Homebrew maybe Closer Than We Think?

Discussion in 'Wii - Hacking' started by jaxxster, Jul 15, 2007.

Jul 15, 2007
  1. jaxxster
    OP

    Member jaxxster The Heretic

    Joined:
    Oct 31, 2006
    Messages:
    2,423
    Location:
    South East London
    Country:
    United Kingdom
    "Flash Player in Wii internet channel can be exploited to possibly run custom code

    Adobe issued a security bulletin four days ago which notes that the Flash Player as used in the Wii's Internet Channel can be exploited to run arbitary code due to an input validation error in flash. This could lead to a gate-way for hackers to create some form of homebrew launcher. The good news is that Nintendo may not be able to patch this exploit too quick as they will have to get a new 'un-exploitable' version of the Flash player from Adobe."

    Taken from mc.net
     
  2. jeklnoo

    Member jeklnoo GBAtemp Fan

    Joined:
    Oct 20, 2006
    Messages:
    335
    Country:
    United States
    sorry....that site says it affects 7.0.69.0 and lower, and the wii has 7.0.70.0 installed [​IMG]

    also, the details seem to imply that the 'arbitrary code' would be actionscript code, which wouldn't help us a whole lot.
     
  3. Pikachu025

    Member Pikachu025 GBAtemp Advanced Fan

    Joined:
    May 3, 2006
    Messages:
    960
    Location:
    Austria
    Country:
    Austria
    What about the Test-Version of the Wii Browser? What version has that one got?
     
  4. imgod22222

    Member imgod22222 GBAtemp's Original No-faced Member

    Joined:
    Jul 5, 2006
    Messages:
    1,555
    Country:
    United States
    yeah, actionscript has no 'low-level' control over anything. The only thing that I know AS 2.0 (i haven't gotten ahold of anything AS3.0) could do besides manipulate its own code is 1) write a single file to your hard drive specifying what 'settings' you may implement 2) Communication to a server. But the actual communication is handled by something else, PHP for example.

    NOTE: I've only taken one year of AS 2.0 in highschool. we don't have CS3 and AS3.0 yet.
     
  5. Hitto

    Member Hitto MKDS Tournament Winner

    Joined:
    Nov 29, 2005
    Messages:
    1,450
    Location:
    Nice, France
    Country:
    France
    If you can write *anything* at all, even a measly cookie on a resident drive, shouldn't that open a fuckload of possibilities?
    I thought you could launch executables with AS2... But dunno how the wii would talk to the browser.
     
  6. moshii

    Member moshii GBAtemp Regular

    Joined:
    Jun 6, 2006
    Messages:
    216
    Location:
    函館
    Country:
    Japan
    You need to get a lot closer to the metal before you can do much... chances are the Wii browser is sandboxed; damage limitation for exploits like this.
     
  7. EarthBound

    Member EarthBound a/s/l?

    Joined:
    Aug 28, 2003
    Messages:
    825
    Location:
    Fort Worth,Texas
    Country:
    United States
    Nothing was ever found for the last browser exploit so I doubt anything will come of this.
     

Share This Page