Fail0verflow release more... somethings.

Discussion in 'Wii U - Hacking & Backup Loaders' started by Gnargle, Dec 30, 2012.

Thread Status:
Not open for further replies.
  1. Gnargle
    OP

    Gnargle The day I set a profile picture is the day I die

    Member
    588
    76
    Jul 29, 2008
    England
    http://fail0verflow.com/blog/2012/30days.html
    These guys. I don't know what's going on but also, I don't care. I AM EXCITE.
     
  2. mike333

    mike333 GBAtemp Advanced Fan

    Member
    708
    61
    Aug 30, 2010
    Poland
    this looks like status update from 29C3
    we should get more info in a few days
     
  3. SifJar

    SifJar Not a pirate

    Member
    6,022
    892
    Apr 4, 2009
    Hashes. They are hashes. SHA-1 hashes.
     
  4. Gnargle
    OP

    Gnargle The day I set a profile picture is the day I die

    Member
    588
    76
    Jul 29, 2008
    England
    I am fully aware of that, but they're hashes for... things. And we don't know what things.
     
  5. Supercool330

    Supercool330 GBAtemp Advanced Fan

    Member
    687
    140
    Sep 28, 2008
    United States
    I would guess that these are file hashes for some sort of exploit that they are sharing on some sort of anonymous file sharing network that uses sha-1 hashes. Those that the messages are intended for know how to use the hashes to get the files, and it doesn't leave a peer to peer file trail. Either that, or they could be hashes of keys, but that would be stupid as Nintendo could easily figure out which keys had been compromised without them being released to the community.

    I'm sure the congress thing is a reference to 29C3 (which ends today). That I know of, Failoverflow didn't have any talks scheduled, but they almost certainly had tables. Maybe one of the 29 people cheering on the one will shed some light on what is happening. Recordings of the talks can be found here.
     
  6. Vappy

    Vappy GBAtemp Advanced Maniac

    Member
    1,507
    1,154
    May 23, 2012
    Likely a reference to
    Hector Martin@marcan42
    At 29C3. My Wii has a public IP. HBC has a class B (/16) filter. The 29c3 net is a class B. The entire congress can upload code to my Wii.
    Hector Martin@marcan42
    I mean, what could possibly go wrong?

    then, after f0f tweeted that, he posted
    Hector Martin@marcan42
    I love it when people forget to strip their binaries. Thanks, Nintendo!
     
  7. Ray Lewis

    Ray Lewis Banned

    Banned
    1,518
    386
    Dec 30, 2012
    United States
  8. Ray Lewis

    Ray Lewis Banned

    Banned
    1,518
    386
    Dec 30, 2012
    United States
    Usually the trick is to run UNSIGNED code some how. 360 was JTAG then RGH, PS3 I avoided but was figured out, BUT if they have THE key to sign programs with, that would probably be WIDE OPEN system then. This is all speculation here guys, was part of PSP days, WII days, 360 days, handy with the soldering iron, RGH 360s for people, and honestly I am very excited about the releases of information. ANTICIPATION is killing me;-)
     
  9. Vappy

    Vappy GBAtemp Advanced Maniac

    Member
    1,507
    1,154
    May 23, 2012
    Could be possible they've found a way to calculate the private keys. I think it was mentioned that what they'd found would be difficult for Nintendo to fix.
     
  10. Ray Lewis

    Ray Lewis Banned

    Banned
    1,518
    386
    Dec 30, 2012
    United States
    Have not seen anything mentioning hard for Nintendo to fix. Proof? Link? A guy posted a conversation and I realized it involved reverse engineering. No other reason for a "non stripped binary" to be relevant that I could imagine. Did not see all conversation either.
    Edit: correction, that guy was you vappy. Have more convo to share, please?
     
  11. Vappy

    Vappy GBAtemp Advanced Maniac

    Member
    1,507
    1,154
    May 23, 2012
    No first party account, I read it in a thread on NeoGAF.
    http://www.neogaf.com/forum/showpost.php?p=45571876&postcount=389


    Normally I wouldn't hold much trust to someone I've never heard of posting some rumor mill stock, but with NeoGAF being known as on the whole much more reliable than your average forum, and with the post seeming believable, I reckon it's worth not ignoring.
     
  12. Ray Lewis

    Ray Lewis Banned

    Banned
    1,518
    386
    Dec 30, 2012
    United States
    Thanks for that. Any specific forums or places where failoverlow talks can be seen? Anymore info?
     
  13. lampjese

    lampjese Advanced Member

    Newcomer
    87
    15
    Oct 11, 2009
    Netherlands
    Schoorl
  14. Ray Lewis

    Ray Lewis Banned

    Banned
    1,518
    386
    Dec 30, 2012
    United States
    Thanks, added that to favorites
     
  15. Ray Lewis

    Ray Lewis Banned

    Banned
    1,518
    386
    Dec 30, 2012
    United States
    Anyone run sha-1 hashes through decryption? Found some websites that claim they can be decrypted once hashes are found;-). Not my specialty but possibly this is hash for private keys;-)
     
  16. whinis

    whinis Member

    Newcomer
    31
    6
    Apr 16, 2010
    United States
    SHA-1 can't be decrypted its not an encryption but rather a sum of the parts. The best you can do is find a value that gives the same SHA-1. This would be useless to us unfortunately,
     
  17. mike333

    mike333 GBAtemp Advanced Fan

    Member
    708
    61
    Aug 30, 2010
    Poland
    What if You are calculating sha of sensitive data which is short? There are techniques which allows You to make collision and still provide useful data from You standpoint.

    edit:
    About fail overflow blog, they are hovering 16 bytes of 20byte hash.
    So maybe wiiu software only checks for 16 bytes which makes collisions easier?
     
  18. whinis

    whinis Member

    Newcomer
    31
    6
    Apr 16, 2010
    United States
    Seems rather unlikely and more that they are replicating their logo. Also I believe a key would be 32 or 64 bytes but its not my specialty. And while you could possibly we have no idea what they are hashing, it might be a file or a key or even a memory dump.
     
  19. Ray Lewis

    Ray Lewis Banned

    Banned
    1,518
    386
    Dec 30, 2012
    United States
    Interesting stuff. I keep checking around for updated or even leaked inside info.
     
  20. Ray Lewis

    Ray Lewis Banned

    Banned
    1,518
    386
    Dec 30, 2012
    United States
    Did not find much, surprised more people are not fiending over what this is and what it COULD mean.
     
Thread Status:
Not open for further replies.