Homebrew maybe Closer Than We Think?

Discussion in 'Wii - Hacking' started by jaxxster, Jul 15, 2007.

  1. jaxxster
    OP

    jaxxster The Heretic

    Member
    2,423
    0
    Oct 31, 2006
    South East London
    "Flash Player in Wii internet channel can be exploited to possibly run custom code

    Adobe issued a security bulletin four days ago which notes that the Flash Player as used in the Wii's Internet Channel can be exploited to run arbitary code due to an input validation error in flash. This could lead to a gate-way for hackers to create some form of homebrew launcher. The good news is that Nintendo may not be able to patch this exploit too quick as they will have to get a new 'un-exploitable' version of the Flash player from Adobe."

    Taken from mc.net
     
  2. jeklnoo

    jeklnoo GBAtemp Fan

    Member
    335
    0
    Oct 20, 2006
    United States
    sorry....that site says it affects 7.0.69.0 and lower, and the wii has 7.0.70.0 installed [​IMG]

    also, the details seem to imply that the 'arbitrary code' would be actionscript code, which wouldn't help us a whole lot.
     
  3. Pikachu025

    Pikachu025 GBAtemp Advanced Fan

    Member
    969
    34
    May 3, 2006
    Australia
    Austria
    What about the Test-Version of the Wii Browser? What version has that one got?
     
  4. imgod22222

    imgod22222 GBAtemp's Original No-faced Member

    Member
    1,555
    0
    Jul 5, 2006
    United States
    yeah, actionscript has no 'low-level' control over anything. The only thing that I know AS 2.0 (i haven't gotten ahold of anything AS3.0) could do besides manipulate its own code is 1) write a single file to your hard drive specifying what 'settings' you may implement 2) Communication to a server. But the actual communication is handled by something else, PHP for example.

    NOTE: I've only taken one year of AS 2.0 in highschool. we don't have CS3 and AS3.0 yet.
     
  5. Hitto

    Hitto MKDS Tournament Winner

    Member
    1,450
    0
    Nov 29, 2005
    France
    Nice, France
    If you can write *anything* at all, even a measly cookie on a resident drive, shouldn't that open a fuckload of possibilities?
    I thought you could launch executables with AS2... But dunno how the wii would talk to the browser.
     
  6. moshii

    moshii GBAtemp Regular

    Member
    216
    0
    Jun 6, 2006
    函館
    You need to get a lot closer to the metal before you can do much... chances are the Wii browser is sandboxed; damage limitation for exploits like this.
     
  7. EarthBound

    EarthBound a/s/l?

    Member
    844
    3
    Aug 28, 2003
    United States
    Fort Worth,Texas
    Nothing was ever found for the last browser exploit so I doubt anything will come of this.