Hacking Contenthax - a Vulnerability in Wii U File System Verification

[victormr21]

Hi!
Correct me if im wrong (@Masterwin too)
There is a method to load HBL directly from Kawashima´s game in EUR and USA consoles
We can launch it from other DS roms
We can launch redNAND directly from @TheCyberQuake but only in USA consoles??? Can we do it in EUR consoles, is there a method to use it in EUR consoles??
Bye!!

 

[peteruk]

How come in Europe the Brain game is free to download on the standard (white) console but £6.29 for the premium console (black) ? Anybody know ?

 

[TheBroCode]

How come in Europe the Brain game is free to download on the standard (white) console but £6.29 for the premium console (black) ? Anybody know ?

It was free for both consoles but only for a certain amount of time, and I think possibly only if you had notifications on.

 

[peteruk]

It was free for both consoles but only for a certain amount of time, and I think possibly only if you had notifications on.

ahhh ok, thanks mate, couldn't figure it out, my friend with a white one was able to get it free yet myself and a different friend with black would have to pay

well that clears it up, thanks

 

[loler55]

Go in system settings and exit then retry

Thats is helpful for me??
I Try that lets see

 

[huma_dawii]

Can someone pass a pre compiled version of the "Selectable ELF"?

 

[Xdsaa]

his really was quite a LOT of work to get done in some reasonable fashion, so dont come at me and ask if I can port it to other versions please, it was a lot of work already.

Hello, how can I create the exploit for new super mario bros DS USA
I'm your fan !

 

[AboodXD]

Do you even know what you're talking about?

Ya...

 

[KiiWii]

Ya...

"haxchi exploits a bug in the emulator's rom loader, and basically gets it to perform arbitrary memcpy operations. from there, achieving code execution is trivial given that there is no ASLR in place."

 

[AboodXD]

"haxchi exploits a bug in the emulator's rom loader, and basically gets it to perform arbitrary memcpy operations. from there, achieving code execution is trivial given that there is no ASLR in place."

I was talking about contenthax:
"The Wii U's data management system does not include provisions to validate the integrity of most title contents after installation. Any title contents using hash tables for verification (content type 0x0002 in tmd, using *.h3 files) are vulnerable. Generally, all contents are vulnerable apart from those in /code.
As such, any game or app's contents may be altered by attackers."

And I really know what I'm talking about

 

[KiiWii]

I was talking about contenthax:
"The Wii U's data management system does not include provisions to validate the integrity of most title contents after installation. Any title contents using hash tables for verification (content type 0x0002 in tmd, using *.h3 files) are vulnerable. Generally, all contents are vulnerable apart from those in /code.
As such, any game or app's contents may be altered by attackers."

And I really know what I'm talking about

<FACE DESK>

 

[Masterwin]

Hi!
Correct me if im wrong (@Masterwin too)
There is a method to load HBL directly from Kawashima´s game in EUR and USA consoles
We can launch it from other DS roms
We can launch redNAND directly from @TheCyberQuake but only in USA consoles??? Can we do it in EUR consoles, is there a method to use it in EUR consoles??
Bye!!

https://github.com/FIX94/haxchi/releases

10179B00 - US Brain Age
10179C00 - PAL Brain Training
10198A00 - US Yoshi's Island DS
10198A00 - PAL Yoshi's Island DS
101A5600 - US Kirby Squeak Squad
101A5700 - PAL Kirby Mouse Attack

Yes, we can also direct from rednand, but these are prepared for hbl

 

[Maschell]

I was talking about contenthax:
"The Wii U's data management system does not include provisions to validate the integrity of most title contents after installation. Any title contents using hash tables for verification (content type 0x0002 in tmd, using *.h3 files) are vulnerable. Generally, all contents are vulnerable apart from those in /code.
As such, any game or app's contents may be altered by attackers."

And I really know what I'm talking about

So why you comparing this vulnerable with cafiine?

 

[KiiWii]

@AboodXD repeat after me:

Cafiine requires kernel to run.

Content Hax requires WUP server.

... NSMBUHAX? Who knows...

 

[Afraidium]

From laughter of course.

 

[AboodXD]

So why you comparing this vulnerable with cafiine?

Because it's kinda the same thing.
I wasn't comparing anyway...

Think about it.
Cafiine wouldn't have worked without sig patched if the Wii U checks the hashes of the game files.
Isn't that what contenthax is? Replacing files because the Wii U doesn't check the hashes?

Except contenthax is a vulnerable.

 

[kfrfansub]

Sorry if it is a stupid question but why it isn't possible to install the VC game with modified rom directly with the brazilian way (wup installer y mod) ?

 

[AboodXD]

... NSMBUHAX? Who knows...

No.

Read my previous post please.

Anyway, it's pretty nice how hacky it is to replace the meta files and turn a DS game to Homebrew Launcher. XD

 

[Maschell]

Because it's the same thing.
Think about it.
Cafiine wouldn't have worked without sig patched if the Wii U checks the hashes of the game files.

You have no idea what you're talking about...

 

[KiiWii]

Sorry if it is a stupid question but why it isn't possible to install the VC game with modified rom directly with the brazilian way (wup installer y mod) ?

AFAIK Because it needs ticket.

It can be installed to redNAND fake signed.