Hacking Mail box bomb

obcd

Well-Known Member
Member
Joined
Apr 5, 2011
Messages
1,594
Trophies
0
XP
432
Country
Belgium
Now the question is... When will big N make the next move? Assuming they will continue the game...

I guess nobody knows a way to boot into uneek directly with this exploit? I really need to find an elf for that...
 

DeadlyFoez

XFlak Fanboy
Banned
Joined
Apr 12, 2009
Messages
5,920
Trophies
0
Website
DeadlyFoez.zzl.org
XP
2,875
Country
United States
obcd said:
I guess nobody knows a way to boot into uneek directly with this exploit? I really need to find an elf for that...
I've been wanting to see that for a long time. That would make things complete.

I've talked with pune about it, basically he said that it's not something he's interested in working on. But just to ask him if it was possible, he said yes.
 

hanibel

Banned!
Banned
Joined
Aug 9, 2011
Messages
29
Trophies
0
Website
Visit site
XP
-9
Country
Argentina
DeadlyFoez said:
obcd said:
I guess nobody knows a way to boot into uneek directly with this exploit? I really need to find an elf for that...
I've been wanting to see that for a long time. That would make things complete.

I've talked with pune about it, basically he said that it's not something he's interested in working on. But just to ask him if it was possible, he said yes.

This is simple. 4 lines of code should do the trick:

CODE
int main() {
IOS_ReloadIOS(254);
return(0);
}

IOS254 is the bootmii IOS. Replacing the bootmii binary on the sd card with the uneek binaries results in uneek being launched directly.
 

obcd

Well-Known Member
Member
Joined
Apr 5, 2011
Messages
1,594
Trophies
0
XP
432
Country
Belgium
I obvious wasn't clear enough about that part. Sorry folks.
It should indeed work without the install of an ios.
I need to find a way to embed and execute armcode in a ppc elf file.
I can't think of anything that comes into the neiborhood of such functionallity.
 

Lothlorian

Well-Known Member
Member
Joined
Jul 9, 2009
Messages
207
Trophies
0
Location
Berdoo
XP
46
Country
United States
Looks like TT has released or is getting ready to release a similar exploit based on the same Idea. A Mail Exploit. Says they could not wait for Pune to release it so they reversed engineered it based on what they saw on Youtube... or something like that.

Brand new blog post on hackmii site
 

Arm the Homeless

Custom Title
Member
Joined
May 26, 2008
Messages
1,762
Trophies
0
Location
/home/andy/
Website
Visit site
XP
125
Country
United States
hanibel said:
DeadlyFoez said:
obcd said:
I guess nobody knows a way to boot into uneek directly with this exploit? I really need to find an elf for that...
I've been wanting to see that for a long time. That would make things complete.

I've talked with pune about it, basically he said that it's not something he's interested in working on. But just to ask him if it was possible, he said yes.

This is simple. 4 lines of code should do the trick:

CODE
int main() {
IOS_ReloadIOS(254);
return(0);
}

IOS254 is the bootmii IOS. Replacing the bootmii binary on the sd card with the uneek binaries results in uneek being launched directly.
You can download that already built here: https://github.com/Vithon/bootios/downloads
It's been there for over 2 years (first commit: May 16, 2009). xD

I'm not gonna try and bullshit anyone by saying I made some grand project though. It's even under the WTFPL...
 

DeadlyFoez

XFlak Fanboy
Banned
Joined
Apr 12, 2009
Messages
5,920
Trophies
0
Website
DeadlyFoez.zzl.org
XP
2,875
Country
United States
hanibel said:
DeadlyFoez said:
obcd said:
I guess nobody knows a way to boot into uneek directly with this exploit? I really need to find an elf for that...
I've been wanting to see that for a long time. That would make things complete.

I've talked with pune about it, basically he said that it's not something he's interested in working on. But just to ask him if it was possible, he said yes.

This is simple. 4 lines of code should do the trick:

Code:
int main() {
IOS_ReloadIOS(254);
return(0);
}
DeadlyFoez said:
obcd said:
IOS254 is the bootmii IOS. Replacing the bootmii binary on the sd card with the uneek binaries results in uneek being launched directly.


QUOTE(XFlak @ Aug 9 2011, 04:51 PM)
They meant if there is a way to launch s/uneek on a virgin wii without installing anything onto the Wii, including bootmii @ IOS254
^^Exactly. This is what would be freaking sweet. To be able to go to a friends house and just bring your hard drive and sd card and play your games and your own save games on their wii without having anything that will show that the warranty has been voided by use of unauthorized software because their will be no traces left behind as evidence on the nand of use of said unauthorized software. So basically you in the end feel safe that you did nothing wrong to your friends wii.
 

retKHAAAN

Well-Known Member
Member
Joined
Mar 14, 2009
Messages
3,840
Trophies
1
XP
1,587
Country
United States
hanibel said:
tueidj said:
JoostinOnline said:
Lol, you know they are just going to move onto something else to complain about.
Dead right, I'd like to complain about this exploit. How dare I have the balls to do exactly what I said would happen.
According to this you are the one who did the exploiting part. Kudos to you if this is true.

Yup. That looks like it's exactly what happened.

i can't be bothered to download it since I don't even have a Wii...but I'm assuming that the readmii states something along the lines of...

"Brought to you by Team Twiizers, Giantpune, and tueidj...
Special thanks to Giantpune for finding an exploit and sharing with us where to look"
 

Bladexdsl

fanboys triggered 9k+
Member
Joined
Nov 17, 2008
Messages
21,040
Trophies
2
Location
Queensland
XP
12,059
Country
Australia
there's 2 threads about this now
smileipb2.png
 

retKHAAAN

Well-Known Member
Member
Joined
Mar 14, 2009
Messages
3,840
Trophies
1
XP
1,587
Country
United States
QUOTE said:
blasty // Aug 9, 2011 at 1:36 pm

@0ld8oy/bushing: giantpune _did_ mention a overflow in the message body. I simply started working out the fileformat, encryption, signature, etc. (creating some useful utilities along the road, heh) in order to play with the data in these files. One thing led to another and tueidj managed to forge a crash and eventually exploit it.
 

tueidj

I R Expert
Member
Joined
Jan 8, 2009
Messages
2,569
Trophies
0
Website
Visit site
XP
999
Country
ohnoes, you found the sekrit log where he gave all the technical details away!

Seriously, that's like me saying an exploit works by overwriting some data in memory. Of course it does, but that won't help you recreate it.
 

Site & Scene News

Popular threads in this forum

General chit-chat
Help Users
  • The Real Jdbye @ The Real Jdbye:
    @LeoTCK actually good quality products are dying out because they can't compete with dropshipped chinese crap
    +2
  • BakerMan @ BakerMan:
    @LeoTCK is your partner the sascrotch or smth?
  • Xdqwerty @ Xdqwerty:
    Good morning
  • Xdqwerty @ Xdqwerty:
    Out of nowhere I got several scars on my forearm and part of my arm and it really itches.
  • AdRoz78 @ AdRoz78:
    Hey, I bought a modchip today and it says "New 2040plus" in the top left corner. Is this a legit chip or was I scammed?
  • Veho @ Veho:
    @AdRoz78 start a thread and post a photo of the chip.
    +2
  • Xdqwerty @ Xdqwerty:
    Yawn
  • S @ salazarcosplay:
    and good morning everyone
    +1
  • K3Nv2 @ K3Nv2:
    @BakerMan, his partner is Luke
  • Sicklyboy @ Sicklyboy:
    Sup nerds
    +1
  • Flame @ Flame:
    oh hi, Sickly
  • K3Nv2 @ K3Nv2:
    Oh hi flame
  • S @ salazarcosplay:
    @K3Nv2 what was your ps4 situation
  • S @ salazarcosplay:
    did you always have a ps4 you never updated
  • S @ salazarcosplay:
    or were you able to get new ps4 tracking it \
    as soon as the hack was announced
  • S @ salazarcosplay:
    or did you have to find a used one with the lower firm ware that was not updated
  • K3Nv2 @ K3Nv2:
    I got this ps4 at launch and never updated since 9.0
  • K3Nv2 @ K3Nv2:
    You got a good chance of buying a used one and asking the seller how often they used or even ask for a Pic of fw and telling them not to update
  • RedColoredStars @ RedColoredStars:
    Speaking of PLaystation. I see Evilnat put out a beta for PS3 CFW 4.91.2 on the 22nd.
  • K3Nv2 @ K3Nv2:
    Don't really see the point in updating it tbh
  • BigOnYa @ BigOnYa:
    Yea you right, I thought about updating my PS3 CFW to 4.91, but why really, everything plays fine now. I guess for people that have already updated past 4.9 it would be helpful.
  • K3Nv2 @ K3Nv2:
    Idk if online servers are still active that would be my only thought
    +1
  • BigOnYa @ BigOnYa:
    I don't play it online at all, in fact, I deleted all wifi details on it once I installed CFW, so it won't connect and auto-update itself
    BigOnYa @ BigOnYa: I don't play it online at all, in fact, I deleted all wifi details on it once I installed CFW...