Hacking (vWii) - Tri-Core Linux

[Ray Lewis]

Jesus Christ, I tried to catch up. In public, everything seemed to stall with actual SMP support. Maybe there is a hidden plan. No offense TSK, but without SMP support any iteration will fall short. I honestly think most of the attention is on the kernel, "drive exploit", maybe an iosu exoit, and anything else like a "ripper." Was the ODE confirmed to be legit and a completed project? Unless I am wrong, homebrew launched with a kernel exploit will have access to Wii U hardware (not limited to vWii sandbox and hardware restrictions) right? I've seen the sdk out there as well. This might be totally useless now. People like nwplayer1234, marionumber1, ninja carver, and maybe a few others are welcome to clarify if I am wrong here, lol.

Not saying this to talk trash TSK. Haha, your enthusiasm is unmatched in these Wii U threads. Maybe randomizer posts more, lol.

 

[the_randomizer]

Now I remembered why I refrained from posting on this very thread

 

[Ray Lewis]

Now I remembered why I refrained from posting on this very thread

It is dead other than TSK posting and some talk about Windows and linux.

 

[the_randomizer]

It is dead other than TSK posting and some talk about Windows and linux.

Not dignifying that with a response, if you want to be negative, c'est la vie. But cut the shit, okay?

I see you guys are a bit anti-TSK, but I have hopes for his new OS. When it is made public, I'll try it first thing

Ignore him, he doesn't know what the hell he's talking about.

 

[Ray Lewis]

I see you guys are a bit anti-TSK, but I have hopes for his new OS. When it is made public, I'll try it first thing

Not at all. I've messaged him. I have absolutely no issue with him at all. It is more about the posts over the last 10 pages and the trends. A car without an engine is just a car body. Making another car body still does not give you an engine. It is not negative but reading comprehension deficits make it seem like my thoughts are negative.

 

[Marionumber1]

Unless I am wrong, homebrew launched with a kernel exploit will have access to Wii U hardware (not limited to vWii sandbox and hardware restrictions) right?

Yes, that's correct.

I've seen the sdk out there as well. This might be totally useless now.

It isn't necessarily useless. Homebrew applications could simply take advantage of the SDK functions, since those SDK functions allow you to do anything that a Wii U game or application would.

 

[uyjulian]

The SDK isn't useless, you can grab the header files off of there and use those interfaces.

 

[Marionumber1]

So MN1, can you clarify something- has anyone (ANYONE) found a kernel exploit that works on 5.3.2?

I don't know that much about any group aside from us. The kernel bug that we're using does not appear to have been patched in 5.3.0, but we don't know about 5.3.2. We'd need the binaries to check. Chadderz's exploit will probably work on 5.3.2 as well, unless Nintendo patched that (unlikely, since no details were revealed). Ryanrocks claims he has something, but I'm unsure what to make of that. Keep in mind that even if the kernel is vulnerable to something (and it probably has at least one of these bugs), that's useless without a userspace exploit.

 

[Marionumber1]

Chadderz plans to release his MK8 stuff sometime, so maybe we can get something out of that- and on the userspace side of things, wasn't the version of webkit being used in the browser full of bugs?

It probably does have lots of bugs, but that doesn't necessarily mean it's easy to find them. Many bugs I've seen in commit logs or on other websites don't work on the Wii U. It took about a month (possibly more, I don't fully remember) just to find the bug we ended up using. Then it took around the same amount of time to turn it into an exploit. My point is that finding a bug can be very time consuming. And we'd be very grateful if other people worked to find WebKit unit tests that crashed the Wii U.

EDIT: Wait- you said the kernel bug YOU WERE USING works on 5.3.0? I thought it was patched!

Someone claimed that, but the bug is still present in 5.3.0 as far as we can tell.

 

[Marionumber1]

Huh, I was sure it was patched. If I had more experience I might have tried some things to see what crashes the browser, but I don't know enough

Finding stuff to crash the browser does not actually require that much experience. Just a web server, and a lot of time and patience.

 

[TeamScriptKiddies]

Jesus Christ, I tried to catch up. In public, everything seemed to stall with actual SMP support. Maybe there is a hidden plan. No offense TSK, but without SMP support any iteration will fall short. I honestly think most of the attention is on the kernel, "drive exploit", maybe an iosu exoit, and anything else like a "ripper." Was the ODE confirmed to be legit and a completed project? Unless I am wrong, homebrew launched with a kernel exploit will have access to Wii U hardware (not limited to vWii sandbox and hardware restrictions) right? I've seen the sdk out there as well. This might be totally useless now. People like nwplayer1234, marionumber1, ninja carver, and maybe a few others are welcome to clarify if I am wrong here, lol.

Not saying this to talk trash TSK. Haha, your enthusiasm is unmatched in these Wii U threads. Maybe randomizer posts more, lol.

Ray, SMP support is coming, one step at a time. As far as I know, nobody is working on the official version of Trinux right now. Ninja_Carver was using remoting into my Wii U to work on it, as he no longer owns one.

My version of Trinux is based off Debian, so the performance is already much better than the original Trinux as straight up Debian is super lightweight in comparison to Ubuntu. I'm working on implementing a 7gb swap file into it, but I need Ubuntu back up and running fully on my laptop to pull that off. why the 7gb? because i'm splitting my 16gb sd card right down the middle. This will enhance performance even more by a large margin. SMP will be implemented eventually (that's going to take time and a LOT of experimenting with PowerPC ASM, before we see any results at all. Don't expect SMP in the alpha release, its a time consuming process.

The reason, I'm working on this, is it gives us a permanent backdoor for running unsigned code on the Wii U. The kernel exploit will surely blow Trinux out of the water in terms of performance and overall features/usefulness, but sadly, its easily patchable with a simple firmware update. Trinux utilizes a hardware flaw to enable SMP and run the unsigned code, thanks to the amazing work by team f0f and Maxternal (tagging still broken ><).

The worst that Nintendo can do to stop it is block hbc and/or the trinux launcher in vWii mode, but it would be super easy to workaround that. It would only be a quick "bandaid" fix. And that's assuming that Nintendo even bothers with it.... Thus far, they've done nothing to attempt to inhibit any homebrew at all in vWii mode....

 

[uyjulian]

Is is possible to use 3 cores without Linux?

 

[TeamScriptKiddies]

Is is possible to use 3 cores without Linux?

I'm honestly not 100% sure on that, but I would think so...Anybody else want to chime in on this one?

 

[VinsCool]

Hasn't been possible to actually code homebrew with 3 core support already?

 

[Marionumber1]

The reason, I'm working on this, is it gives us a permanent backdoor for running unsigned code on the Wii U. The kernel exploit will surely blow Trinux out of the water in terms of performance and overall features/usefulness, but sadly, its easily patchable with a simple firmware update. Trinux utilizes a hardware flaw to enable SMP and run the unsigned code, thanks to the amazing work by team f0f and Maxternal (tagging still broken ><).

It's not correct to say that the Boot ROM vulnerability gives you a permanent backdoor. While the bug is completely unfixable in all current consoles, and Nintendo is unlikely to fix it, it doesn't just magically give you a way to run unsigned code. To actually pull off the race attack, you need code running on the Starbuck. This is easy in vWii mode because IOS has always been full of bugs, and as long as they keep using it, it'll probably always be that way. Just use an IOS bug to get code running on the Starbuck and you can pull off the race attack, letting you run PPC code with all three cores.

Of course, running the race attack in vWii mode isn't that useful. You get access to all three cores, but aside from that, pretty much everything is exactly the same as it was on the Wii. You don't get access to the extra memory, the new graphics card, or the DRH (Gamepad communication controller). All that new hardware is only accessible in Wii U mode. When you're in Wii U mode, there are two ways to run kernel-mode code on the full Espresso. You can perform a kernel exploit from the Cafe OS userspace, and then get kernel-mode code running, like we're attempting right now. Or you could get an IOSU kernel exploit, and from there do the exact same race attack. Either way would work, but I think an IOSU kernel exploit is harder.

Overall, I'm trying to say two things. First of all, Trinux (or anything else) cannot possibly access the extra Wii U hardware from within vWii mode. You need to run it in Wii U mode (before cafe2wii has been executed) for that. Second, the Boot ROM vulnerability is not the only thing you need to run something like Trinux. You still need code running on the Wii U before that, either on the Starbuck in kernel-mode (works in vWii and Wii U mode) or on the Espresso in user-mode (only possible in Wii U mode, where you can exploit the kernel).

 

[Marionumber1]

So basically we're looking for and attempting kernel exploits to be able to run code above userspace, but what about an initial exploit (like the browser bug)? Is there any active work on that?

Not really, we plan to do that after finishing the kernel exploit. Others can start before that, though.

 

[palantine]

Where can I find the most up to date Wii U linux repository? Is it the gbadev repo? (https://code.google.com/p/gbadev/)

-palantine

 

[TeamScriptKiddies]

It's not correct to say that the Boot ROM vulnerability gives you a permanent backdoor. While the bug is completely unfixable in all current consoles, and Nintendo is unlikely to fix it, it doesn't just magically give you a way to run unsigned code. To actually pull off the race attack, you need code running on the Starbuck. This is easy in vWii mode because IOS has always been full of bugs, and as long as they keep using it, it'll probably always be that way. Just use an IOS bug to get code running on the Starbuck and you can pull off the race attack, letting you run PPC code with all three cores.

Of course, running the race attack in vWii mode isn't that useful. You get access to all three cores, but aside from that, pretty much everything is exactly the same as it was on the Wii. You don't get access to the extra memory, the new graphics card, or the DRH (Gamepad communication controller). All that new hardware is only accessible in Wii U mode. When you're in Wii U mode, there are two ways to run kernel-mode code on the full Espresso. You can perform a kernel exploit from the Cafe OS userspace, and then get kernel-mode code running, like we're attempting right now. Or you could get an IOSU kernel exploit, and from there do the exact same race attack. Either way would work, but I think an IOSU kernel exploit is harder.

Overall, I'm trying to say two things. First of all, Trinux (or anything else) cannot possibly access the extra Wii U hardware from within vWii mode. You need to run it in Wii U mode (before cafe2wii has been executed) for that. Second, the Boot ROM vulnerability is not the only thing you need to run something like Trinux. You still need code running on the Wii U before that, either on the Starbuck in kernel-mode (works in vWii and Wii U mode) or on the Espresso in user-mode (only possible in Wii U mode, where you can exploit the kernel).

I understand that we dont get access to the new wii u hardware. The ram portion is not an issue however, as it can be overcome using a large swap file to compensate for it.

I love what you and NWPlayer123 are doing , you two are like Gods of Wii U development. Im a measily hacker with A LOT to learn. Im still early in my engineering program. Im doing what i can to help improve the scene and give people different options for homebrew etc...

The kernel exploit you're working on is going to be far superior to Trinux no doubt (full access to the Wii U hardware ).

Trinux development should continue to press forward anyways. After all once the kernel exploit is finished and released, it will be possible to port trinux over to CafeOS so it too can have full access to the Wii U's hardware. Of course its much easier said then done, but its not impossible .

The scene will be better off with more people working on hacking it.

May the scene flourish (i have a feeling that when the kernel exploit is released, the scene will explode )

Keep up the good work guys and take your time with it! Some people will always give you crap along the way, but disregard them and take your time. The results will be amazing, im sure <3

 

[TeamScriptKiddies]

Hasn't been possible to actually code homebrew with 3 core support already?

Correct, its a work in progress

 

[naxil]

Linux on wiiumode ok... but actually wii linux not have 3d accelleration.. how to do it on wiiu gpu?