Hey, couple of questions!

Discussion in 'Wii U - Hacking & Backup Loaders' started by Sphere, Sep 20, 2016.

  1. Sphere
    OP

    Sphere Advanced Member

    Newcomer
    88
    6
    Aug 12, 2016
    Hey there folks,

    With the help from this community I was able to exploit my wiiU to be able to run emulators and make use of loadliine last night, very grateful of their help!

    Now regarding my questions,
    1. Is these exploits being run through mii due to a lack of permission? To put it straight, these somewhat slow loadtimes and making use of the browser to hack is due to lower permissions? (I'm just want to get a deeper understanding of what I did to my wiiU, I'm no developer or will ever be, probably way to dumb for that but it's just curiosity)

    2. Is there any development progress or a group that tries to make this run directly without having to resort to, ehm. making use of browser / mii? Anything I can follow on twitter or so?

    Big thanks for the helpful people on this board, to the developers and all other people that made this possible, you're beasts!
     
  2. DavidRO99

    DavidRO99 Average Ryzen user.

    Member
    975
    281
    Jun 11, 2016
    Korea, North
    your back-door
    1. Yes, you are kinda correct. You can also use a smash disk
    2. ISOU... wait for it
     
  3. CreeperMario

    CreeperMario GBAtemp Advanced Fan

    Member
    616
    364
    Jun 18, 2016
    Australia
    OSv10 v15702
    Firstly, yes, that is because of our lack of permissions to the console. The console is made up of three main layers of security:
    Userland - This is where we achieve basic code access. This is mainly from an exploit available in a software program, e.g. the web browser.
    Kernel - The kernel basically controls access to the system programming library, controls memory access and handles the currently open software. With a kernel exploit, we have access to the console's raw memory, which allows us to patch things into other software. I'll explain this further later on.
    IOSU - This is the final barrier, which has not been cracked yet. (Private exploits are in the works, but nothing is public yet). People are saying that this is the "big boy" as it gives us full privileges to the console, which means custom firmware (allowing us a permanent entry point), installing homebrew and pirated/backup software directly to the Wii U Menu and being able to play such backup software online. Though in terms of homebrew games and emulators, for example, an IOSU exploit does not change much.

    With our current kernel access, as I said before, we can edit the memory of other applications. This is useful because the web browser does not have the necessary permissions to access the SD Card or sound cores. Mii Maker is allowed to access both, so why not take over Mii Maker? Once we achieve haxx in the browser (by launching HBL via loadiine.ovh or wiiubru.com/x or another site/self host) we exploit the kernel to allow us memory access, then we hook some functions and press some buttons to patch the Mii Maker launcher to point to the HBL file on your SD Card instead of loadiing the Mii Maker file from the system storage. There are disadvantages to this method, though. We cannot play backups online, because the console still thinks we're using Mii Maker, not the target backup.

    As for your second question, the current team working on an exploit targeting IOSU permissions is the SALT team, which consists of @shinyquagsire23, @Relys, @Dazzozo and probably other people I can't remember. I can;t seem to find a central resource for them other than their GitHub pages and Twitter account, both of which don't seem to be updated often. Dont; worry, though, the moment an IOSU exploit is released, GBATemp will crash under the traffic. You'll know then. :P

    If there's anything else anyone wants me to explain, feel free to ask me. I'm away from my console, but over the next few weeks, if I have time I'll log on to GBATemp and answer questions.
     
    David Rico, Netux, Wolfy and 5 others like this.
  4. Sphere
    OP

    Sphere Advanced Member

    Newcomer
    88
    6
    Aug 12, 2016
    This was very informative and a fun read!
    Why was mii maker chosen over like say, a retail game or perhaps another app? <- Does it have to do with SD card accessbility?
    And what exactly does "memory" mean?
    There's so many questions I would like to ask just don't really know how to write them down lol, stuff like this is super interesting!

    Thanks for taking your time to write this down!
     
  5. Marko76

    Marko76 GBAtemp Psycho!

    Member
    3,519
    1,978
    Aug 19, 2015
    United Kingdom
    Clydebank
    Mii Maker was chosen for two reasons
    1. It's on everyone's wiiu
    2. It has sd card access

    Memory is where all the game information is loaded to. it is cleared every time you switch off the wiiu.
     
    Last edited by Marko76, Sep 20, 2016
    Netux and Sphere like this.