys, this stuff isn't rocket science, but you don't learn it in a day. Or a year. I knew what a symbol was >10 years ago. It doesn't have to take that long, but it also doesn't take less than 1/10th of that time unless you're some kind of genius.

(Note: I am basing this on the aforementioned cache link by delroth as being representative of what this team's knowledge level is. Feel free to prove me wrong by providing counter-evidence.)

 

[BIFFTAZ]

Feel free to prove me wrong by providing counter-evidence.)

Just wanted to lighten the mood... But you really cant argue with a guy that has a windmill beard...

*Crawls back into the dark hole I came out of...

 

[Sparks43]

 

[marcan_troll]

I have to admit I can't argue with windmill-beard. Carry on.

 

[FPSRussi4]

I have a question. Besides this WiidevU team, is there anyone else out there who is actively working on developing an exploit for the WiiU after f0f gave their hint?

 

[Ray Lewis]

Is there? One mention before wiidevu was "four horsemen" who turned out to be "somebody" talking to "Bubba", aka djbubba2002 on this site. When questioned about it he went silent. If there is then they are silent...at least in forums.

 

[Jackalus]

"Experts"? Everything so far has shown that these people have no idea what they're doing and that they're more interested in monetizing their work via donation or ads instead of actually having some work done.

Just look at http://webcache.googleusercontent.com/search?q=cache:ZIfatMopZTQJ:wiidevu.wikia.com/wiki/Cafe2Wii &cd=1&hl=en&ct=clnk . Anyone that has a clue about reverse engineering should find that laughable. More than that, anyone who has a clue about the Wii U should understand that you can't even have c2w plaintext until very far into the effort (that was one of the last pieces RE'd by f0f, for a good reason).

Well leaving symbols to binary is typical mistake by developers. Few closed arcade systems that I've reversed they did the same mistake. On World of WarCraft alpha they did the same mistake and arcade game I recently reversed they did the same mistake. With they I mean developers.

I for example am not interested in reversing Wii-U because it makes no income, I rather work on stuff that makes the $, let other people reverse these kind of things and then just use their work to make my life easier

 

[Ray Lewis]

Well leavinfraud bols to binary is typical mistake by developers. Few closed arcade systems that I've reversed they did the same mistake. On World of WarCraft alpha they did the same mistake and arcade game I recently reversed they did the same mistake. With they I mean developers.

I for example am not interested in reversing Wii-U because it makes no income, I rather work on stuff that makes the $, let other people reverse these kind of things and then just use their work to make my life easier

Makes sense but does not help us.

 

[uyjulian]

If you have a life why not stop posting on this forum (gbatemp is bad place to discuss your exploits, because of fucking idiots who have no clue about anything. all they want is free stuff, they don't appericate the people that made free stuff.) and go do something you like?

 

[OncleJulien]

we have loads of experts here…their expertise lies in varied fields, some of which help the cause, most of which do not:

the unbridled enthusiast
the_mixerupper - i'm buying a fortran book today so i can pitch in!

the former unbridled enthusiast (one month later) now the weaponized entitlist
sunburnedrancher - some f0f motherfucker owes me $400, pronto!

the if not me, then whoist?
minternal - i understand enough to know what i don't know, dont ya know?

the above it allist
lad24 - honestly, i could tell you precisely how it all works, but you still wouldn’t understand it and ultimately blame me for your own stupidity.

and, of course, the other 98% of gbatemp:
errybody else - backup loaders yet? nope? pm me when they're ready.

i'm making no value judgements here, of course, simply commenting on the ecosystem as i've observed it for a number of years...your mileage may vary.

 

[nitr8]

This thread is not even what it was supposed to be. People are flaming each other instead of doing what once the goal of this thread was. It's a shame... -.-

 

[obcd]

Dunning and Kruger proposed that, for a given skill, incompetent people will:

1. tend to overestimate their own level of skill;
2. fail to recognize genuine skill in others;
3. fail to recognize the extremity of their inadequacy;
4. recognize and acknowledge their own previous lack of skill, if they are exposed to training for that skill.

I just hope 2 isn't the problem causing the flaming.
Even If it isn't, the solution is in 4. 30C3 can be seen as 4 but a 1 hour training and 1 blogpost isn't enough to understand the complexity of it all.

 

[Jackalus]

Reversing is an art that takes years to master. I have been reversing since 2002 and still I am not master of all platforms.

You cannot just come and "do" something no matter how much you would want it. I was almost throwing my computer out of window on many occasions when I was younger and learning.

Also there is no school of reverse engineer as far as I know of. You just learn more and more tricks in your bag as the years go by when you are reversing all sort of different things for fun or for some company you are working for.

 

[obcd]

The purpose of this Thread was 3 core linux.
The purpose of 3 core linux was getting the exploit so that 3 core linux could be used in wiiu mode (Specially the extra memory is needed for fluid linux)

So, are we (or someone with higher expertise) supposed to find the exploit in the wiiu webbrowser?
Comex told on 30C3 he found one he used to dump the data (not the code as the instruction bat wasn't setup)
I believe he also told that once Marcan got the keys, it made his work unneccessairy.
Didn't he mention that latest firmwares used a newer webkit codebase?
Could that mean that the exploit he initially used was patched?

Besides the webbrowser, another thing that can be exploitable are gamesaves.
As those are signed by the game itself, the key to sign them exists on the console.
Once their encryption key and signing key is known, they can be corrupted and perhaps used to run unsigned code.
As wiiu uses it's own cafe os, it's very well possible code execution isn't possible like that....
Remember on 30C3 that there was a code execution exception for the webbrowser to allow git execution....

 

[Jackalus]

Remember on 30C3 that there was a code execution exception for the webbrowser to allow git execution....

wat?

You mean he looked at GIT repository of WebKit and found exploit there by checking unit tests even tho he wasn't allowed to see commit messages.

 

[obcd]

That's pretty much what he told us on the 30C3 presentation.
He also told that code and data memory are separated, but that there was an exception for the webbrowser.
He said Iphone uses the same approach...
He mentionned something about the latest firmware using a more recent webkit.
He didn't really explain the relevance of that besides the fact that older bugs fixed in that version can't be exploited anymore.
He also said his work was absolete once Marcan found the keys. This stands contrary to the idea that the exploit is in the browser..