Homebrew Official WUP Installer - Title installer + Firmware spoofing [3.x - 5.4.0]

[andrewperry1234]

Is there not a title.cert when you are using uwizard?


edit:

Okay pretty much all of the files that are needed are downloaded through uwizard, but the are named differently. Where does the 2.50 KB title.cert file come from?

 

[EclipseSin]

you'll have to make the .cert yourself if you want to use something besides nusgrabber unfortunately, unless someone makes a little program to do it for you, or there is another program I dont know about.

tmd = title.tmd
cetk= title.tik
title.cert = see below

title.cert layout
0x0-0x3FF (0x650-0xA4F cetk)
0x400-6FF (0xCB4-0xFB3 tmd)
0x700-9ff (0x350-0x64F cetk)

Should be correct anyways. Could be different per title. Haven't looked into it much yet.

 

[andrewperry1234]

Thank you eclipse.

Went ahead and tried nusgrabber 0005000E1018DC00 48 and I was able to download the newest update. It is currently (hopefully) installing on the Wii U.

Gonna be so tired I'm not gonna wanna play now lol

 

[SonyUSA]

you'll have to make the .cert yourself if you want to use something besides nusgrabber unfortunately, unless someone makes a little program to do it for you, or there is another program I dont know about.

tmd = title.tmd
cetk= title.tik
title.cert = see below

title.cert layout
0x0-0x3FF (0x650-0xA4F cetk)
0x400-6FF (0xCB4-0xFB3 tmd)
0x700-9ff (0x350-0x64F cetk)

Should be correct anyways. Could be different per title. Haven't looked into it much yet.

No need to regenerate it every time, the title.cert can be re-used from the update packs or any nusgrabber download, it's the same file for all the public stuff

 

[andrewperry1234]

Okay the latest update works. We survived an update.

 

[snake218]

Ok... Im lost here... Sorry to hear about Crediar work leaked.
I spoof fw with original files posted by crediar a couple of days ago, but today i read that some file was missing? I already have spoofed the fw, do i have to do the process again with the US spoof files?? Or I'm getting this wrong?

 

[FR0ZN]

No need to redo this step, the spoof is permanent.

 

[Tandro]

I spoof fw successfully, later i notice that wiiu has broken downloads, after open wiiutools.com/RU/payload532.htm wiiu just freeze and nothing happened. How actually it must work?
I try to block wiiu update with my router, but one domain name is too long and not placed in a row, yeah i know how stupid it sound but it's true. Is there another way to fully block update but allow online play?

 

[Wurztha]

Personally I think I'm going to hold off until something better comes along for this being as I have 3.1.0 which has a known IOSU exploit. It wouldn't be as bad if it wasn't permanent as we could just revert to our real version, but I guess that isn't coming any time soon as it could potentially allow us to downgrade.

Unless someone in the know can give me a good reason why I should upgrade to 5.3.2 and use this? How's things looking with with an IOSU on 5.3.2 for those working on it? That way this wouldn't have to be permanent as it could be changed to anything at anytime, no? lol

 

[SonyUSA]

Personally I think I'm going to hold off until something better comes along for this being as I have 3.1.0 which has a known IOSU exploit. It wouldn't be as bad if it wasn't permanent as we could just revert to our real version, but I guess that isn't coming any time soon as it could potentially allow us to downgrade.

Unless someone in the know can give me a good reason why I shouldn't upgrade to 5.3.2 and use this? How's things looking with with an IOSU on 5.3.2 for those working on it? That way this wouldn't have to be permanent as it could be changed to anything at anytime, no? lol

This may be blocked/useless quickly, depending on the next library update/whatever from Nintendo, however from what I gather, nobody has actually -seen- this phantom 3.x IOSU exploit. You -could- buy another WiiU to actually use and stick that one in a closet. I think almost all devs have abandoned 3.x and went to 5.3.2, however it may pay off investment wise for resale value if something ever does come to light with it.

 

[MiZ J0K3R]

@SonyUSA hey man who is [naehrwert] and what happened to [LINK]?

 

[Wurztha]

Yeah that's what I was thinking SonyUSA. I can't see this lasting very long as if a game update can render this useless then :S (I did mention this back on page 32 of this thread)

Was looking forward to playing some of the games I have purchased, Mario Party 10 and Splatoon. I've held on for a few months now since I 'upgraded' to the Wii U from the Wii. Guess I'm going to have to hold on for a few more to see what comes. Shame though as my little girl has been waiting to play Mario Party 10 and I told her that it should arrive soon when I saw the spoofer was coming. (She had just stopped pestering about it too a couple of weeks back)

I'd be happy just knowing there was an IOSU coming, even if not in the near future - just that it would be possible, for 5.3.2 so I could at least update to that and play the games we have bought so far!

 

[SonyUSA]

Yeah that's what I was thinking SonyUSA. I can't see this lasting very long as if a game update can render this useless then :S (I did mention this back on page 32 of this thread)

Was looking forward to playing some of the games I have purchased, Mario Party 10 and Splatoon. I've held on for a few months now since I 'upgraded' to the Wii U from the Wii. Guess I'm going to have to hold on for a few more to see what comes. Shame though as my little girl has been waiting to play Mario Party 10 and I told her that it should arrive soon when I saw the spoofer was coming. (She had just stopped pestering about it too a couple of weeks back)

I'd be happy just knowing there was an IOSU coming, even if not in the near future - just that it would be possible, for 5.3.2 so I could at least update to that and play the games we have bought so far!

No named developer I know has even seen this IOSU exploit, so it may not even exist in the first place and could just be rumor, you could be waiting forever. Just buy a used WiiU cheap so she can play some games!

 

[oumoumad]

Personally I think I'm going to hold off until something better comes along for this being as I have 3.1.0 which has a known IOSU exploit. It wouldn't be as bad if it wasn't permanent as we could just revert to our real version, but I guess that isn't coming any time soon as it could potentially allow us to downgrade.

Unless someone in the know can give me a good reason why I should upgrade to 5.3.2 and use this? How's things looking with with an IOSU on 5.3.2 for those working on it? That way this wouldn't have to be permanent as it could be changed to anything at anytime, no? lol

This is just my personal opinion, update or not is always your call.
- All the efforts now are put in the latest versions, I no think there is a developer who would spend so much work on a version that only some very very few people have access to. Proof is the new tools made now : the spoofer and the rpx loader were both made initially for 5.3.2.
- That 'ghost' IOSU exploit that was for 3.1.0, let's assume it is released, what would you do with it as the end user? an exploit without competent developers worth nothing to the end user, cause you don't know what to do with it.
- The team including MN1 and Hykem are working on the IOSU exploit for the current versions. Based on what MN1 has brought so far to the scene (in fact I believe there would be no Wii U hacking available for the public now if it weren't for him) I think what they are doing is promising.

So just let your girl have fun with Mario party 10, my niece and nephew like playing mini games on it ^^. Don't forget that the purpose of having a Wii U initially was to have fun, and Nintendo consoles have always been fun for all the family .
If you want Wii U only for homebrew, I would suggest you get another console alone. Costs less than $100, you could find it with a way more cheaper price if you're lucky.

 

[Wurztha]

Yeah I think I may just bite the bullet and update to 5.3.2. I'm not bothered about online. Feel like kicking myself for waiting so long to update to 5.3.2 lol, but I have been bit in the past from not holding on.

Wasn't it Hykem who had an IOSU exploit for 3.1.0?

 

[EclipseSin]

I don't know if Hykem has the IOSU exploit or not, but I believe he has a system low enough for the supposed exploit.

 

[oumoumad]

I no think anyone in the current scene has fail0verflow's IOSU exploit for 3.1.0. If Hykem had one he's probably the one who made it, but I remember that Hykem said he updated his Wii U from 3 to 4 since he couldn't find/do what he needed in that old version.

--------------------- MERGED ---------------------------

Sorry I might not be fully accurate in my previous comment, here is what Hykem said exactly :

Sigh... I'll have to correct myself again. Apparently, firmware 3.0.1 still has WebKit 534.52!
After updating and noticing this, I decided to dig a bit through logs and code to come up with a reliable layout for the WebKit updates:

2.0.0 -> Version: 0x08 (534.52)
2.1.0 -> Version: 0x14 (534.52)
3.0.0 -> Version: 0x31 (534.52)
4.0.0 -> Version: 0x59 (536.28)
4.1.0 -> Version: 0x66 (536.28)
5.0.0 -> Version: 0x71 (536.28)
5.1.1 -> Version: 0x82 (536.28)
5.3.0 -> Version: 0xB1 (536.28)
5.3.1 -> Version: 0xC1 (536.28)

As you can see, Nintendo only updated the WebKit base version on firmware 4.0.0. Fail0verflow's presentation confirms this when you take into account that it took place December 2013 and comex mentions Nintendo having updated WebKit a few months ago (that update was 4.0.0 on October 2013).
Anyway, as expected, the bug still doesn't work on firmware 3.0.1 and it only works on firmware 4.0.0 and higher. To the end user, this is yet another reason to update to 5.3.2 as soon as possible.
To me, this means I won't be able to test the bug on my own unit without updating to 4.0.0, so I will leave it at 3.0.1 and port the use-after-free bug instead. This way I can still use it for the IOSU exploit and to dump the keys.

 

[Wurztha]

Nice!

It's confirmed to work up to firmware 3.0.2. It may still be present on newer firmwares, but from 3.1.0 up it has not been confirmed to work.
The idea now is to get the key used to decrypt the IOSU binary code (fw.img) so I can compare it's code across all firmware versions.

Does anyone know how he got on with this? Looks like I will be holding off a little longer for now!

 

[oumoumad]

Nice!



Does anyone know how he got on with this? Looks like I will be holding off a little longer for now!

He said that last April, He's basically studying the IOSU access through the old version to be able to make an exploit in the current versions.
The fact that he is currently working on the IOSU with MN1 shows that their main goal is the latest version.
So I really don't see any benefit for the end user to stay on that version. Especially having to sacrifice all the other games/possibilities made on the later version 5.3.2.

the current focus of most of our exploit developers (me, Hykem, Matt) is IOSU.

Besides even MN1 and Matt are on later versions too in their Wii U ^^.

 

[Deleted-355425]

Nice!



Does anyone know how he got on with this? Looks like I will be holding off a little longer for now!

Stay on 3.1.0 its been documented that 3.1.0 is the latest to have IOSU so just sit tight for now, I just bought a 5.3.2 white console only for £49.99 to mess with. You may kick your self for updating.