Thank you so much for this! This combined with a few other tutorials/hints helped me set up my zSun exactly how I wanted it. I've cannibalized everyone's methods and made a step by step for my own records and in the process cleared up some grey areas where things happened I wasn't expecting or wasn't understanding the first time around, so I want to go ahead and paste it here as a keepsake and maybe it will help anyone else who runs into the situations I did.1. Purchase
zsun® WiFi Memory Card Reader TF MicroSD USB Flash Drive for PC Phone
Code:http://www.amazon.com/zsun-Memory-Reader-MicroSD-Flash/dp/B00U70J1BM?ie=UTF8&psc=1&redirect=true&ref_=oh_aui_detailpage_o00_s00
2. Flash Openwrt using this tutorial
Code:https://wiki.hackerspace.pl/projects:zsun-wifi-card-reader:factory-update
3. log on to openwrt ssid then goto 192.168.1.1 in browser and set password
4.upload exploit payload files to /www folder using winscp
I recommend this fantastic payload mod uploaded by @redatim : https://gbatemp.net/threads/self-hosted-payloads-with-only-static-html.425159/
1.)download winscp
2.)use pc sign in to zsun wifi
3.)create new site in winscp with these settings:
use openwrt address as hostname (mines default at 192.168.1.1)
use port 22
scp protocol
username should be "root"
password is whatever u set as web interface password
4.)click your new site and then connect
5.)you should now see the contents of the zsun internal memory in like a ftp structure
you can copy and paste where ever you want
6. edit out https info in /etc/config/uhttpd
7.unplug zsun from pc and attach to wii u
8. logon to zsun wifi from wii u
8.goto 192.168.1.1/whatevruset.html or .mp4
9.PROFIT??
I can say, that I originally tried to install openwrt via the web browser, but I always got a status return of -2. I couldn't figure out what that status meant, but the firmware didn't take. So I did the more direct commands to update like this tutorial shows.
http://www.coyne.nu/blog/2016/01/31/installing-openwrt-on-the-zsun-wifi-card-reader-from-windows/
Writing to the mtd2 resulting in an out of memory error, and I for sure thought I bricked the device. But it did boot up with openwrt :-)
How to setup the szun to be a client and AP. This is so you can get php installed and any other packages you want:
https://wiki.openwrt.org/doc/recipes/ap_sta
When setting up the sta client. My main network is WPA2
which results in:
option encryption psk2
WPA by itself is just psk
After you get internet access install php with these commands
opkg update
opkg list php*
opkg install php5 php5-cgi
Then add this into the uhttpd file in the /etc/config section.
list interpreter '.php=/usr/bin/php-cgi'
After you verify php is good, revert the changes you made in https://wiki.openwrt.org/doc/recipes/ap_sta
I did mess around with the zsun alot before I put openwrt on. The device itself already supports php by default. There are actually two webservers running. I tftp'd the files needed for the exploit across for lighthttp, but the device was inconsistent in serving the files. Openwrt has made things much more reliable.
So far i have been thoroughly impressed with this device. i took a chance and the reliability, the flexibility providing sd compatibility, as well as the form factor and cost have made the zsun® WiFi Memory Card Reader a very viable all in one solution to the web hosting aspect of the Wii U exploit.
Thanks to everyone involved in the creation of the exploits, loadiine, HBL, and all others for making my Wii U interesting again!
*special shout out to @citrus3000psi, @lordelan, @redatim and everyone else who contributed to this short tutorial.
I have literally copied steps from everyone elses tutorial, but put it together with a bit more description and added a couple of steps where I customized things. Thank you @mac033 , @Kafluke , and @toastytwo !
https://gbatemp.net/threads/old-method-kaflukes-all-in-one-for-self-hosting.424679/page-81
https://gbatemp.net/threads/self-ho...ly-self-contained.421341/page-12#post-6783551
This process allows you to use the SD card with your Wii U as well as the zSun as a exploit host wifi network. I have not delved into the PHP aspect of it, and I will continue to explore, but here is what I have so far:
1) Insert FAT32-formatted microSD card (128MB is more than enough but you can use bigger so you can use it for Brazil style usb when you are finished)
2) Connect to zSun WiFi
3) In your web browser, visit http://10.168.168.1:8080/goform/Setcardworkmode?workmode=0
4) In your windows file explorer while viewing a folder, click "tools" at the top, then select "map network drive"
5) Choose a drive letter and point it to \\10.168.168.1\public\
6) Navigate to the drive you created and right click on the blank space in the public folder and select new>folder
7) Name the folder .update.
8) The system will automatically rename the folder and the folder may disappear, don't worry about it. Navigate into the folder by double clicking it. If the folder disappears, simply type this in the navigation bar to access the folder "\\10.168.168.1\public\.update.\" or you can use your drive letter: "x:\.update.\"
9) Copy SD100-openwrt.tar.gz (https://hackerspace.pl/~informatic/SD100-openwrt.tar.gz) into the update folder. If you try to drag the tar.gz file onto the folder from outside it may unpack the contents into the folder. You need to navigage into the folder and copy the whole file there without extracting the contents.
10) In your web browser, visit http://10.168.168.1:8080/goform/upFirmWare
11) Now your LED on the zSun will start blinking. After a bit the blinking will stop, or a long flash and a series of fast flashes. Once all this stops (around 5 minutes) that means OpenWRT is running. Now you should see a different wifi network instead of zSun. It will say "OpenWRT"
12) Connect to the OpenWRT wireless network, and using your web browser go to 192.168.1.1
13) It will say you need to set a password. The login is root, and you make the password whatever you want and save it. If you don't save it at this time, you can go to the system dropdown at the top, click System and then choose administration. You can change the password there.
14) Once you've set the password, using a program called WinSCP you connect to the zSun. For the site settings use:
Enter the OpenWRT IP address as hostname (defaults to 192.168.1.1)
If it's not already set, set it to use port 22
In the dropdown choose SCP protocol
The username should be "root"
The password is the one you created/saved earlier
15) After entering the settings, you can choose to save the site or just connect to it. Once you've connected to the site you will see the contents of your computer on the left hand in a window and the contents of the zSun on the right. It may open the zSun to an empty directory. This is a normal file browser with a double stop (..) that you can double click to move up a directory. Navigate to the "www" directory. Rename the index.html as config.html
16) Extract the www contents of the self host package on your computer and using the WinSCP browser, copy those contents into the zSun www folder.
17) Navigate to the file /etc/config/uhttpd and if you want to make a backup, do so by right clicking and select duplicate, and give it a different file name. Then right click on the uhttpd file and select edit. Use the WinSCP editor to remove the 3 lines that reference https and then save the file:
list listen_https '0.0.0.0:443'
list listen_https '[::]:443'
option redirect_https '1'
18) Backup the file "wireless". Edit the file wireless and change the ssid to "Wii-U-Exploit"
option ssid 'Wii-U-Exploit'
19) Backup the file "system". Edit the file system and change the hostname to "Wii-U-Exploit"
option hostname 'Wii-U-Exploit'
20) Navigate to the file etc/init.d/sysfixtime and back it up if you choose. Edit the file and add the line "echo 1 > /sys/devices/virtual/gpio/gpio21/value" after "boot() {" to make it a part of the startup script:
boot() {
echo 1 > /sys/devices/virtual/gpio/gpio21/value
local curtime="$(date +%s)"
21) Disconnect from the zSun with WinSCP.
22) In your web browser, visit http://192.168.1.1/config.html (it may try to redirect you to https and show an error. Simply remove the s to form http:// and hit enter) and log in if it requests it.
23) At the top, choose System >> reboot and then select reboot. Confirm it to reboot your zSun device. Now you should have a notice pop up that you have a new drive. You will also have to reconnect to your new Wifi network. Once you do, you can navigate to 192.168.1.1/index.html to view the exploit on your PC or 192.168.1.1/config.html to manage your zSun OpenWRT configuration!
OK, now that this is done, maybe I can tinker and I will be able to play my Wii U out in the woods where I have no internet or wifi signal!
You guys are awesome! Thank you for everything! If someone could add to this thread a bit more of an explanation on how to enable php, a download of the 5.5.2 exploit files, and maybe how to do a quick boot mocha with the zSun the same way dimok mentions on loadiine that would be amazing as well!
Edit-
It would be nice to be able to set up a "firmware detector" like the loadiine site, I would also like to have it redirect every http address to the exploit html via built in dns, and also love to even be able to edit a config file to make it quick boot mocha or not quick boot mocha based on a setting there that I could toggle with my PC. If anyone can point me in the direction to learn more about doing these things or how to download the resources needed that would be awesome!
Last edited by schooluser,