Hacking Smea's iosuhax

[Mazamin]

Not yet, the system probably has some checks that'll be tripped.

You just need to change the old code to this:

Spoiler: CODE

if( (titleIdHigh == 0x0005000E) // game update
|| (titleIdHigh == 0x00050000) // full title
|| (titleIdLow == 0x10041000) // JAP title
|| (titleIdLow == 0x10041100) // USA title
|| (titleIdLow == 0x10041200)) // EUR title
|| (titleIdHigh == 0x00050010))
|| (titleIdLow == 0x1000400A))
{
installedTitle = ((u64)titleIdHigh << 32ULL) | titleIdLow;

 

[punderino]

You just need to change the old code to this:

Spoiler: CODE

if( (titleIdHigh == 0x0005000E) // game update
|| (titleIdHigh == 0x00050000) // full title
|| (titleIdLow == 0x10041000) // JAP title
|| (titleIdLow == 0x10041100) // USA title
|| (titleIdLow == 0x10041200)) // EUR title
|| (titleIdHigh == 0x00050010))
|| (titleIdLow == 0x1000400A))
{
installedTitle = ((u64)titleIdHigh << 32ULL) | titleIdLow;

Wouldn't this trigger something in the console and brick it? I wanna be able to pull a NAND backup before I do this too.

 

[Mazamin]

Wouldn't this trigger something in the console and brick it? I wanna be able to pull a NAND backup before I do this too.

I installed many bad titles(mario maker with a ticket from the wud for example) and never bricked, as if it's not good the console will refuse to install.

 

[punderino]

But this is a system title, even if it sucessfully installs, there still might be some things that can be triggered.

 

[Mazamin]

But this is a system title, even if it sucessfully installs, there still might be some things that can be triggered.

Yes, maybe you're right.

 

[punderino]

Yes, maybe you're right.

Myself and a few others are gonna look though and see if anything sticks out that gets triggered.

 

[Mazamin]

Myself and a few others are gonna look though and see if anything sticks out that gets triggered.

What change do I need to make to that title?

 

[punderino]

What change do I need to make to that title?

What do you mean? To get a patched fw.img?

 

[Mazamin]

What do you mean? To get a patched fw.img?

Yes, that's what I mean.

 

[punderino]

Go back and start at about page 9, and I'll PM you me and Dataloggers PMs.

 

[aracom]

But we can't even repack NUS packages to install them, so we can't inject the modified fw. Or did I miss something?

I always thought you need the NUS key for that, and the only one in possession of that is Nintendo.

 

[Datalogger]

I installed many bad titles(mario maker with a ticket from the wud for example) and never bricked, as if it's not good the console will refuse to install.

This is way different than installing a game update with little chance of bricking your Wii-U.

This is a firmware update and if it's not absolutely, guaranteed 110% perfect - it WILL brick your Wii-U, 100% Guaranteed.
And bricked in a way you will never get it back.

It is far too soon to start loading anything..... yet.

 

[punderino]

This is way different than installing a game update with little chance of bricking your Wii-U.

This is a firmware update and if it's not absolutely, guaranteed 110% perfect - it WILL brick your Wii-U, 100% Guaranteed.
And bricked in a way you will never get it back.

It is far too soon to start loading anything..... yet.

Sorry for the low-quality shitpost. But may I call you Dad?
Also, I spoke with smealum about how he goes about installing this, and he replied:
"@progranade requires an iosu exploit. some of the patches should give you details on exactly how from there"
I replied asking what the how is, and haven't gotten a responce.

 

[Rob Blou]

why not dump your eMMC and slc before doing stuff like this? a Teensy++2.0 is pretty cheap

 

[punderino]

why not dump your eMMC and slc before doing stuff like this? a Teensy++2.0 is pretty cheap

Last time I fucked with a board, I bricked a 3DS.

 

[Rob Blou]

Last time I fucked with a board, I bricked a 3DS.

haha I understand. If you know someone who's ok at soldering it's not that hard really. I dumped a lot of ps3 nands with a teensy2.0++ and nandway and the eMMC is even easier since you dump it with an sd card adapter.

 

[Jow Banks]

If we can figure out a way to turn on the JTAG, we can back to whole thing up.
As far as I remember - it is one bit on the OTP.
Maybe we can poke at that first?

 

[shinyquagsire23]

why not dump your eMMC and slc before doing stuff like this? a Teensy++2.0 is pretty cheap

Last time I tried this I bricked, definitely a process which needs to be investigated and refined a bit. I believe what smea ended up doing that I didn't was powering the NAND externally, you can't dump the slc with the Wii U on, even in an error screen (ie without the disc drive ribbon attached) where it'd have no activity.

 

[punderino]

Last time I tried this I bricked, definitely a process which needs to be investigated and refined a bit. I believe what smea ended up doing that I didn't was powering the NAND externally, you can't dump the slc with the Wii U on, even in an error screen (ie without the disc drive ribbon attached) where it'd have no activity.

Maybe once this matures, we can dump our NANDs, but have no way to write. At least with this like the 3DS if you brick, then you go get a hardmod.

 

[Rob Blou]

Last time I tried this I bricked, definitely a process which needs to be investigated and refined a bit. I believe what smea ended up doing that I didn't was powering the NAND externally, you can't dump the slc with the Wii U on, even in an error screen (ie without the disc drive ribbon attached) where it'd have no activity.

yeah you just need 3.3v ... you can get a voltage regulator for the teensy or use what smea used or just use a PC power supply (that's what I do)