I'm just wondering, technically if you have a dns server program and a file server, you could have the Wii U Download content from your server instead of their servers.
All of the Nintendo Servers I've seen (3DS, Wii) seem to be simple HTTP servers, so it shouldn't be too hard to set one up.
Would there be any real usage of this server spoofing or is it just not worth it at this time.
Spoofing it will have which purpose?
It require encrypted/signed files, so you can't replace links with your own files, and not even with someone else's files (different signature).
if you replace a file by another one or from another region, you risk a brick (unless there's a checksum and the file is downloaded again)
But maybe I don't see the purpose of doing it for the moment.
I know 3DS is doing it to bypass Video's region lock. Is there the same thing on wiiU?
I could possibly see there being a use of installing already signed content, as long as it isn't encrypted in the transfer as well.
I.E. tell your 3DS to download a free app. Modify the download location to either be that of a different game in the eshop, or one you host yourself. Would the 3DS even notice the difference? Maybe.
Spoofing it will have which purpose?
It require encrypted/signed files, so you can't replace links with your own files, and not even with someone else's files (different signature).
if you replace a file by another one or from another region, you risk a brick (unless there's a checksum and the file is downloaded again)
But maybe I don't see the purpose of doing it for the moment.
I know 3DS is doing it to bypass Video's region lock. Is there the same thing on wiiU?
Hi, not really related, but have you tried sniffing packets in Miiverse? Particularly interested if there's any plaintext packets when viewing stuff like the activity log. Would check myself but no Wii U here so I'd appreciate it!
I could possibly see there being a use of installing already signed content, as long as it isn't encrypted in the transfer as well.
I.E. tell your 3DS to download a free app. Modify the download location to either be that of a different game in the eshop, or one you host yourself. Would the 3DS even notice the difference? Maybe.
If you read the thread, you would have seen that e-shop is secure (i.e. uses HTTPS I think), but NUS is not. In other words, this could only work for updates, not e-shop content. (Unless you find a way to create a site certificate that the console would accept i.e. one signed with Nintendo's private keys).
Still, the Wii U will only install properly signed content with the proper TMD, so it isn't like you could use this to install anything differently. The only thing you could use this for is to set up a personal mirror of NUS or something.
Actually it would rock for the people who have a REAL crappy internet connection. Give them a USB with the files, set up a web server, etc, so they can pull the update.
Hi, not really related, but have you tried sniffing packets in Miiverse? Particularly interested if there's any plaintext packets when viewing stuff like the activity log. Would check myself but no Wii U here so I'd appreciate it!
I've been monitoring packets with wireshark on the Wii U while in Miiverse. Here is what I have so far:
1 - All comunication with Miiverse is encrypted.
2 - Its https based. At this point I can only asume Miiverse comunicates with Nintendo through some REST api but without decrypting the requests I can't know. Only caught glimpses at certain IPs,URLs and headers.
3 - I tried to do a man in the middle attack. At first I noticed the Wii U was using a Diffie Helman key exchange so just listening in the handshake and requests wouldn't work.
4 - Moved on to proxy software that performs MitM attacks by spoofing the key exchanges. I noticed the Wii started using RSA style handshake instead of DHE.
5 - This would have worked but when the Wii U communicates with the proxy, it notices that the SSL certificate that is issued by the proxy software cannot be verified by a Certificate Authority so it errors out and doesn't connect to Miiverse (and I can only asume this is the case cause the error number is not informative).
6 - The Wii U connects to https://account.nintendo.net/ for logging in your Nintendo Network account on the Wii U. The certificate authority is Nintendo itself.
7 - We can assume that the Wii U has installed Nintendo as a trusted CA and therefore won't complain when connecting directly to them with a certificate issued by them.
8 - At this point we start talking about spoofing the Certificate Authority but I think this might not be possible as we can't install trusted root CAs on the Wii U.
9 - This is all I have so far and I'm going crazy.
Honestly I would like to reverse engineer the Miiverse and maybe be able to write some sort of client and API. But I'm not sure how to go on from here. I would love to have some help if possible. If I can see the plain text communication developing an API wont be so hard.
It's been a while since Microsoft released the Xbox One, and despite its age, there haven't been any reliable softmod methods to hack the console. Until now. A post...
After several months of work, the Harbour Masters 64 team have released their first public build of 2Ship2Harkinian, a feature-rich Majora's Mask PC port. This comes...
With the vast success of Super Mario Maker and its Switch sequel Super Mario Maker 2, Nintendo fans have long been calling for "Maker" titles for other iconic genres...
Palmer Luckey is known for his pursuits into the world of virtual reality, having founded Oculus and designed the Rift VR headset. Prior to the $2 billion dollar...
Another day, another Nintendo DMCA takedown against fan-made content.
Just a few minutes ago, Nintendo issued a DMCA takedown notice against a widely known and...
After a little more than three years of exclusivity with the Epic Games Store, Square Enix has decided to bring their beloved Kingdom Hearts franchise to Steam. The...
The complete source code for the Super Nintendo Entertainment System (SNES) version of Doom has been released on archive.org. Although some of the code was partially...
Sony is once more attempting to reintroduce players to their older library of games by re-releasing classic PlayStation 2 titles onto the PlayStation Store. During...
Skyward Sword is a divisive title in the Zelda series. Hailed with praise at launch with a 93 Metacritic average, the game since received criticism for the...
The latest State of Play is here. This is PlayStation's Summer showcase, providing updates to new updates on upcoming games and brand new reveals. The 35-minute...
Palmer Luckey is known for his pursuits into the world of virtual reality, having founded Oculus and designed the Rift VR headset. Prior to the $2 billion dollar...
It's been a while since Microsoft released the Xbox One, and despite its age, there haven't been any reliable softmod methods to hack the console. Until now. A post...
After several months of work, the Harbour Masters 64 team have released their first public build of 2Ship2Harkinian, a feature-rich Majora's Mask PC port. This comes...
Another day, another Nintendo DMCA takedown against fan-made content.
Just a few minutes ago, Nintendo issued a DMCA takedown notice against a widely known and...
After a little more than three years of exclusivity with the Epic Games Store, Square Enix has decided to bring their beloved Kingdom Hearts franchise to Steam. The...
Sony is once more attempting to reintroduce players to their older library of games by re-releasing classic PlayStation 2 titles onto the PlayStation Store. During...
With the vast success of Super Mario Maker and its Switch sequel Super Mario Maker 2, Nintendo fans have long been calling for "Maker" titles for other iconic genres...
The latest State of Play is here. This is PlayStation's Summer showcase, providing updates to new updates on upcoming games and brand new reveals. The 35-minute...
The complete source code for the Super Nintendo Entertainment System (SNES) version of Doom has been released on archive.org. Although some of the code was partially...
E3 may be gone, but it's not forgotten, as the trend of a massive Summer video game showcase still lives on in the form of the Summer Game Fest. Promising two hour of...