Toggle sidebar

Homebrew (Partial) Idea For a 5.5.2 Exploit

  • Thread starter Thread starter Wolfer473
  • Start date Start date
  • Views Views 2,258
  • Replies Replies 6
Wolfer473

Wolfer473

Active Member
Newcomer
Level 1
Joined
Jul 27, 2017
Messages
30
Reaction score
10
Trophies
0
XP
123
Country
United States
Okay, so before you ignore this I've already asked some devs in the discord server and they said that this might be doable but there are some issues that could (maybe) be solved.

THEORY: The eShop uses the same mvplayer.rpl in 5.5.2 that the internet browser used in 5.5.1, and the eShop also has JIT. So theoretically, the Exploit video should work in the eShop.

ISSUES:
1) Unlike Crunchyroll ads, the eShop uses an SSL connection with the servers, so it would be extremely hard (if not impossible) to remap a video (i.e. The Super Mario Cat Show that you can play/watch in the eShop.) to the exploit .mp4.

2) This is still untested, so even after all of that work fixing the SSL, it might not work. (i.e missing an essential library item, code execution failing, video player has a different patch from internet browser, etc.)

3) I was thinking of attempting to redirect the eShop to a custom server where we could play the exploit .mp4, but (again curse SSL) that would either require remapping to redirect the Wii U or maybe changing the URL using FTPii and going into the title information, but that would require access to the Homebrew launcher, which kind of defeats the purpose.

So I wanted to put this theory out there in case anyone can come up with a solution to these problems, or to tell me it can't be done so I stop working on it.

Thanks for reading.
 

Attachments

  • Screenshot_20170814-121636.png
    Screenshot_20170814-121636.png
    17.9 KB · Views: 355
Last edited by Wolfer473,
Wolfer473 said:
Okay, so before you ignore this I've already asked some devs in the discord server and they said that this might be doable but there are some issues that could (maybe) be solved.

THEORY: The eShop uses the same mvplayer.rpl in 5.5.2 that the internet browser used in 5.5.1, and the eShop also has JIT. So theoretically, the Exploit video should work in the eShop.

ISSUES:
1) Unlike Crunchyroll ads, the eShop uses an SSL connection with the servers, so it would be extremely hard (if not impossible) to remap a video (i.e. The Super Mario Cat Show that you can play/watch in the eShop.) to the exploit .mp4.

2) This is still untested, so even after all of that work fixing the SSL, it might not work. (i.e missing an essential library item, code execution failing, video player has a different patch from internet browser, etc.)

3) I was thinking of attempting to redirect the eShop to a custom server where we could play the exploit .mp4, but (again curse SSL) that would either require remapping to redirect the Wii U or maybe changing the URL using FTPii and going into the title information, but that would require access to the Homebrew launcher, which kind of defeats the purpose.

So I wanted to put this theory out there in case anyone can come up with a solution to these problems, or to tell me it can't be done so I stop working on it.

Thanks for reading.
Click to expand...
as shown by crunchyroll and watchup, not all mvplayers are the same. if you figure out (somehow) how to remap a video, i'll be willing to give it a try though.
 
Last edited by iAqua,
  • Like
Reactions: Wolfer473
iAqua said:
as shown by crunchyroll and watchup, not all mvplayers are the same. if you figure out (somehow) how to remap a video, i'll be willing to give it a try though.
Click to expand...

Yeah, but I figured Nintendo would want to save as much time as possible developing those apps, and since there both in the same group (can be run while software is suspended) that they would save time and use the same mvplayer. If you would be willing to give it a try please do because I'm kind of stuck right now.
 
Wolfer473 said:
Yeah, but I figured Nintendo would want to save as much time as possible developing those apps, and since there both in the same group (can be run while software is suspended) that they would save time and use the same mvplayer. If you would be willing to give it a try please do because I'm kind of stuck right now.
Click to expand...
i'm not a magician, and i certainly can't fake a ssl cert. redirecting will be up to you or anyone else really wanting to try this. sorry.
 
iAqua said:
i'm not a magician, and i certainly can't fake a ssl cert. redirecting will be up to you or anyone else really wanting to try this. sorry.
Click to expand...
K thanks anyway. I know that the redirecting of SSL is almost impossible, and I should probably be the one screwing around with it since it was my theory.
 
  • Like
Reactions: iAqua
I could see it happen if there were an mp4 which could be contenthax'd or if there were mp4s or something cached in the save but otherwise I'm doubtful, and it still wouldn't help anyone on 5.5.2 in that case.
 
  • Like
Reactions: peteruk and VinsCool

Site & Scene News

Go to forum More news

Popular threads in this forum

Strange Blue Blinking Wii U

Hacking Homebrew Project  Modernized YouTube for Wii U

Struggling to get WiiFlow/USBLoaderGX to recognize USB sticks

Feedback  Community Overclock Stats: A5X vs B1X Motherboards

Wii Games Performance on Wii U (vWii C2W Overclock) – Community Testing & Results Sharing

My dad's Wii U cannot install Aroma. HELP!!

Gaming Homebrew Misc Project  Roséverse - a 1:1 Miiverse revival by Project Rosé!

I broken my wii u