Hacking Hykem's 5.5 iosu Exploit

[Margen67]

Just saw your signature, mind if I become a member? XD

Not at all :^)

 

[Puddies]

So, should I stay on 5.5.0 or should I update to 5.5.1?

 

[SonyUSA]

So, should I stay on 5.5.0 or should I update to 5.5.1?

Read the first post

 

[Deleted-355425]

So, should I stay on 5.5.0 or should I update to 5.5.1?

People seem to do the oppersite to what's suggested so im going to just say. YES update to 5.5.1

 

[Exavold]

People seem to do the oppersite to what's suggested so im going to just say. YES update to 5.5.1

YES , join us ; we have stability™

 

[Brandts]

In case you were afraid to deduce it from the screen I posted, yes, the hack works up to 5.5.1. However, I strongly recommend everyone to start blocking updates. That's why I announced I was working on IOSU in the first place, to raise awareness.
I reached IOSU in 5.5.1 using a different bug (another lame UAF in WebKit) than yellows8's, but the libstagefright one is much more reliable and it's already public. Which means that the release for 5.5.1 will be using yellows8's exploit while I keep the crappy one I used private.

Beware that Nintendo will likely push a big update to the Internet Browser anytime soon (I believe it's logical to deduce that), which will quite likely patch (properly) both the libstagefright bugs and other previously unpatched WebKit bugs (the one I mentioned included).

Marionumber1 also made a solid point about investigating userland bugs in areas not related to the browser (like Mii data, for example), which is something we will likely investigate soon.

Aside from all that, the exploit just needs obfuscation to be released. Like I stated before, the obfuscation layers will be complex which will take time to implement properly. If any delays follow, they will be strictly related to the obfuscation of the exploit.
Also, I mentioned that my "vacations" are extended to the end of February, but that doesn't mean the exploit will only be released by then. I'm guessing it will be done quite before that, but right now it's just a matter of getting it right so Nintendo won't patch it as soon as it comes out.

Am I the only one who's starting to doubt now? I haven't touched my WiiU for a long time (I checked yesterday and I'm still on firmware 3.0.0E ). Now I'm following the recent activities and I have two options. Buy a game with firmware 5.3.2 on the disk, wait for Hykem to release his exploit and then update to 5.5.1? But what if Nintendo brings out 5.5.2 which patches yellows8's exploit before the release of Hykem's exploit? Another option is update to 5.5.1 now and wait (maybe even five weeks ).

I was glad that Hykem was taking his time to do a proper release but now with this information the time starts to tick since yellows8 exploit is publically avaiable, so also patchable by Nintendo. I hope Hykem realises this and releases his exploit soon.

 

[yahoo]

...and I have two options. Buy a game with firmware 5.3.2 on the disk...

Oh no! You might have to buy a game!

 

[SonyUSA]

Am I the only one who's starting to doubt now? I haven't touched my WiiU for a long time (I checked yesterday and I'm still on firmware 3.0.0E ). Now I'm following the recent activities and I have two options. Buy a game with firmware 5.3.2 on the disk, wait for Hykem to release his exploit and then update to 5.5.1? But what if Nintendo brings out 5.5.2 which patches yellows8's exploit before the release of Hykem's exploit? Another option is update to 5.5.1 now and wait (maybe even five weeks ).

I was glad that Hykem was taking his time to do a proper release but now with this information the time starts to tick since yellows8 exploit is publically avaiable, so also patchable by Nintendo. I hope Hykem realises this and releases his exploit soon.

game fly free trial, use your head ;3

 

[Dvdxploitr]

game fly free trial, use your head ;3

GameFly requires a credit card/debit card to sign up even with a free trial. His/her age is not in profile, what if they are not old enough to have a credit card or do not have a bank account? This particular user could be 10 years old.......i'd go with Redbox if you can find one with Wii U games.....although that may be hard to find

 

[Brandts]

Oh no! You might have to buy a game!

That's not my point so let me rephrase my concerns: "But what if Nintendo brings out 5.5.2 which patches yellows8's exploit before the release of Hykem's exploit?". (ow wait, that's exactly what I said before)

@DVDxploiter and @SonyUSA
I never heard of Gamefly but I don't believe this service is available in my country.

 

[Tzuba]

That's not my point so let me rephrase my concerns: "But what if Nintendo brings out 5.5.2 which patches yellows8's exploit before the release of Hykem's exploit?". (ow wait, that's exactly what I said before)

@DVDxploiter and @SonyUSA
I never heard of Gamefly but I don't believe this service is available in my country.

Uhhh then don't update until its released?? Its really that simple.

 

[Brandts]

Uhhh then don't update until its released?? Its really that simple.

But it would be very unfortunately if Nintendo brings outs it's patch before Hykem releases something and we are not possible to update to 5.5.1 at all anymore

 

[xxmasal22xx]

But it would be very unfortunately if Nintendo brings outs it's patch before Hykem releases something and we are not possible to update to 5.5.1 at all anymore

if i understand correctly you mean if they release a new update past 5.5.1 we will not be able to get to 5.5.1 any more without going past it because there's no known games with 5.5.1 on disc?

 

[Brandts]

if i understand correctly you mean if they release a new update past 5.5.1 we will not be able to get to 5.5.1 any more without going past it because there's no known games with 5.5.1 on disc?

Exactly, thanks for clarifying my post

 

[Lawliet80]

Exactly, thanks for clarifying my post

Well, if they are games which update the wii u on 5.4.0 or 5.5.0 then it is alright as these firmwares shoud support Hykem's exploit

 

[MRJPGames]

Am I the only one who's starting to doubt now? I haven't touched my WiiU for a long time (I checked yesterday and I'm still on firmware 3.0.0E ). Now I'm following the recent activities and I have two options. Buy a game with firmware 5.3.2 on the disk, wait for Hykem to release his exploit and then update to 5.5.1? But what if Nintendo brings out 5.5.2 which patches yellows8's exploit before the release of Hykem's exploit? Another option is update to 5.5.1 now and wait (maybe even five weeks ).

I was glad that Hykem was taking his time to do a proper release but now with this information the time starts to tick since yellows8 exploit is publically avaiable, so also patchable by Nintendo. I hope Hykem realises this and releases his exploit soon.

Your 3.0.0 is supported by IOSU, and as iy has acess to kernel as well you will even vr able to update to 5.5.1 manually without using ninty servers.

It will require a separate WebKit exploit first. It's not a problem for firmwares 2.0.0 to 5.3.2, but firmware versions 5.4.0 and 5.5.0 still need to have a proper exploit done. This is being worked on as well (it would be a bit pointless to release a working IOSU exploit without the WebKit entry points for 5.4.0/5.5.0).
In other words, the goal is to release everything at once, giving people more than enough time to prepare themselves. It wouldn't be fair to release the exploit only for up to 5.3.2 and leave 5.4.0/5.5.0 users in the dust.

 

[RareKirby]

I been using OpenDNS to block updates and it's been working well. Should I stop using it?

--------------------- MERGED ---------------------------

 

[wurstpistole]

I been using OpenDNS to block updates and it's been working well. Should I stop using it?

--------------------- MERGED ---------------------------

What.

 

[RareKirby]

What.

If you don't know what I'm talking about why reply? TubeHax blocks Nintendo update and so does OpenDNS and I wanted to know if I should keep using OpenDNS

 

[wurstpistole]

If you don't know what I'm talking about why reply? TubeHax blocks Nintendo update and so does OpenDNS and I wanted to know if I should keep using OpenDNS

Well why in the world would you want to have your console update itself? Stay on whatever firm you are and pray for the exploits.