May all your gauges be Radial.

Discussion in 'Wii U - Hacking & Backup Loaders' started by FaTaL_ErRoR, Jul 21, 2015.

  1. FaTaL_ErRoR
    OP

    FaTaL_ErRoR AKA ŦƕƎ ƠṀƐƝ

    Member
    491
    346
    Mar 9, 2014
    United States
    There is a serious threat to all wii u browser users using the latest firmware.
    Radial gauges made in certain ways could allow remote code entry and maybe even corruption of vital software to a user's wii u console.
    https://bugs.webkit.org/show_bug.cgi?id=112694
    This really should be fixed asap or some webservers containing certain radial gauges may make the wii u prone to data theft and theft of one's personal information.
     


  2. FaTaL_ErRoR
    OP

    FaTaL_ErRoR AKA ŦƕƎ ƠṀƐƝ

    Member
    491
    346
    Mar 9, 2014
    United States
    Also note some serious patches need to be made in the javascript sectors. As programs such as this one are currently able to communicate with the console. Could open a ton of doors to kernel access if small changes were made to this program and others like it.
    http://www.crashub.org/1.3/reference.html
     
  3. Mathew_Wi
    This message by Mathew_Wi has been removed from public view by BORTZ, Jul 22, 2015, Reason: We are not an image board.
    Jul 21, 2015
  4. normal19

    normal19 Member

    Newcomer
    30
    0
    Aug 23, 2014
    Afghanistan
    What does this mean for those searching for kernel exploits for homebrew?
     
  5. ddrrmm

    ddrrmm GBAtemp Regular

    Member
    163
    77
    Feb 11, 2007
    United States
    didnt read, lol.
     
    VinsCool and yuyuyup like this.
  6. yuyuyup

    yuyuyup GBAtemp Psycho!

    Member
    3,336
    767
    Apr 30, 2006
    United States
    USA MTN timezone
    isos or who gives a shit
     
    VinsCool, bartekowca666 and Jayro like this.
  7. Jayro

    Jayro MediCat DVD and Mini Windows 10 Developer

    Member
    GBAtemp Patron
    Jayro is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    4,738
    2,494
    Jul 23, 2012
    United States
    Octo Canyon
    The fuck is a "Radial guage"?
     
  8. wangtang32000

    wangtang32000 Newcomer

    Member
    116
    58
    Dec 31, 2009
    United States
    In a Cave in the middle of nowhere.
    well the way you put that makes it sound really bad.

    i don't think that many people would save much personal information on their wii u... except for eshop data.

    if this problem includes the eshop data, then yeah this could be serious.
     
  9. WiiCube_2013

    WiiCube_2013 GBAtemp Guru

    Member
    5,943
    1,337
    Oct 19, 2013
    Gaza Strip
    Guess I'll wipe the passwords until Nintendo releases a firmware patch.
     
  10. DrCrygor07

    DrCrygor07 Italian Wario Ware bootleg©

    Member
    1,682
    621
    Sep 4, 2014
    Italy
    It's a very FaTaL_ErRoR
     
    VinsCool likes this.
  11. FaTaL_ErRoR
    OP

    FaTaL_ErRoR AKA ŦƕƎ ƠṀƐƝ

    Member
    491
    346
    Mar 9, 2014
    United States
    A "Radial gauge" looks like this one.
    http://www.jqchart.com/jquery/gauges/RadialGauge/LiveData
    This exact one causes the wii u browser to crash in such a way it is exploitable.
    And since it is exploitable and remote access can be obtained it is a threat to the security of the wii u and the console owners personal information and anything temporarily stored in ram. This should be patched very soon to avoid malicious use.
     
  12. EmceeKerser

    EmceeKerser GBAtemp Maniac

    Member
    1,374
    503
    Jun 3, 2014
    The fuckin' Blue Mountains brah
    Is this thread ironic? I cant tell
     
    Garro and VinsCool like this.
  13. A_Random_Guy

    A_Random_Guy Officially That Dev

    Member
    862
    459
    May 22, 2015
    Malaysia
    Smea's closet
    What's this happened to do with Wii U hacking?
     
  14. Jayro

    Jayro MediCat DVD and Mini Windows 10 Developer

    Member
    GBAtemp Patron
    Jayro is a Patron of GBAtemp and is helping us stay independent!

    Our Patreon
    4,738
    2,494
    Jul 23, 2012
    United States
    Octo Canyon
    It could be an entrypoint to Homebrew and firmware hacking.
     
  15. Slartibartfast42

    Slartibartfast42 GBAtemp Advanced Fan

    Member
    807
    224
    Mar 6, 2013
    United States
    How do I unblock the updates so I will be ready when the update hits? I need my
    "Further improvements to overall system stability, system security, and other minor adjustments have been made to enhance the user experience"
     
  16. SirByte

    SirByte GBAtemp Fan

    Member
    494
    191
    Dec 30, 2012
    Canada
    Thank the maker for improving user experience by enhancing system stability! I'm on 3.1.0 - my system is really unstable! I had to use concrete deck blocks to keep it from falling off the shelf!
     
  17. loco365

    loco365 GBAtemp Guru

    Member
    5,458
    2,673
    Sep 1, 2010
    I'm on 5.4, so I decided to unplug my system in case there is something that works with this.

    It's a shot. In the dark, but at least a shot.
     
  18. EclipseSin

    EclipseSin FullMental Trollemist

    Member
    1,813
    1,287
    Apr 1, 2015
    United States
    Vegeta's Hyrule
    That gauge did not make my Wii browser crash. I tried it multiple times. All it seems to do it get smaller and smaller when the needle tries to move until it is gone and just the numbers show. A bug yes, but I'm not getting a crash of any kind. I'm on 5.3.2. What version did you try this on?
     
  19. FaTaL_ErRoR
    OP

    FaTaL_ErRoR AKA ŦƕƎ ƠṀƐƝ

    Member
    491
    346
    Mar 9, 2014
    United States
    5.4...
    It crashes the browser The fact the needle goes away on 5.3.2 means it was also exploitable in 5.3.2
    In 5.4 the needle shows up very briefly then it's gone. Read the links on the bug page I posted as to why this happens and you'll see just how exploitable it is.
     
  20. tbb043

    tbb043 Member

    Member
    1,035
    459
    Jan 30, 2008
    United States
    I've never had any data worth stealing on my Wii U so yay?

    I also highly doubt I'll ever wind up at a site with one of these radial gauges in them while using the Wii U browser, unless it somehow is part of hacking the system at last.
     
  21. Mathew_Wi

    Mathew_Wi bye

    Member
    233
    790
    Sep 29, 2009
    This isn't crashing on 5.3.2 or 5.4.0 for me.