Hacking Curious. What exactly happens to the wii u when you use mocha cfw?

[WaterManny1]

What happens to the wii u internally when you load cfw mocha? is it more straining for the wii u?

 

[BaamAlex]

What happens to the wii u internally when you load cfw mocha?

You load custom code to patch the sysnand. That means you can install custom channels.

is it more straining for the wii u?

Why should it be? It is only more straining for the user because mocha works only through the browser exploit

 

[Cyan]

it uses a vulnerability (a bug!) in the kernel to get write access to the memory. then reloads the firmware (fw.img) and patches some functions directly in memory to disable the signature check, so the firmware file is not really modified only the copy of that firmware loaded in the console's memory and that's why you need to do it every time you reboot the console.
when Mocha was created, it used to reload a patched version of the firmware from SD card, now it's doing the patches live directly on the console.
as it's a memory patch, it's available until the firmware is unloaded (going into vWii, or shutting down)

If you wonder why we can't just replace the fw.img with a patched version directly on the console, it's because that file is signed. it has a "file modification verification" by the console at boot, so it can't be modified. It needs to be done in memory after the file is loaded there.
the console usually has a memory edition protection (called "Kernel") to prevent hackers from editing it, but there's a bug in Nintendo's code which can be exploited to do it anyway.


There is not straining, the memory having a value instead of another value, doesn't change how good the console works. it's still just a value in memory, being in CFW or not that info has to be loaded in memory anyway.


big visual example when you launch an app, it looks for that part of code currently in memory (fw.img is in memory, loaded at console boot):

1 the console checks the signature of the app
2 if the signature is bad, go to line 4
3 if the signature is good, go to line 5
4 display an error message (indefinitely!)
5 continue execution of launched app.

the CFW patch replace "go to line 4" with "go to line 5", it's just a replaced number!

Of course there are much more changes done in the real patch, but the idea is the same.
There are patches for signature check, another one for region free, another one to repatch fw.img when exiting the settings menu, etc.


with Mocha, you have to launch the firmware patcher yourself from the Homebrew Launcher. so you need to launch 2 apps ! Mocha reloads to system menu once the patched fw.img is in memory.

With Haxchi, you have to launch firmware patcher which is included inside the Haxchi channel. so you need to launch 1 app! Haxchi reloads to system menu once the patched fw.img is in memory.

With ColdBootHaxchi (CBHC), the console boots that haxchi channel automatically. you don't have anything to launch ! the fw.img is automatically patched at console boot and the system menu ready to be used. you only have to care about the game you want to play.

 

[Dust2dust]

1 the console checks the signature of the app
2 if the signature is bad, go to line 4
3 if the signature is good, go to line 5
4 display an error message
5 continue execution of launched app.

Reminds me of old-school BASIC language. There is a bug, though. Line 4 should have ":END" at the end. Otherwise, the code would continue to line 5 and the app would execute, even with bad signature and no sig patches.

 

[Cyan]

I "imagined" that the error message just looped on it "displaying the error message" does nothing more than that. if there's an error display, it means it doesn't work, so it doesn't continue after the error or else there's no error displayed anymore and it means it works.
it's just a branch for -> stop execution.
it's not a real, nor even a visual, diagram of what the code should do. But I could have added "and stop there"