Hacking Wii U Hacking & Homebrew Discussion

  • Thread starter Thread starter filfat
  • Start date Start date
  • Views Views 5,122,286
  • Replies Replies 21,104
  • Likes Likes 29
I think that one of our best bets is to figure out a way to decrypt the files Sm4sh generates with the albums. (.dat, .bin)
Maybe after finding a way to decrypt those files, we could program our own code inside the files, resulting in another exploit?

This is probably not even close to being correct, but this is just my theory.
 
I think that one of our best bets is to figure out a way to decrypt the files Sm4sh generates with the albums. (.dat, .bin)
Maybe after finding a way to decrypt those files, we could program our own code inside the files, resulting in another exploit?

This is probably not even close to being correct, but this is just my theory.

Someone is working on it apparently. Good luck to him :)
I looked a bit on those .bin files, but they're encrypted, and seems to always share a common md5, as TSK stated.
 
  • Like
Reactions: TeamScriptKiddies
Someone is working on it apparently. Good luck to him :)
I looked a bit on those .bin files, but they're encrypted, and seems to always share a common md5, as TSK stated.

Interesting. So if the .bin files are decrypted, what possibilities could that open?
 
Where might I find that script? I use windows btw and this appears to require linux but luckily I have a second laptop with linux so that isn't a problem.

the 30c3 talk that fail0verflow made has the script in the slides. links to the video recording and blog post have been said many times throughout this thread. please watch the talk.
 
Ubfuscating piracy. I'm just glad Marionumber1 will. Homebrew only, I'm fine with that.


1st trying to hide an exploit from the hardware's owners is just a waste of the exploit writer's time. They literally "own" the hardware.There is nothing you can hide from them. It's just a question of do they want to put the man hours(time/effort) into it. There is no doubt they have a version of pintools working on both the PowerPC and the ARM core to step thru and debug everything they need.

My God they have Ubuntu working on a WiiU.

2nd trying to hide an exploit from the user's view is a waste of the user's time.
example: Gateway updates were fast and furious in the beginning,beta testing wide spread. As soon as they started needing to hide stuff better and better the end user has had to wait longer and longer. The code balloons and the time to decrypt(each time get slightly longer and longer). They have there their exploit done but mt-card released 9.x emunand so damn quick they have to find new ways to hide stuff.

Aw man, it doesn't work on 5.3.2, just tried it.


When testing for ANY bugs, the closer the unit is to the same known state the easier it is to check for bugs.
All Wii U tests should be from a cold boot,period. Because anything less comprises the memory's unknown state. Each variable you add makes tracking the problem that much harder.
 
I don't see anything wrong with obfuscating piracy. I agree with marionumber1, plain and simple.
If he has moral, I can't do anything but wish him best of luck. That is what I want to see: WiiU homebrew. No warez, fuck piracy.
 
I don't see anything wrong with obfuscating piracy. I agree with marionumber1, plain and simple.
If he has moral, I can't do anything but wish him best of luck. That is what I want to see: WiiU homebrew. No warez, fuck piracy.

It's not about piracy. It's about time. That was the point.

Everything could have been released 1 month after WiiU launch. Or July 2014 with mario kart hacks. But, it is 2015. Not 2012. A new home system will be announced by Nintendo(perhaps even released by the time anything is done). This could be the 1st system to survive "unscathed" by any public code execution.
 
  • Like
Reactions: Fpsrussia117
Piracy is inevitable once a healthy homebrew scene is developed, even Team f0f said it themselves in the conference video, that once a homebrew platform is well established, its just a matter of some simple patching to get games (isos) to run off alternative mediums (usb devices, sd cards blah blah blah). Even if the kernel exploit alone isn't enough to pull it off, once its out, an IOSU exploit won't be far behind (someone will develop it).

If Marionumber1 and NWPlayer123 want to take steps to obsfucate the possibility of enabling backups etc, let them, whether you agree with their stance or not. It does not matter, they're putting all their blood, sweat and tears into this project, not everybody else. If it goes against their morals to make piracy/backup loading easy, than they have a right to stand up for what they believe it.

If you don't like it, than develop an exploit of your own *crickets chirping*.

That's what I thought.....


Piracy will be possible irregardless of who develops what, but if they want to take measures to slow down the onslaught, let them. Its their project, their right. People tend to be so ungrateful around here. Without MN1 and NWP, there would BE NO SCENE. Back off and let them do what they want to do. If you don't like it, develop your own exploit from the ground up. Whats that? you don't have the necessary skills to do that, open a book and learn.... Either that or zip your mouth shut and thank them for all the hard work and effort they've poured into this project.
 
Piracy is inevitable once a healthy homebrew scene is developed, even Team f0f said it themselves in the conference video, that once a homebrew platform is well established, its just a matter of some simple patching to get games (isos) to run off alternative mediums (usb devices, sd cards blah blah blah). Even if the kernel exploit alone isn't enough to pull it off, once its out, an IOSU exploit won't be far behind (someone will develop it).

If Marionumber1 and NWPlayer123 want to take steps to obsfucate the possibility of enabling backups etc, let them, whether you agree with their stance or not. It does not matter, they're putting all their blood, sweat and tears into this project, not everybody else. If it goes against their morals to make piracy/backup loading easy, than they have a right to stand up for what they believe it.

If you don't like it, than develop an exploit of your own *crickets chirping*.

That's what I thought.....


Piracy will be possible irregardless of who develops what, but if they want to take measures to slow down the onslaught, let them. Its their project, their right. People tend to be so ungrateful around here. Without MN1 and NWP, there would BE NO SCENE. Back off and let them do what they want to do. If you don't like it, develop your own exploit from the ground up. Whats that? you don't have the necessary skills to do that, open a book and learn.... Either that or zip your mouth shut and thank them for all the hard work and effort they've poured into this project.


I am uncertain who that above quote was directed at. Regardless, I'm sure you would like to amend the text in red.
As they would probably be the 1st to tell you, no man stands as tall as when he "Stand(s) on the shoulders of giants".
 
Hey everyone! I'm currently filling out the application to be a licensed Wii U developer using the Unity and Web Framework option (no dev kit required, code runs on any retail Wii U :D). If selected, I will have access to this very specific dev environment. Sure it may be limited but it will give me more freedom for development purposes. I will be forced into a Non-Disclosure Agreement so I won't be able to release any info on the inner workings of anything, however, I could work on some exploits (maybe) and release them for free (hosted on a web server) instead of posting them to the eshop (if selected).

I will have access to a limited SDK for developing Wii U games/applications. I think this could be pretty useful :D. Anybody here lucky enough to be selected for this program? Its completely free :D.

UPDATE: Application done, now we wait..... :P
 
  • Like
Reactions: nonameboy
Hey everyone! I'm currently filling out the application to be a licensed Wii U developer using the Unity and Web Framework option (no dev kit required, code runs on any retail Wii U :D). If selected, I will have access to this very specific dev environment. Sure it may be limited but it will give me more freedom for development purposes. I will be forced into a Non-Disclosure Agreement so I won't be able to release any info on the inner workings of anything, however, I could work on some exploits (maybe) and release them for free (hosted on a web server) instead of posting them to the eshop (if selected).

I will have access to a limited SDK for developing Wii U games/applications. I think this could be pretty useful :D. Anybody here lucky enough to be selected for this program? Its completely free :D.

UPDATE: Application done, now we wait..... :P

As awesome as this is, I don't think you'd be allowed to make/release exploits. You could leak them or something though I guess.
 
I have an explanation of what we would have to do to run our own code at https://github.com/IbbyCode/SmashStackU


I'm glad to see that someone's picked up the slack here :). I abandoned this project, but I'm happy to see others working on it :). As for initiating code execution, I think Marionumber1 is right. Its going to take more than just redirecting to our own custom file to get it to run. The code won't be signed properly so the Wii U will reject it right away. My original idea with this would be to use corrupted image files to trigger an exploit to get the code to run (much like how black hat hackers, use corrupted image files to install and run viruses without the user's consent or knowledge on a pc). Except in our case, we wouldn't be doing anything malicious with it.

If we can trigger an unhandled exception using a corrupted image file, we might be able to tweak it for code execution. In theory, if we can trigger code execution within Smash bros, it "should" give us the same privileges that the game itself has (meaning sd card access :D). We could then use this to launch simple homebrew apps off an sd card. Of course this would only result in a userland exploit so it would be limited, but it would be sufficient enough for basic homebrew apps (nes emulators, MAYBE some simplistic media players etc). If this exploit can be accomplished, someone could write code for a custom homebrew menu, that could be triggered with the exploit, that functions much like hbc on the wii/vWii and list all the homebrew apps on the sd card for the user to select w/e they want to launch. Of course, with a userland exploit NOTHING can be installed to NAND, but the menu could run entirely off the sd card.

I have a feeling if a userland exploit like this is developed, it would be extremely difficult for Nintendo to do anything about it (like with the original smashstack, heck it still runs on the vWii XD).
 

Site & Scene News

Popular threads in this forum