[HN Gopher] Blog hosted on a Nintendo Wii
___________________________________________________________________
Blog hosted on a Nintendo Wii
Author : edent
Score : 313 points
Date : 2025-04-21 18:29 UTC (4 hours ago)
(HTM) web link (blog.infected.systems)
(TXT) w3m dump (blog.infected.systems)
| rubatuga wrote:
| Cool, but I sense a slowdown!
| benwilber0 wrote:
| got hugged.
|
| Maybe the next post will say "Blog is hosted on a Nintendo Wii
| (running Varnish)"
| codetrotter wrote:
| Loads for me at the moment
| kotaKat wrote:
| It puts up a bit of a fight.
|
| https://blog.infected.systems/status/ for a plaintext status of
| what the Wii's doing load-wise (if it's still up, updated every
| ~15 minutes according to the blog).
|
| https://archive.is/6QvVA
| jarbus wrote:
| beautiful
| MagicRailAPI wrote:
| That Wii just happened to be running inside a Hetzner data
| center?
| mrweasel wrote:
| Giving the author the benefit of the doubt, that's probably how
| I'd do it. Not hosting the Wii in a datacenter, but set up a VM
| as a proxy, as to not expose my home internet connection to the
| world.
|
| You're not going to win an points with the family when they
| can't stream Disney+ because you had to expose a webserver
| running on that old Wii to the internet, using your home
| internet connection.
| busymom0 wrote:
| Couldn't one use cloudflare tunnel to prevent that issue?
| voytec wrote:
| He wrote that there's Caddy adding TLS between Wii (which runs
| lighttpd) and the viewer.
| LeoPanthera wrote:
| You should read the actual post.
| joseda-hg wrote:
| Based on previous experience with Wii homebrew, you could
| probably circumvent the (expected) reliability issues of the
| smaller SD by swapping to a regular USB thumbdrive post exploit,
| ports are only 2.0 but you're bound by processor anyway
| ObscureScience wrote:
| Anyone knows if the Starlet co-processor is accessible from
| NetBSD?
| RockRobotRock wrote:
| >I was doing this bit using a capture card and Photo Booth on
| macOS which doesn't actually support disabling the image-flip on
| the video feed
|
| Please use OBS
| macshome wrote:
| I was surprised at the Photo Booth usage as well. I would have
| just recorded it with the QuickTime Player as if it were an iOS
| device.
| CommenterPerson wrote:
| Interesting work! Definitely deserved the #1 spot on HN
| allegrotim wrote:
| this is pure beauty. Do you think something like this can be done
| on a NES? like a simple CGI website
| zamadatix wrote:
| Unfortunately the time you get to the point of even valid HTTP
| responses it will look less like a SNES and more like whatever-
| you-plugged-into-a-snes-for-power. E.g. the original Family
| Computer Network System addon already had more RAM and CPU
| power than the original console it attaches to just to
| interface as a modem at all, let alone something "basic" like
| CGI.
|
| The Wii is probably the first Nintendo console where all the
| hardware you need to do this is fully built in (though maybe
| the Nintendo DS, depending how much you're willing to try to
| get Linux + your server to fit in memory without plugging in a
| RAM expansion pack to the GBA slot).
| echelon wrote:
| > The Wii is probably the first Nintendo console where all
| the hardware you need to do this is fully built in
|
| Even though accessories were required, you could probably do
| this with both the N64 Disk Drive or GameCube network
| adapter. Both were network interfaces that still dispatched
| to the underlying system.
|
| The N64 Disk Drive [1] would be a fun case, because the
| storage medium is a glorified floppy disk drive. It does
| connect over a modem, so there'd be some fun middleware.
|
| The Super Nintendo had a network adapter as well, and both
| the NES and SNES [2] had satellite networking adapters in
| Japan. IIRC, there was also a network adapter for the Game
| Boy. I'm not sure how or if those would work, or how much
| control was surrendered to the hardware/software of the
| network adapter itself to let it do all the driving.
|
| [1] https://en.wikipedia.org/wiki/64DD
|
| [2] https://en.wikipedia.org/wiki/Satellaview
| zamadatix wrote:
| Are you sure the Satellaview was available for the Famicom
| (NES)?
| echelon wrote:
| I was wrong about the satellite integration [1]. It was
| dial-up.
|
| I'm almost certain I remember a similar effort for the
| Game Boy Pocket, though it might not have entered the
| market.
|
| [1] https://en.wikipedia.org/wiki/Family_Computer_Network
| _System
| athom wrote:
| This reminds me SO much of Atari's "Graduate Computer"
| attachment for the 2600.
|
| Unfortunately, I can't find an accessible link from where I
| am right now. Maybe when I get back home...
| EvanAnderson wrote:
| Some links for the curious:
|
| - http://www.atarihq.com/museum/2678/graduate.html
|
| - https://atarimuseum.ctrl-alt-
| rees.com/videogames/consoles/26...
| jkrejcha wrote:
| Yeah, the DS probably is the first one that has enough
| inbuilt support since it has support for Wi-Fi out of the box
| although Linux seems a bit heavyweight for this perhaps(?)
| immibis wrote:
| 4 megabytes* ought to be enough for anybody, and if you're
| any depth into DS homebrew, you probably have a 3in1 which
| expands it to 8 megabytes.
|
| Can it run _Linux_? Ehhh....... can it run a web server?
| Absolutely.
|
| * we don't talk about using the 0.6MB VRAM for purposes other
| than video (even though it should work fine).
| joseda-hg wrote:
| I don't think so without significant work, NES has only 2KB of
| RAM and an 8 bit CPU without MMU or many niceties taken for
| granted in General Purpose OS's
|
| I doubt you can go much further back than Fifth Gen (of
| consoles) or so
| jandrese wrote:
| You would have to burn a cart that contained the webpage and
| TCP stack, as well as having the ethernet hardware, but there
| are tricks you can do to reduce the memory requirements. It's
| not going to be able to handle more than a packet or two at a
| time, but I've seen TCP stacks squeezed onto really low end
| hardware. Obviously you won't be able to open much of a TCP
| window so performance will be lousy, but it's a 1.8Mhz CPU so
| that was always going to be the case. Just don't have any
| misconceptions about being able to run TLS on it. Remember
| that TCP was developed on machines that did not have a lot of
| memory or even CPU cycles.
|
| An Atari 2600 might be a bridge too far, but a NES should be
| able to do it.
| joseda-hg wrote:
| Fair enough, seems a lot simpler than what I had in mind
| with expansions and custom software, but also a far cry
| from OP's "flash" a general purpose OS and more or less get
| to working
| anthk wrote:
| You would be surprised with what a Jupiter Ace could do with
| few KB of RAM. Add a external module for serial <> PPP and
| the fun begins.
| KeplerBoy wrote:
| Funny how that works. It's almost impossible on fifth gen but
| trivial on sixth gen (at least on the Xbox, which pretty much
| was a PC).
| toast0 wrote:
| All the mainstream 6th gen consoles had first party support
| for wired ethernet; although only the Xbox had it built in
| (well, the slim ps2 had it built in too). I'd expect
| they've all served web pages at one time or another.
|
| 5th generation could probably make it happen, but without
| ethernet, you're looking at a modem or serial interface,
| and in today's world that's almost certainly talking to
| something else in your house that's a better host. :P
| Wikipedia categorizes the Apple Pippin as 5th gen, and it's
| more or less a Mac with a weird pinout for the PCI slot, so
| I'd guess it's the easiest to get ethernet with; without
| resorting to something that has more smarts than the 'host'
| immibis wrote:
| Even with Ethernet, aren't you're plugging the console
| into a switch that can probably serve webpages as well as
| the console?
| toast0 wrote:
| Most of my switches are unmanaged, so probably not. Maybe
| the dsl or cable modem or whatever can serve pages, but
| especially if it's isp owned, it might not be easy to.
| Dwedit wrote:
| Whatever you end up doing on the NES would end up not being a
| website anymore. You want to interface with joystick port 1?
| Not TCP/IP anymore. Whatever gateway you would use to connect
| to the custom protocol would have a lot more oomph than a NES.
| starkparker wrote:
| if you can run a web server on a C64, you can in theory run one
| on the NES, but you'd have to find a way around the NES's
| relative RAM constraints
|
| you can run a C64 OS on the NES because of the shared CPU
| features, with limitations: https://github.com/calcwatch/nes64
|
| which means you can port C64 LUnix NG to NES by adding the
| Famicom Disk System, which adds more RAM:
| https://hackaday.com/2024/02/11/running-unix-on-a-nintendo-e...
|
| LUnix NG comes with an experimental web server: https://github.
| com/ytmytm/c64-lng/blob/b76b0470e28ec20d08c37...,
| https://github.com/ytmytm/c64-lng/blob/b76b0470e28ec20d08c37...
|
| So in theory you could serve HTTP 1.0 from a NES. ("to whom"
| would be the big next question)
| chandlerswift wrote:
| https://web.archive.org/web/20250421184947/https://blog.infe...
| bennydog224 wrote:
| Not to be a stickler, but the blog isn't actually FULLY hosted on
| the Wii until you move that Caddy instance to it or drop it :)
|
| Nice work.
| Wowfunhappy wrote:
| The author should have just disabled TLS! It would have been
| perfectly reasonable under the circumstances, and then the
| website would have been fully Wii-hosted, no caveats!
| pedroslopez wrote:
| lol rare wowfun sighting made me happy (hi from
| nacho@atmosphir)
| jandrese wrote:
| Performance is not bad. It's clear they aren't using Nintendo's
| TCP stack, as it was notoriously terrible on the Wii.
| jkrejcha wrote:
| Yeah also in general the WFC code is a bit dated and not very
| secure.
|
| This actually reminds me of two very interesting bugs which
| used together basically make it so that you can play WFC games
| (basically just Mario Kart Wii, nowadays) as simple as changing
| the DNS settings on your Wii
|
| 1. Firstly, as long as you set a particular field in the
| certificate, it just is completely happy with an invalid cert.
| (This was fixed by the NWC library by the time it was released
| In Korea, notably, although this bug was present in DWC for a
| long while.
|
| (Aside:
|
| I actually suspect that this bug was present in the RVL SDK
| (used by games and such on the PPC), but also is caused by the
| same cause as the signing/Trucha bug[1]. While the latter is a
| IOS specific exploit, it wouldn't surprise me if the same code
| was used in both this and DWC (the networking library). Given
| that Mario Kart Wii has an associated IOS version of IOS36[2],
| but DWC code isn't part of IOS, my hunch is that they used
| either the same or similar validation logic OR both bugs were
| squashed a part of some security related cleanup.
|
| I haven't actually gone through the reverse engineering effort
| to confirm this yet, but given that this doesn't work on the
| Korean version of MKW, which notably uses a later version of
| IOS and other libraries, my hunch is that those bugs are one in
| the same. The fix timing at least seems interesting to me.
| Anyway side note over.)
|
| 2. The networking library also has an RCE caused by a buffer
| overrun, basically from the first message it has a length
| that's unchecked and the DWC library blindly memcpys data from
| the packet. This is kinda why it's important to have some sort
| of patchset that fixes these bugs (because the operating system
| and libraries ship with the game and you can't update those
| except for in memory).
|
| The culmination of this is all you have to do is
|
| 1. Change your DNS settings on your unmodified Wii to point to
| a specified DNS server.
|
| 2. Start Mario Kart Wii (probably, although some other games
| work too), open up WFC
|
| So that the game...
|
| 3. Does a DNS lookup for the WFC server which intentionally
| links to a 3rd party server
|
| 4. Passes validation of a bad cert which intentionally sets one
| of the fields to a null value in order to make the Wii accept
| it
|
| 5. Receives a message that contains an exploit which patches
| the game in memory to fix the known RCEs and setup URLs to
| resolve to different domains instead of using the old WFC ones
| among other things (such as cheat reporting that is all client-
| side based, etc)
|
| all so you can play Wii games (probably Mario Kart Wii) online
| 11 years after WFC shut down for good :)
|
| [1]: https://wiibrew.org/wiki/Signing_bug
|
| [2]: https://wiibrew.org/wiki/IOS36
| Starlevel004 wrote:
| Nintendo's networking is bad no matter what console somehow
| addisonj wrote:
| I had the awesome, yet terrible experience to work on an
| obscure Nintendo feature.
|
| By networking, I am assuming you mean console stack... which
| I had experience with myself, and yeah... not great. But even
| more, their web services (more than 10 years ago at this
| point, hopefully better now) were so, so bad.
|
| The thing that struck me then, and continues to seem true, is
| how much they just don't really seem to care and that they
| singularly focus at being good at innovating where it
| matters: games and differentiated hardware.
|
| Young me thought they were silly for being so "behind the
| times". Older me respects it more.
| SuperHeavy256 wrote:
| I respect the prioritization. It doesn't actually need the
| best web services, it really only needs enough to play
| Mario kart online.
| goosedragons wrote:
| For a while they told you open all UDP ports for the
| Nintendo Switch. Now they just tell you to open 1024 to
| 65535.
| greeniskool wrote:
| > Rebooting NetBSD reboots the whole console, and not just the
| NetBSD 'app', so you'll find yourself back at the Wii Menu after
| any kernel patch or system upgrade.
|
| This can be mitigated by installing Priiloader, and having it
| autoboot into either the Homebrew Channel or the NetBSD .dol file
| Bluecobra wrote:
| Really impressed by how low the load average is (0.06 @15 min).
| cactusplant7374 wrote:
| The status page doesn't seem to be updating....
| tech234a wrote:
| For those unaware, the "SSL Added and removed here!" image is a
| reference to a diagram describing unencrypted communications
| between Google datacenters that leaked from the NSA in 2013 [1].
|
| [1] https://arstechnica.com/tech-policy/2013/10/new-docs-show-
| ns...
| _fat_santa wrote:
| It's so funny so see a top secret label below what's clearly a
| hastily scribbled diagram
| pyfon wrote:
| Looks like a design interview round
| jsheard wrote:
| That :!) face makes for a great custom emote in security-
| related channels.
| encom wrote:
| >SSL Added and removed here!
|
| And CloudFlare!
| sadeshmukh wrote:
| FYI - instead of Photo Booth you can use Quicktime Player and
| "create new movie recording". I believe that should fix the image
| flipping problem.
| SuperHeavy256 wrote:
| edent, my question is what tool did you use to make the Wii ASCII
| art?
| ee99ee wrote:
| Interesting how the times don't update with each refresh... CDN?
___________________________________________________________________
(page generated 2025-04-21 23:00 UTC)