Homebrew WiiU Homebrew Development

[mariogamer]

me,its isn't work with wine.I run it a lot of time,but it isn't running.

 

[deformyer]

@mariogamer Do you really think I will smell what causes this without you giving me details (how does it crash, what version, ...)

 

[mariogamer]

it is load...,then,it does nothing!it is the 1.6.2 version.

 

[nastys]

it is load...,then,it does nothing!it is the 1.6.2 version.

Use the attached version of Gecko dNET.
If it doesn't work, import this using PlayOnLinux Vault: https://mega.nz/#!dtYwWaQQ!s4Om5I4JGAVcuKZeBnbF3GIgzIMkRQCvhlwCSPzd224

 

[Adr990]

In coreinit.h, which basically sets up the access to it in OSv11 via the Browser exploit:

Spoiler

#if (VER==200)
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x010220AC)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x01022D98)
#define OSFatal ((void (*)(char* msg))0x01027688)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x01025FB4)
#elif (VER==210)
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x0102232C)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x01023018)
#define OSFatal ((void (*)(char* msg))0x01027908)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x01026014)
#elif (VER==300) | (VER==310)
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x01022CBC)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x01023D88)
#define OSFatal ((void (*)(char* msg))0x01028A68)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x01027390)
#elif (VER==400) | (VER==410)
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x01026e60)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x01028460)
#define OSFatal ((void (*)(char* msg))0x0102D01C)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x0102b9ac)
#elif VER==500
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x01029CD8)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x0102B3E4)
#define OSFatal ((void (*)(char* msg))0x01030ECC)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x0102ECE0)
#elif VER==532
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x102a31c)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x102b790)
#define OSFatal ((void (*)(char* msg))0x1031368)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x102f09c)
#else
#error "Unsupported Wii U software version"
#endif

Why does there have to be an different offset/pointer (let alone, at all) for a method that is accessible for every different FW in OSv11? I thought once userland access was obtained, we could just do "OSDynLoad_Acquire" and call it a day?

I guess it is because of how the userland exploit works...
Is it any different in case of the kernel exploit? (Since that one sure must have access, without doing stuff like mentioned above)

 

[smid]

I successfully compiled pygecko, codehandler etc but it just hangs when I launch it after I launch the exploit. Anyone have a working version willing to share a compiled version (if it isnt against the rules of course)? I want to host it locally that's why I'm asking

 

[nastys]

I successfully compiled pygecko, codehandler etc but it just hangs when I launch it after I launch the exploit. Anyone have a working version willing to share a compiled version (if it isnt against the rules of course)? I want to host it locally that's why I'm asking

http://gbatemp.net/threads/wii-u-hacking-homebrew-discussion.367489/page-485#post-5635971

 

[smid]

http://gbatemp.net/threads/wii-u-hacking-homebrew-discussion.367489/page-485#post-5635971

Thanks! Forgot to mention that I'm on 5.0.0 though. Sorry.
Can I still use the files you linked to?

 

[nastys]

Thanks! Forgot to mention that I'm on 5.0.0 though. Sorry.
Can I still use the files you linked to?

There are other files for 5.0.0 (not in that package), but I'm not sure they work.

 

[Marionumber1]

In coreinit.h, which basically sets up the access to it in OSv11 via the Browser exploit:

Spoiler

#if (VER==200)
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x010220AC)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x01022D98)
#define OSFatal ((void (*)(char* msg))0x01027688)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x01025FB4)
#elif (VER==210)
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x0102232C)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x01023018)
#define OSFatal ((void (*)(char* msg))0x01027908)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x01026014)
#elif (VER==300) | (VER==310)
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x01022CBC)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x01023D88)
#define OSFatal ((void (*)(char* msg))0x01028A68)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x01027390)
#elif (VER==400) | (VER==410)
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x01026e60)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x01028460)
#define OSFatal ((void (*)(char* msg))0x0102D01C)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x0102b9ac)
#elif VER==500
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x01029CD8)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x0102B3E4)
#define OSFatal ((void (*)(char* msg))0x01030ECC)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x0102ECE0)
#elif VER==532
#define OSDynLoad_Acquire ((void (*)(char* rpl, unsigned int *handle))0x102a31c)
#define OSDynLoad_FindExport ((void (*)(unsigned int handle, int isdata, char *symbol, void *address))0x102b790)
#define OSFatal ((void (*)(char* msg))0x1031368)
#define __os_snprintf ((int(*)(char* s, int n, const char * format, ... ))0x102f09c)
#else
#error "Unsupported Wii U software version"
#endif

Why does there have to be an different offset/pointer (let alone, at all) for a method that is accessible for every different FW in OSv11? I thought once userland access was obtained, we could just do "OSDynLoad_Acquire" and call it a day?

I guess it is because of how the userland exploit works...
Is it any different in case of the kernel exploit? (Since that one sure must have access, without doing stuff like mentioned above)

I'm not exactly sure what your question is. As you seem aware of, the OSDynLoad functions will let you find the addresses of other functions, but to do that, you obviously need the addresses of OSDynLoad functions themselves first. That's why they're hardcoded in there for every version. I also stuck OSFatal() and __os_snprintf() there because it's useful to have debug printing in by default.

 

[Adr990]

I'm not exactly sure what your question is. As you seem aware of, the OSDynLoad functions will let you find the addresses of other functions, but to do that, you obviously need the addresses of OSDynLoad functions themselves first. That's why they're hardcoded in there for every version. I also stuck OSFatal() and __os_snprintf() there because it's useful to have debug printing in by default.

Ohh... I see now. Derp.

You need to find OSDynLoad instead and then use it to load a method.
I don't know what I was thinking, I read what OSDynLoad was for... but I seemed to keep thinking that you could just call OSDynLoad it self like a method, without needing to find the method in the memory first.

Thanks for explaining.

 

[Dr.Hacknik]

I haven't updated my Wii U in months, im still on 5.4.0, luckily i can still get Exploits.

 

[FM360]

Was the kernel exploit patched in 5.5.0?

 

[Dr.Hacknik]

Was the kernel exploit patched in 5.5.0?

I think parts of it were, but not really anything significant.

 

[wujorgey]

so 5.5.0 cant do it atm?

 

[deformyer]

@wujorgey There's indeed no public exploit (yet) for 5.5.0

 

[Reecey]

Does anyone know if say OpenDNSUpdater went completely wrong and you didn't realize for some odd reason during the night and your WiiU was on the orange light mode, switched off would it still update itself even spoofed to 5.5.0FW?

 

[pedro702]

Does anyone know if say OpenDNSUpdater went completely wrong and you didn't realize for some odd reason during the night and your WiiU was on the orange light mode, switched off would it still update itself even spoofed to 5.5.0FW?

wiiu only updates on standby if you have quick start up enabled if you do well spoofed still gets updated, i play online with nintendo servers blocked with the spoof and the wiiu is contantly trying to update.

 

[Reecey]

wiiu only updates on standby if you have quick start up enabled if you do well spoofed still gets updated, i play online with nintendo servers blocked with the spoof and the wiiu is contantly trying to update.

OK so as long as you don't have quick start enabled in settings on standby it will be ok, which I don't. Cause I'm paranoid of my WiiU updating so I keep unplugging the lead out the back of it but getting fed up of keep doing that.

 

[pedro702]

OK so as long as you don't have quick start enabled in settings on standby it will be ok, which I don't. Cause I'm paranoid of my WiiU updating so I keep unplugging the lead out the back of it but getting fed up of keep doing that.

yeah go to settings just making sure quick start menu off and download on standby off and such check your settings just in case.