Hacking Hykem's 5.5 iosu Exploit

Status
Not open for further replies.

SonyUSA

We're all mad here
OP
Editorial Team
Joined
May 12, 2006
Messages
1,629
Trophies
1
XP
4,523
Country
United States
IS IT OUT?! (( No )) -- Updated 2/1/2016 12:16AM MT (UTC -7)

Also, check here: http://gbatemp.net/members/hykem.349530/

If you accidentally updated to 5.5.1, it appears that Yellows8's .mp4 exploit has NOT been patched (confirmed by Crediar).

Hykem say's 5.5.1 is OK (But update at your own risk !)

Just what is this thing, exactly?!

Hykem has developed an exploit that can be launched through the Wii-U web browser that can take full control of the system's iosu. From there, we can gain control of the kernel as well and have unrestricted access to the entire system!

What do I need?
- A WiiU on any firmware up to 5.5 (Any unit in any store will have this)
- An SD Card
- A WiFi connection for the WiiU to connect to
- *A compatible External Hard Drive (*Optional)


Phase 1: Setting up TubeHax DNS (Thanks Smea!)
Blocking future updates is critical to retaining exploits on your system. The WiiU automatically downloads and applies updates as it receives them, even in standby mode! You will still be able to play your games online with this, as long as the GAMES THEMSELVES are updated.

Step 1: Power on your system and go to Settings > Internet > Connect to the Internet.

Step 2a: If you don't have a connection already set up, do it now but when it asks if you want DNS to be Automatic or Manual, choose Manual and follow the rest of the steps.

Step 2b: If you have an existing WiFi connection, press X or tap the button in the top right corner to view Existing Connections

Step 3: Choose your connection from the list. I recommend only having 1 at a time so that if you are roaming with your WiiU or have more than one access point it doesn't switch connections and download an update on you.

Step 4: Change Settings > Press the Scroll Arrow on the Right > DNS > Don't Auto Obtain

Step 5: Tap the Primary DNS and set it to 107.211.140.065 -- You can leave the Secondary DNS as 000.000.000.000 (Some people don't know anything about networking and think this could leave their system vulnerable to updates. If you're paranoid, just set the Seconday DNS to 107.211.140.065 as well).


Step 6: Confirm > Save > Save > Quit

Phase 2: Loading the Exploit (Coming Soon!)

Step 1: Download the starter pack from HERE and copy it to your SD card, then insert it into the WiiU. (Coming Soon)




So, should I update to 5.5 ?
That's a complicated answer. There have been no -major- library changes from 5.3.2 to 5.5 (except the in-game manual app) so the chances of a game or homebrew not working on your version are slim to none. There is a small possibility of the 5.5 webkit exploit used for this being very unstable, and -possibly- even not working at all, but Hykem says he will support 5.4/5.5. Those on lower firmware still retain the extra chance for a more robust or stable hack, AND, once iosu is fully exploited, custom firmware can be installed on the Wii-U and emuNAND can be used, so the system version won't even be an issue anymore.

"But won't emuNAND be blocked like the N3DS?" you say. The Wii-U doesn't have the extra hardware that the N3DS has that blocks getting the keys to use for emuNAND. You can select and install components individually, or someone may make a "CFW Pack" to update your emuNAND with, which (may) contains pre-patched tickets/content to keep your emuNAND pre-modded. It's possible a newer iosu may come out that can't be decrypted, but... *shrug*
TL;DR -- No, don't update. Stay where you are.


Initially? Nothing at all, unless Hykem releases a tool or app with the launch of the exploit (which he may or may not have hinted at). Eventually, this could lead to many, many things. Including:

- Countless homebrew games/apps/emulators
- USB Loader
- A title installer (Like Devmenu/BBM/FBI for 3DS)
- EmuNAND
- Real-Time Cheats
- Custom SysNAND firmware
- Custom game content (Mario Kart Tracks, Smash Bros. Fighters, etc.)
- NDS ROM Injection (!)

I SET UP TUBEHAX AND GOT THIS SYMBOL! DOES THIS MEAN A NEW FIRMWARE IS OUT?! OMG EVERYONE PANIC!!!

wT8uKvA.png


Calm down, it just means that the WiiU tried it's periodic check for an update file and failed because you have TubeHax DNS set up PROPERLY.

Hykem isn't currently accepting donations, but he wishes for you to donate to the developers that follow up with this exploit and their efforts!
 
Last edited by SonyUSA,

SonyUSA

We're all mad here
OP
Editorial Team
Joined
May 12, 2006
Messages
1,629
Trophies
1
XP
4,523
Country
United States
Sorry guys, I have another 13 hours of a car ride before I get to my new place and this stupid Verizon tether isn't working on my Note, I'll answer questions when I arrive if nobody answers before I do. The forums work like butt with the Android browser and not at all with mobile firefox lol.:)

--------------------- MERGED ---------------------------

Even if it's buried. I believe the author of the exploit should be the one posting a thread about his own exploit.

Well he didn't, and it wasn't on the front page, so the general populace doesn't know about it. So I figured I would make a post. What are you the gbatemp.net police or something? Chill out.
 

SonyUSA

We're all mad here
OP
Editorial Team
Joined
May 12, 2006
Messages
1,629
Trophies
1
XP
4,523
Country
United States
The general people do not have to know about it as it will just attract unwanted attention and a flood of threads asking stupid questions. @SonyUSA

I honestly did not mean to make a fuss, but based on your reply, you seem quite the emotional type.

Yeah I'm on my period. What's your excuse? The gbatemp.net owners are more than happy to take the added user base because that means more revenue. If I was worried about stupid questions I wouldn't write guides and answer those questions that I prompt because of my actions.

I teach the first wave of people, then they teach the wave after them when they repeat the same questions. It works itself out quite nicely.

--------------------- MERGED ---------------------------

I hope 5.4 is the priority behind 5.5. I gave up on waiting for a 5.4 kernel exploit so this is probably as good as it'll get.

It will be ported to the 5.2-5.5 range by first release I'm sure since that's where almost everyone is sitting. The rest can come later, depending on how he feels about porting and adding the obfuscation.
 

DarkFlare69

Well-Known Member
Member
Joined
Dec 8, 2014
Messages
5,145
Trophies
2
Location
Ohio
XP
4,550
Country
United States
Yeah I'm on my period. What's your excuse? The gbatemp.net owners are more than happy to take the added user base because that means more revenue. If I was worried about stupid questions I wouldn't write guides and answer those questions that I prompt because of my actions.

I teach the first wave of people, then they teach the wave after them when they repeat the same questions. It works itself out quite nicely.

--------------------- MERGED ---------------------------



It will be ported to the 5.2-5.5 range by first release I'm sure since that's where almost everyone is sitting. The rest can come later, depending on how he feels about porting and adding the obfuscation.
What will an IOSU exploit do that kernel can't ?
 

SonyUSA

We're all mad here
OP
Editorial Team
Joined
May 12, 2006
Messages
1,629
Trophies
1
XP
4,523
Country
United States
Ok, from what I read, it does not need Kernel exploit. I am still confused what IOSU can do? What is it for and what can happen/become of it?

iosu is responsible for cert/app signing and security, so possibly anything -you- may want to do could be done with this exploit (read: warez).
 

Myth

Well-Known Member
Newcomer
Joined
Jun 3, 2015
Messages
86
Trophies
0
XP
108
Country
United States
I have a few questions about this:

- What can IOSU exploit do?
- Is Kernel exploit needed or can it do stuff Kernel can and more?

Thoughts appreciated :)

"
Alright, for those of us not familiar with Wii U hacking, IOSU is basicallly the operating system of the Wii U when it runs in Wii U mode. It’s what we could compare to the “native” world on the PS Vita per opposition to the PSP Emu. In particular, IOSU is responsible for security checks on the Wii U, verifying that you’re not trying to run unsigned code, etc.

So yep, having compromised IOSU is a big deal."
 

MattKimura

3DS & WiiU Enthusiast
Member
Joined
Jun 30, 2014
Messages
2,130
Trophies
1
XP
2,733
Country
United States
This may have already been posted, but in the middle of a stormed out thread that a lot of users don't even look through. So thanks OP for posting this as a topic. This is really good news for a lot of people, so we can get ready for this by blocking updates and planning ahead for it.

I was actually thinking of posting this as an individual thread myself.
 

SonyUSA

We're all mad here
OP
Editorial Team
Joined
May 12, 2006
Messages
1,629
Trophies
1
XP
4,523
Country
United States
I mean... don't read too much into this, but I'm keeping my fingers crossed for Emunand ;D

Immediate uses: RPX size restriction won't be a thing anymore, so expect that very soon.

--------------------- MERGED ---------------------------

What will an IOSU exploit do that kernel can't ?
Everythiiingggg
 
Last edited by SonyUSA,

sbmotoracer

Member
Newcomer
Joined
Jul 1, 2013
Messages
7
Trophies
0
Age
51
XP
131
Country
Canada
Um... When did Hykem say that it was going to be released on or before christmas?

Should be here in time for Christmas!

To quote Hykem:

Time to clear the air again.

The following statements are facts:
- I have successfully compromised the Wii U's IOSU;
- The exploit being used works from 2.0.0 up to5.5.0, but it obviously needs to be ported for each firmware;
- The exploit doesn't need PPC kernel access, so the new kernel exploit won't have to be released.

I want to do some kind of Christmas surprise yes, but take that with a grain of salt. I can't promise I will have the time to get everything ready by then and I'm not disclosing what will be released.
Keep in mind that releasing the exploit "as-is" is pointless, so it will have to be ported first and most likely obfuscated so it will take a little longer to patch. It's also worth noting that I will have to develop an easy way to block updates so no one updates past 5.5.0 by accident.

If you don't believe in anything stated above, that's not my problem. The best (and easiest) thing to do is wait and see.
 

zoogie

playing around in the dsiware
Developer
Joined
Nov 30, 2014
Messages
8,296
Trophies
2
XP
13,172
Country
Micronesia, Federated States of
Reading Hykem's post it seems like he wants to release on Christmas, but it isn't likely given all the stuff he still has to do (and software development is always fraught with delays).
Still, I approve of this hype thread because we haven't had one in a long while. ^^
 
D

Deleted User

Guest
Sorry for being "that guy", but would it be alright to update my 5.4.0 to 5.5.0 or do you guys recommend I keep 5.4.0 for kernel/other reasons?
 
Last edited by ,
  • Like
Reactions: BIFFTAZ
Status
Not open for further replies.
General chit-chat
Help Users
  • No one is chatting at the moment.
    KennieDaMeanie @ KennieDaMeanie: I'm just saying it's been experienced already and those shower drains are not designed to...