Wii U Browser Exploit Leaked for v4.10

Discussion in 'Wii U - Hacking & Backup Loaders' started by opal, Jun 15, 2014.

  1. opal
    OP

    opal Advanced Member

    Newcomer
    70
    25
    Dec 30, 2008
    Poland
    "Finally the secret 'Wii U Browser Exploit' is now out in the wild for everyone to enjoy on their Nintendo Wii U Console, if you lucky enough to still be at v4.10 firmware."

    Source: Maxconsole.com
     
    Diablos90 likes this.


  2. markehmus

    markehmus GBAtemp Advanced Fan

    Member
    943
    194
    Jul 26, 2008
    Canada
    in the GAME
    yay , and whats it load ?

    [​IMG]

    nothing ? eh

    still need some homebrew IMO , a shame nintendo will get there hands on this now, no ?
     
  3. crwys

    crwys GBAtemp Maniac

    Member
    1,146
    307
    Jun 26, 2008
    United States
    Assuming this is even true. It doesn't matter for those who upgraded to 5.0 because it has already been confirmed that the browser exploit is still there.
     
  4. WulfyStylez

    WulfyStylez SALT/Bemani Princess

    Member
    1,149
    2,607
    Nov 3, 2013
    United States
    Ah yes, nothing like blowing your zero-days through unfinished leaks.

    Seems to be legit though, for what it's worth.
     
  5. yuyuyup

    yuyuyup GBAtemp Psycho!

    Member
    3,336
    767
    Apr 30, 2006
    United States
    USA MTN timezone
    I checked maxconsole, sorted by "wii" (which also catches wii u news) and no such story.

    edit: I guess it's in their "underground" section.
     
  6. VashTS

    VashTS Beat it, son

    Member
    3,885
    695
    Mar 14, 2009
    United States
    Upstate NY
    i've got the files here at work. interesting leak! I'm hoping a 5.0 port comes along soon and something becomes of this!
     
  7. julialy

    julialy Homebrewer

    Member
    1,628
    557
    Nov 26, 2012
    United States
    United States
    Image:
    [​IMG]
    I have not verified it.

    To get the archive search the quote on the OP on google.
     
  8. gunner007

    gunner007 GBAtemp Advanced Maniac

    Member
    1,506
    368
    Dec 31, 2013
    United States
    Exploit is legitimate, but is very unfinished - /golfclap. There went your only way in.
     
  9. paulttt

    paulttt GBAtemp Regular

    Member
    116
    23
    Sep 1, 2008
    IKR fucktards.
     
  10. Goku Junior

    Goku Junior GBAtemp Advanced Fan

    Member
    950
    288
    Dec 27, 2013
    Argentina
    Buenos Aires, Argentina
    I'm in 5.0.0, but I'll try it and I see what happends...
     
  11. NWPlayer123

    NWPlayer123 GBAtemp Addict

    Member
    2,629
    6,226
    Feb 17, 2012
    United States
    The Everfree Forest
    No need, we've already done so. Doesn't work. Like we've said many times, the bug is still there (though in future updates it won't be because some idiot decided to leak an unfinished exploit for nintendo to patch), but we have no code execution.
     
    filfat and Taleweaver like this.
  12. markehmus

    markehmus GBAtemp Advanced Fan

    Member
    943
    194
    Jul 26, 2008
    Canada
    in the GAME

    here

    wow
     
    TeamScriptKiddies likes this.
  13. WulfyStylez

    WulfyStylez SALT/Bemani Princess

    Member
    1,149
    2,607
    Nov 3, 2013
    United States
    It's old webkit. Finding another exploit isn't an issue. The real issue would be if nintendo tightened the browser's permissions.

    Also what's this about no code execution? This package clearly is able to do ROP stuff. If that's not code execution, I'm not entirely sure what is.
     
    B4rtj4h likes this.
  14. Snailface

    Snailface My frothing demand for 3ds homebrew is increasing

    Member
    4,324
    1,983
    Sep 20, 2010
    Engine Room with Cyan, watching him learn.
    What's interesting is the name on some of the files in the exploit are similar to NWPlayer, who first-replied under GaryOPA's announcement thread on Maxconsole. He didn't sound happy. :P

    I don't think this leak is the end-of-the-world since people can just stay put on the vulnerable firmware, but ticked off devs are never a good thing.

    Edit: Speak of the devil. :ninja:
     
  15. NWPlayer123

    NWPlayer123 GBAtemp Addict

    Member
    2,629
    6,226
    Feb 17, 2012
    United States
    The Everfree Forest
    The addresses moved/the code changed, so the ROP chain broke from 4.1.0 to 5.0.0.
     
  16. Goku Junior

    Goku Junior GBAtemp Advanced Fan

    Member
    950
    288
    Dec 27, 2013
    Argentina
    Buenos Aires, Argentina
    Yes I know it won't work but I'm a veru curiosity person, I like to test some things, and I want to see what kind of error code shows up, it is a stupid thing, I know. And yes, I don't know what stupid person did that, but I WON'T UPDATE ANYMORE! I'll stay in 5.0 from now to the end!, I'm not scared about 5.0 because I trust Marionumber1 so I belive him and the others sceners working in this exploit, thanks for all!

    EDIT:Code execution... I didn't read that, so it is useless because it can't launch nothing now... right?
     
  17. markehmus

    markehmus GBAtemp Advanced Fan

    Member
    943
    194
    Jul 26, 2008
    Canada
    in the GAME

    love your 1st and only post on max
     
  18. gunner007

    gunner007 GBAtemp Advanced Maniac

    Member
    1,506
    368
    Dec 31, 2013
    United States
    As a developer, it isn't fun having your work released unfinished and untested (See PS3 CFW) and having an exploit closed before future fimrwares can take advantage of it. Just look at the exploit itself. The idea is to have a way in so you can document the entire system and find further vulnerabilities. Now 5.0 will be the last hackable firmware you can take advantage of. Even if it's as easy as "Old webkit", I doubt any dev would be willing to put forth the effort after this.
     
  19. yuyuyup

    yuyuyup GBAtemp Psycho!

    Member
    3,336
    767
    Apr 30, 2006
    United States
    USA MTN timezone
    Read the message I wrote that you responded to
     
  20. WulfyStylez

    WulfyStylez SALT/Bemani Princess

    Member
    1,149
    2,607
    Nov 3, 2013
    United States
    One leak isn't going to singlehandedly slaughter the scene like you seem to think it will.

    Anyways, anyone try this yet? You should just be able to host a local server and browse to index.html. Opens an RPC on 192.168.1.4, but you can change that in socket.h. Should also throw logs somewhere.