Toggle sidebar

Hacking Hykem's 5.5 iosu Exploit

  • Thread starter Thread starter SonyUSA
  • Start date Start date
  • Views Views 1,767,470
  • Replies Replies 6,864
  • Likes Likes 85
Status
Not open for further replies.
WeedZ1985 said:
Thought is was going to be a Christmas present? Anyway, I'm calling bullshit and moving on with my life at this point.
Click to expand...

Same here tbh, I'm about to stop checking GBATemp for atleast a while now, especially when there's like 10+ pages on offtopic discussion BS.
The exploit might or might not be released. A co-worker said the exploit will not be released anyway.
 
  • Like
Reactions: WeedZ and TotalInsanity4
Maschell said:
You can't the c++ functions names, you have to use the right (internal?) functionname. Use ida for this.
e.g. for nn::ac::GetPersistentIdEx() I had to use GetPersistentIdEx__Q2_2nn3actFUc
Click to expand...
Thanks, it was GetMyScreenName__Q2_2nn2fpFPw, but I'm still getting a blue screen :/ I commented out the final use of the function, and it seems to get the handle and the export just fine, so it has to do with how I'm using GetMyScreenName. I guess that's how reverse engineering works, right? Many tries and many crashes :P
 
MRJPGames said:
That's not a problem due to this one word: emuNAND.
Ore in multible words: emuNAND allows us to upgrade to the latest firmware but instead of updating the Wii U's firmware you upgrade the firmware on a SD or maybe even a USB and then boot the firmware from that. So your sysNAND stays outdated (5.5) and you update your emuNAND (5.6 or 6.0 and later).
Click to expand...

Where did you get the notion that it allows that?
 
calm down will you. Look, as is normal with these things, they might not say it, but its true, hear me out.

A lot of the time hackers release an exploit days after a firmware update thus not pissing off the manufacturer of said device as much as it would to release an exploit on current firmware, which would spark a war between manufacturer and hacker with more chance of closing holes in defenses. Only super lucky people that stayed on a modded dns will get a chance (hint: dont update on the 12th), eventually said manufacturer gets tired and moves to a new device, then users get a silver bullet exploit, this is regular on many devices. Yes Im speculating, but it happened on the xbox 360, wii, ps3 now is end of life so current hack is now the silver bullet exploit, unless sony updates again, which is very doubtful.

Dont update, wait, and you should with luck all get what you want, then spoof to current fw, enjoy.
 
  • Like
Reactions: TotalInsanity4
Wolololo said:
It's not trivial: it takes several hours of digging into a 500 pages thread to find the information, for anyone who does not follow the subject on a daily basis. I know, because that's exactly what I had to do to write the article
It does not spread drama: If you read the article, you've seen I've been extremely careful to not include anything that has confirmed to be inaccurate or irrelevant to the current status.

Just sayin'
Click to expand...

Maybe not, but the information is arbitrary. Knowing about plutoo's post and ensuing actions that ultimately just lead back to us waiting for Hykem to release doesn't really do anything for the layman, it just makes extra (arguably useless) information about the whole proceedings that they have to read. The short of it is, that whole situation can be safely ignored because nothing really changed from before it happened to after it happened.

Edit: Added Hykem's userpage link to OP
 
Last edited by SonyUSA,
  • Like
Reactions: canariobr, davetheshrew, celolzitos and 1 other person
aracom said:
Thanks, it was GetMyScreenName__Q2_2nn2fpFPw, but I'm still getting a blue screen :/ I commented out the final use of the function, and it seems to get the handle and the export just fine, so it has to do with how I'm using GetMyScreenName. I guess that's how reverse engineering works, right? Many tries and many crashes :P
Click to expand...
Maybe it crashes because it write the Name into a array to have in the parameter? Try
GetMyScreenName(char16 buf[11]). Make sure you use Initialize and Finalize!
 
Last edited by Maschell,
smileyhead said:
A question regarding this exploit: Can I load Wii backups with it?
Click to expand...

Wii backups are already possible in vWii, find the respective guides for those in the stickies section.

As for Wii U backups, this is already possible via Loadiine on version 5.3.2 (and other versions now I think as well), but not from USB storage. With the IOSU exploit we will (hopefully) be able to load backups from USB going forward.
 
  • Like
Reactions: TotalInsanity4
Maximilious said:
Wii backups are already possible in vWii, find the respective guides for those in the stickies section.

As for Wii U backups, this is already possible via Loadiine on version 5.3.2 (and other versions now I think as well), but not from USB storage. With the IOSU exploit we will (hopefully) be able to load backups from USB going forward.
Click to expand...
I know, I just didn't want to spend money on games I would only use for installing the HBC.
 
Maschell said:
Maybe it crashes because it write the Name into a array to have in the parameter? Try
GetMyScreenName(char16 buf[11]). Make sure you use Initialize and Finalize!
Click to expand...
I figured out that I have to use a wchar_t*, and it doesn't crash when simply using the function + var, but I don't have a way to display that since all printing functions only take char* and I haven't found a (working) way to convert wchar_t to char without using wcstombs :(
Current code:
Code: 
            unsigned int fp_handle;
            OSDynLoad_Acquire("nn_fp.rpl", &fp_handle); //get nn_fp
           
            __os_snprintf(flags.output, 1000, "\ngot fp");
                       
            void(*GetMyScreenName)();            
            OSDynLoad_FindExport(fp_handle, 0, "GetMyScreenName__Q2_2nn2fpFPw", &GetMyScreenName);           
            void(*Initialize)();
            OSDynLoad_FindExport(fp_handle, 0, "Initialize__Q2_2nn2fpFv", &Initialize);
            void(*Finalize)();            
            OSDynLoad_FindExport(fp_handle, 0, "Finalize__Q2_2nn2fpFv", &Finalize);   

            __os_snprintf(flags.output, 1000, "\ngot exports");
                      
            //Initialize(); //Init
           
            typedef unsigned long wchar_t;
            wchar_t * MiiName = L"hi" ;
            GetMyScreenName(&MiiName);

            __os_snprintf(flags.output, 1000, MiiName);
            //Finalize();
This gives me a black screen(no crash, can go back to the menu). When uncommenting Initialize() and Finalize(), I get a blue screen again, wich probably means I'm not using them right.
 
aracom said:
I figured out that I have to use a wchar_t*, and it doesn't crash when simply using the function + var, but I don't have a way to display that since all printing functions only take char* and I haven't found a (working) way to convert wchar_t to char without using wcstombs :(
Current code:
Code: 
            unsigned int fp_handle;
            OSDynLoad_Acquire("nn_fp.rpl", &fp_handle); //get nn_fp
          
            __os_snprintf(flags.output, 1000, "\ngot fp");
                      
            void(*GetMyScreenName)();           
            OSDynLoad_FindExport(fp_handle, 0, "GetMyScreenName__Q2_2nn2fpFPw", &GetMyScreenName);          
            void(*Initialize)();
            OSDynLoad_FindExport(fp_handle, 0, "Initialize__Q2_2nn2fpFv", &Initialize);
            void(*Finalize)();           
            OSDynLoad_FindExport(fp_handle, 0, "Finalize__Q2_2nn2fpFv", &Finalize);  

            __os_snprintf(flags.output, 1000, "\ngot exports");
                     
            //Initialize(); //Init
          
            typedef unsigned long wchar_t;
            wchar_t * MiiName = L"hi" ;
            GetMyScreenName(&MiiName);

            __os_snprintf(flags.output, 1000, MiiName);
            //Finalize();
This gives me a black screen(no crash, can go back to the menu). When uncommenting Initialize() and Finalize(), I get a blue screen again, wich probably means I'm not using them right.
Click to expand...

#wiiudev on Ef ;)
 
smileyhead said:
I know, I just didn't want to spend money on games I would only use for installing the HBC.
Click to expand...
You always had to spend money on a a game either way be it the real Wii or vWii. If 10 bucks hurt you that much, then i can't imagine how you managed to afford a console and supportive hardware.
 
  • Like
Reactions: TotalInsanity4
LysergCooltyp said:
You always had to spend money on a a game either way be it the real Wii or vWii. If 10 bucks hurt you that much, then i can't imagine how you managed to afford a console and supportive hardware.
Click to expand...
He could also borrow the game from a friend or something.
 
Last edited by Margen67,
  • Like
Reactions: Deleted member 375186 and TotalInsanity4
Status
Not open for further replies.

Site & Scene News

Go to forum More news

Popular threads in this forum

Strange Blue Blinking Wii U

Hacking Homebrew Project  Modernized YouTube for Wii U

Feedback  Community Overclock Stats: A5X vs B1X Motherboards

Wii Games Performance on Wii U (vWii C2W Overclock) – Community Testing & Results Sharing

Gaming Homebrew Misc Project  Roséverse - a 1:1 Miiverse revival by Project Rosé!

Can the Wii u pro controller works for Wii games ?

My dad's Wii U cannot install Aroma. HELP!!

[discussion] Paper Mario Wii U or Mario Kart 64 wii u?