[HN Gopher] Exploiting the Wii U's USB Descriptor parsing
___________________________________________________________________
Exploiting the Wii U's USB Descriptor parsing
Author : sonixier
Score : 140 points
Date : 2022-06-08 10:02 UTC (12 hours ago)
(HTM) web link (garyodernichts.blogspot.com)
(TXT) w3m dump (garyodernichts.blogspot.com)
| shakna wrote:
| Where did the Wii-U source extract come from? I know there was
| some Wii source code dumped in May, 2020, but that was for the
| original Wii and nothing really that wasn't already known. That
| the source extract is s casually dumped suggests access to the
| code that the average person really couldn't dream of.
| Operyl wrote:
| It's all reverse engineered and manually re-labeled code from
| assembly. It's just .. an insane amount of work from the
| community :).
| flatiron wrote:
| this isn't the first time the wii u has been hacked. the most
| common wii u hack was simply because only code was encrypted,
| not the assets. so someone was able to buffer overflow the
| Nintendo DS emulator by replacing the assets. You run the DS
| game, wii u reboots jailbroken. My guess is part of the initial
| jailbreak the OS was dumped and decrypted and what you are
| seeing is from ghidra not from C source.
| GaryOderNichts wrote:
| Like the other two comments mention this was all reverse
| engineered by hand using ghidra. I don't think there was ever a
| source code leak for the Wii U anyways.
| emkee wrote:
| Finally, a reason for taking cpsc 323
| darig wrote:
| mrguyorama wrote:
| I believe this is the exact same exploit that was used to
| eventually jailbreak the PS3 using USB dongles.
| phire wrote:
| It certainly is a very similar exploit, but I'm not sure if
| it's the exact same bug.
| GaryOderNichts wrote:
| Edit: After looking through the PSJailbreak writeup it seems
| like they are really similar after all. Both target the
| descriptors allocated on the heap.
___________________________________________________________________
(page generated 2022-06-08 23:01 UTC)