Wii Browser Exploit Found

Discussion in 'GBAtemp & Scene News' started by Opium, Jan 7, 2007.

Jan 7, 2007

Wii Browser Exploit Found by Opium at 3:40 AM (14,221 Views / 0 Likes) 28 replies

  1. Opium
    OP

    Former Staff Opium PogoShell it to me ™

    Joined:
    Dec 22, 2002
    Messages:
    8,185
    Location:
    Australia
    Country:
    Australia








    Wii Browser Exploit Found

    Opera browser exploit crashes Wii







    An Opera browser exploit has been found which crashes the Wii and supposedly would allow the execution of code. No code has yet been run but you can try out the exploit for yourself by pointing your Wii browser to this link.




    After details about new Opera vulnerabilities were released, one was tested that crashed the Wii. Here's what the founder, lbradeen, says about the exploit:



    Although this is certainly interesting we advise you not to get too excited, nothing has been done with this exploit so far.



    [​IMG] lbradeen's Website
     


  2. phoood

    Member phoood taking it to a whole new level.

    Joined:
    Jul 28, 2006
    Messages:
    1,001
    Location:
    Jewgoslavia
    Country:
    United States
    YAY for exploits!

    I wonder when any of these will finally become useful. Time will tell... =D
     
  3. Opium
    OP

    Former Staff Opium PogoShell it to me ™

    Joined:
    Dec 22, 2002
    Messages:
    8,185
    Location:
    Australia
    Country:
    Australia
    It is nice to see that some forms of exploits are being found [​IMG]

    I tried out the exploit myself, what it seemed to do was freeze the Opera browser. It no longer responded and the Mouse pointer disappeared and no input from the Wiimote worked. I dunno, perhaps this crash can be exploited.
     
  4. Samutz

    Member Samutz Wet Tissue Sample

    Joined:
    Oct 4, 2004
    Messages:
    1,598
    Location:
    See that hole in your wall?
    Country:
    United States
    Yay Viirus!
    [​IMG]
     
  5. fischju_original

    Banned fischju_original I used to be a jerk before i got banned

    Joined:
    Jul 22, 2006
    Messages:
    1,014
    Country:
    United States

    no its not. now nintendo can patch it easily


    lawl, this crashes opera on my pc too
     
  6. angelfly

    Banned angelfly Banned

    Joined:
    Dec 31, 2005
    Messages:
    12
    Country:
    United States
    good thing updates are done manually so it can't be forced
     
  7. fischju_original

    Banned fischju_original I used to be a jerk before i got banned

    Joined:
    Jul 22, 2006
    Messages:
    1,014
    Country:
    United States
    This early in the wii lifespan, it pretty much is forced
     
  8. EarthBound

    Member EarthBound a/s/l?

    Joined:
    Aug 28, 2003
    Messages:
    825
    Location:
    Fort Worth,Texas
    Country:
    United States
    The Wii can update itself right?I dont think i ever turned it off,but good thing its unpluged.Ill just unplug my Wifi-Max =D
     
  9. cruddybuddy

    Banned cruddybuddy Group: Banned!

    Joined:
    Aug 27, 2003
    Messages:
    2,864
    Location:
    California
    Country:
    United States
    Just change your setting so the Wii will not automatically update.
     
  10. fischju_original

    Banned fischju_original I used to be a jerk before i got banned

    Joined:
    Jul 22, 2006
    Messages:
    1,014
    Country:
    United States
    Have you seen how much space is available for new channels? Nobody is going to want a wii with just the weather channel so they can run homebrew
     
  11. Opium
    OP

    Former Staff Opium PogoShell it to me ™

    Joined:
    Dec 22, 2002
    Messages:
    8,185
    Location:
    Australia
    Country:
    Australia
    To the end user running homebrew code through a browser crash isn't the ultimate goal here. If indeed this browser crash can allow people to run their own homebrew code then they may be able to access Wii system files. Things like dumping the firmware and whatnot are not out of the realm of possibility. From that other exploits can be found.

    But this is just speculation of course, providing that the browser crash can actually let you run code.
     
  12. DaRk_ViVi

    Member DaRk_ViVi ...is everywhere!

    Joined:
    Apr 13, 2004
    Messages:
    1,015
    Location:
    Asti, Italy
    Country:
    Italy
    It would be nice to allow new channels to be installed on the Wii, like a "Wii Backup Channel" and "GC Backup Channel" or a "*Insert Homebrew name here* Channel".

    Who cares about "Weather Channel"? XD
     
  13. TheStump

    Member TheStump Got Wood?

    Joined:
    May 8, 2006
    Messages:
    796
    Country:
    Australia
    i pretty much have no idea what this means, but im sure its great news. [​IMG]
     
  14. kersplatty

    Member kersplatty GBAtemp Regular

    Joined:
    May 23, 2006
    Messages:
    113
    Country:
    United States
    could this be backdoor number 2!!!! [​IMG] [​IMG]
     
  15. accolon

    Member accolon GBAtemp Regular

    Joined:
    Oct 29, 2003
    Messages:
    206
    Country:
    Germany
    According to heise Security, Opera Software "argues that it is not easy to exploit the heap overflow consistently". "Attackers can specially call the function createSVGTransformFromMatrix to have the browser execute code with the user's rights."

    Because of Opera's architecture, using buffer or heap overflows was never very successful with this browser. Additionally, nobody knows what rights the Wii Opera has. Since it does not seem to have access to the flash memory and SD slot (you can't save/load data), it might be hard to use this exploit for anything, even if you could execute your own code.
     
  16. Scorpei

    Member Scorpei GBAtemp Maniac

    Joined:
    Aug 21, 2006
    Messages:
    1,295
    Country:
    Netherlands
    Hmm, doesn't it have acces to its own save file? I noticed there was a save file for the browser.....If it does, and if it's big enough and (I like variables [​IMG]) it has the proper rights, it should be feasable?

    *additional question: Is the browser Wii locked? Can one exchange the binaries between Wii's?
     
  17. flai

    Member flai Androgynous Apparently :)

    Joined:
    Sep 30, 2006
    Messages:
    850
    Country:
    United Kingdom
    Hmm, I'll give this a go just now.

    EDIT - Does work, but expect to see a plethora of Wii viruses in the near future...
     
  18. Athlon-pv

    Member Athlon-pv GBAtemp Advanced Fan

    Joined:
    Feb 25, 2005
    Messages:
    621
    Country:
    United States
    Doesnt crash under Opera 9.10 atleast not under linux [​IMG]
     
  19. Scorpei

    Member Scorpei GBAtemp Maniac

    Joined:
    Aug 21, 2006
    Messages:
    1,295
    Country:
    Netherlands
    That's because they fixed it in 9.10.
     
  20. Athlon-pv

    Member Athlon-pv GBAtemp Advanced Fan

    Joined:
    Feb 25, 2005
    Messages:
    621
    Country:
    United States
    I know but the other guy didnt [​IMG]
     

Share This Page