Wii Browser Exploit Found

Discussion in 'GBAtemp & Scene News' started by Opium, Jan 7, 2007.

  1. Opium
    OP

    Opium PogoShell it to me ™

    Former Staff
    8,191
    43
    Dec 22, 2002
    Australia








    Wii Browser Exploit Found

    Opera browser exploit crashes Wii







    An Opera browser exploit has been found which crashes the Wii and supposedly would allow the execution of code. No code has yet been run but you can try out the exploit for yourself by pointing your Wii browser to this link.




    After details about new Opera vulnerabilities were released, one was tested that crashed the Wii. Here's what the founder, lbradeen, says about the exploit:



    Although this is certainly interesting we advise you not to get too excited, nothing has been done with this exploit so far.



    [​IMG] lbradeen's Website
     


  2. phoood

    phoood taking it to a whole new level.

    Member
    1,001
    0
    Jul 28, 2006
    United States
    Jewgoslavia
    YAY for exploits!

    I wonder when any of these will finally become useful. Time will tell... =D
     
  3. Opium
    OP

    Opium PogoShell it to me ™

    Former Staff
    8,191
    43
    Dec 22, 2002
    Australia
    It is nice to see that some forms of exploits are being found [​IMG]

    I tried out the exploit myself, what it seemed to do was freeze the Opera browser. It no longer responded and the Mouse pointer disappeared and no input from the Wiimote worked. I dunno, perhaps this crash can be exploited.
     
  4. Samutz

    Samutz Wet Tissue Sample

    Member
    1,598
    2
    Oct 4, 2004
    United States
    See that hole in your wall?
    Yay Viirus!
    [​IMG]
     
  5. fischju_original

    fischju_original I used to be a jerk before i got banned

    Banned
    1,014
    0
    Jul 22, 2006
    United States

    no its not. now nintendo can patch it easily


    lawl, this crashes opera on my pc too
     
  6. angelfly

    angelfly Banned

    Banned
    12
    0
    Dec 31, 2005
    United States
    good thing updates are done manually so it can't be forced
     
  7. fischju_original

    fischju_original I used to be a jerk before i got banned

    Banned
    1,014
    0
    Jul 22, 2006
    United States
    This early in the wii lifespan, it pretty much is forced
     
  8. EarthBound

    EarthBound a/s/l?

    Member
    840
    3
    Aug 28, 2003
    United States
    Fort Worth,Texas
    The Wii can update itself right?I dont think i ever turned it off,but good thing its unpluged.Ill just unplug my Wifi-Max =D
     
  9. cruddybuddy

    cruddybuddy Group: Banned!

    Banned
    2,864
    1
    Aug 27, 2003
    United States
    California
    Just change your setting so the Wii will not automatically update.
     
  10. fischju_original

    fischju_original I used to be a jerk before i got banned

    Banned
    1,014
    0
    Jul 22, 2006
    United States
    Have you seen how much space is available for new channels? Nobody is going to want a wii with just the weather channel so they can run homebrew
     
  11. Opium
    OP

    Opium PogoShell it to me ™

    Former Staff
    8,191
    43
    Dec 22, 2002
    Australia
    To the end user running homebrew code through a browser crash isn't the ultimate goal here. If indeed this browser crash can allow people to run their own homebrew code then they may be able to access Wii system files. Things like dumping the firmware and whatnot are not out of the realm of possibility. From that other exploits can be found.

    But this is just speculation of course, providing that the browser crash can actually let you run code.
     
  12. DaRk_ViVi

    DaRk_ViVi Sending you back... to the future!

    Member
    1,060
    54
    Apr 13, 2004
    Italy
    Asti, Italy
    It would be nice to allow new channels to be installed on the Wii, like a "Wii Backup Channel" and "GC Backup Channel" or a "*Insert Homebrew name here* Channel".

    Who cares about "Weather Channel"? XD
     
  13. TheStump

    TheStump Got Wood?

    Member
    796
    0
    May 8, 2006
    i pretty much have no idea what this means, but im sure its great news. [​IMG]
     
  14. kersplatty

    kersplatty GBAtemp Regular

    Member
    113
    0
    May 23, 2006
    United States
    could this be backdoor number 2!!!! [​IMG] [​IMG]
     
  15. accolon

    accolon GBAtemp Regular

    Member
    206
    0
    Oct 29, 2003
    Gambia, The
    According to heise Security, Opera Software "argues that it is not easy to exploit the heap overflow consistently". "Attackers can specially call the function createSVGTransformFromMatrix to have the browser execute code with the user's rights."

    Because of Opera's architecture, using buffer or heap overflows was never very successful with this browser. Additionally, nobody knows what rights the Wii Opera has. Since it does not seem to have access to the flash memory and SD slot (you can't save/load data), it might be hard to use this exploit for anything, even if you could execute your own code.
     
  16. Scorpei

    Scorpei GBAtemp Maniac

    Member
    1,295
    2
    Aug 21, 2006
    Netherlands
    Hmm, doesn't it have acces to its own save file? I noticed there was a save file for the browser.....If it does, and if it's big enough and (I like variables [​IMG]) it has the proper rights, it should be feasable?

    *additional question: Is the browser Wii locked? Can one exchange the binaries between Wii's?
     
  17. flai

    flai Androgynous Apparently :)

    Member
    850
    0
    Sep 30, 2006
    Hmm, I'll give this a go just now.

    EDIT - Does work, but expect to see a plethora of Wii viruses in the near future...
     
  18. Athlon-pv

    Athlon-pv GBAtemp Advanced Fan

    Member
    621
    0
    Feb 25, 2005
    United States
    Doesnt crash under Opera 9.10 atleast not under linux [​IMG]
     
  19. Scorpei

    Scorpei GBAtemp Maniac

    Member
    1,295
    2
    Aug 21, 2006
    Netherlands
    That's because they fixed it in 9.10.
     
  20. Athlon-pv

    Athlon-pv GBAtemp Advanced Fan

    Member
    621
    0
    Feb 25, 2005
    United States
    I know but the other guy didnt [​IMG]