Hacking Wii U Hacking & Homebrew Discussion

  • Thread starter Thread starter filfat
  • Start date Start date
  • Views Views 5,120,980
  • Replies Replies 21,104
  • Likes Likes 29
The thread basically stops moving after people get loadiine, and the only time it starts moving again is when people want to complain about whether the hard work others are doing is or is not released.

Don't get me wrong, not everyone can be a content producer and we surely can't expect people to learn PPC Assembly or how to RE binaries, let alone create or contribute to an exploit, but when people ask or complain about when / if something is released (over and over again), it just kinda...takes the passion out it. It's fine to just be a consumer, but at least don't act entitled to the product.

This thread should be about "Homebrew and Hacking". I'd rather read posts about whether something is or isn't possible or suggestions for homebrew / exploit vectors than sift through essentially people whining. That likely just makes the devs not want to post as frequently. And that really sucks, because i'm pretty sure that's the main reason people follow this thread.

/rant

I'm sure there are, I wouldn't know what they are though, only one I know of is a xorpad method. Keep in mind that Smash, minus update data and like character intro videos, is just two giant 2GB files for the entire game, you need to either do it manually in memory or hook into the code that they use to load from the archives (dantarion's still working on that, by the looks of it).

I'm also poking around in the archive code too, though i've been really busy as of late so i haven't made much progress. iirc @soneek was doin some file injection stuff with the update data as well.
 
Funny how impossible it is for people to consider that the people who can actually code the exploits might have better insight into when it's best to release them than they do.

If you really want to pressure devs to release exploits, code some useful or interesting homebrew!
 
Funny how impossible it is for people to consider that the people who can actually code the exploits might have better insight into when it's best to release them than they do.

If you really want to pressure devs to release exploits, code some useful or interesting homebrew!
If I'm remembering correctly, didn't failoverflow offer to release what they had if developers stepped up and showed that they would do something with it- only to have nobody actually do it?

I may be remembering wrong.
 
If I'm remembering correctly, didn't failoverflow offer to release what they had if developers stepped up and showed that they would do something with it- only to have nobody actually do it?

I may be remembering wrong.

Which is sad. If I was a better coder I'd want to make a digital version of the card game Android: Netrunner that could be played on a Wii U, with the Corporation player playing on the Gamepad so they can keep all their moves secret.
 
Which is sad. If I was a better coder I'd want to make a digital version of the card game Android: Netrunner that could be played on a Wii U, with the Corporation player playing on the Gamepad so they can keep all their moves secret.
Sounds cool, I feel like asymmetric games are what the Wii U gamepad was built for. I'd love to see some asymmetrical homebrew simply because they're something that you don't see in local co-op
 
1) Develop savegame exploits by fuzzing savegame data and debugging crashes with kernel exploit.
2) Develop new kernel exploit by reversing kernel syscalls to find vulnerabilities (this is how Comex found the OSDriver race condition).
3) Develop IOSU exploit by fuzzing ioctls for device drivers to look for crashes. IOSU runs on ARM9 which doesn't have support for NX bit, which makes blind exploitation ALOT easier since you don't have to have an information disclosure in order to find ROP gadgets.

Other productive things to do:
1) RE and document RPLs on WiiUBrew (Super easy because symbols are intact for dynamic linking).
2) Work on libwiiu by adding examples of how to use said RPLs (Sound would be interesting).
3) Get working elf/rpx loader for homebrew.
4) Help exjam with his emulator.


If you could start reading/doing 3 rather simple things for a a build up to help with 2/3 what would they be? Some times I don't think its possible to exploit without really really knowing how to code, like 5 years of hardcore C/C++ experience, which I don't have.
Books/Classes/Concepts?
I ask this all the time and never get any closer, but alas.

I did watch the OpenSecurityTraining Lectures on Life of Binaries to try understand the RPX/RPL (ELF) stuff better. Was fun and somewhat helpful. Still totally lost, but eh. I have to identify small doable projects to do as to get anywhere.

In my spare time one day I want to attempt some side channel attacks on older consoles like the Wii. Hell I'd be happy with a side channel attack on a PS1/PS2 just to be able to demonstrate some kind of attack.
Where has all the hardware hacking gone?

I am convinced that there exist full blown exploits for PS4/WiiU but they fail to be released for various reasons.
 
Last edited by keine,
  • Like
Reactions: Margen67
And it was written in verses, such a waste that he decided to remove it :( .
directly from ps3 scene (my favorite rhymes so far):

Unicorns gathered one day
heard man talk about pwn ps3 in a smartly way
But little did they know
that already without much show
the dump was down at their cloaved hooves
That all simple proves
Never try to hide things
from eliptic curve horned beings
as they shit crypto poo
its just in their nature to do
 
A couple of questions, sorry if they're not pertinent:

1) I know that soneek wrote a script to convert .brstm to .bcstm and .bfstm. Is there a way to do this in reverse (aside from converting it into a wav and using the same loop points from the original song with the resulting file, which I don't want to do as the audio will be lossy compressed)? I know it's possible because Mr. Bean said he had a tool that did such (I believe in response to a comment on his Cafiine video), but I have absolutely no idea where to start (and I suck at coding). Maybe you could extract the .dsp files and make them into a .brstm then?

2) I have not the foggiest idea on how to make .nus3bank files. I have the originals extracted from my disk which soneek said you have to use as templates, but I don't know the procedure, and soneek also said you have to make .idsp files which I also have no idea how to do.

3) Whenever I try to dump a song from Smash Wii U via cafiine, the Wii U always freezes, why is that?
 
Last edited by A Generic User,
That's assuming it was ever alive in the first place :^) All I ever do on here is humor you, I have no actual hope for anyone on here, I do everything myself for a reason, because nobody else will

If I knew it was "alive" sooner I would have paid more attention to blocking automatic updates as I'm on 5.5 now.
If you ever decide to release it's then that's great for everyone, if you stick to your decision to never release it then that's fine by me too really.

I'm sure someone else will find something sooner or later and will be the so called hero of the scene. :)

--------------------- MERGED ---------------------------
 

Site & Scene News

Popular threads in this forum