Hacking Webhack on 5.5.2 (JsTypeHax)

[Akira]

So I managed to selfhost, click on exploit, the page load the a pop-up appears with "verify" written on it and an "ok" button. It freezes when I click on it. Did someone have something like that?

Also in the log from the cmd, the second action has a 404 file not found

use a previous commit. I kept seeing that someone post it on page 47

 

[teuf504]

use a previous commit. I kept seeing that someone post it on page 47

Will try thanks

Update: now it just freezes, it's a step forward

Update n°2: it finally worked

 

[Sonic Angel Knight]

Can someone explain what the heck is a delta range that loadiine.ovh is suddenly talking about regarding the exploit on 5.5.2?

 

[Rokon2]

Tried self-hosting, put my computer's IP into the URL, and I'm being sent to Nintendo's search page. What am I doing wrong?

I grabbed the file Cyan posted under "Source" in Page 2.

 

[Akira]

Tried self-hosting, put my computer's IP into the URL, and I'm being sent to Nintendo's search page. What am I doing wrong?

I grabbed the file Cyan posted under "Source" in Page 2.

put an http:// before your IP

 

[teuf504]

Tried self-hosting, put my computer's IP into the URL, and I'm being sent to Nintendo's search page. What am I doing wrong?

I grabbed the file Cyan posted under "Source" in Page 2.

You probably forgot to put "http://" before the ip adress.

I did that too the first time

 

[Rokon2]

Ah, yes, that was the issue. Shame I forgot such a little detail.

 

[teuf504]

Haxchi installed

 

[OuahOuah]

Can someone explain what the heck is a delta range that loadiine.ovh is suddenly talking about regarding the exploit on 5.5.2?

Something to change in exploit but very technical in fact.
Personnally, can't explain, just changed to make exploit working

 

[pangster79]

I'm pretty sure the way I did it was the easiest way... Seriously, download the source files from the original post and self host through mongoose (you don't even need to configure IP etc as it's all done for you!!).. I provided step by step instructions some time back!!!!!! Just read and follow!!!!

If you get a 'verify' message then you might need to download an earlier version of the payload! - other than that I had 100% success rate self hosting!!

 

[Lallo]

Getting so damn tired of this...
Yes I'm self hosting. AND I'm using the older version so that I dont get the "verify popup".
But yeah still just freeze after 20 tries.
What is this "delta" thing everyone keeps talking about?

 

[Rokon2]

Getting so damn tired of this...
Yes I'm self hosting. AND I'm using the older version so that I dont get the "verify popup".
But yeah still just freeze after 20 tries.
What is this "delta" thing everyone keeps talking about?

I finally got mine working. I'll try to explain the best I can.

First, in regards to what you should use to self-host, use the folder from this link: https://github.com/JumpCallPop/WiiUTest/archive/b558dffdf0fa6dbb5989e26132573b9677785602.zip

Unzip that, and then do what you've been doing, startServer.bat.

If it doesn't work, try changing the delta. You can do that by going to the "payload" folder, and opening exploit.html with an editing software like Notepad.

Near the very top you'll see something like this.

<script>
function UaF(a)
{
    //Warning, the delta was modified !
    var delta                   = 0x00000000; //from 0x0 to 0x04000000 step by 0x01000000
    var pivotAdress             = 0x010ADDCC;
    var pivotAdressAdress       = 0x1B100000; //r6
    var payloadAdress           = 0x1D000000 + delta;
    var codegenAddress          = 0x01800000;
    var sizeWebCoreImageLoader  = 0x18;
    var sprayCount              = 0x1900;
    var _4K                     = 0x1000;
    var _16K                    = 0x4000;

The line "var delta = 0x00000000;" is what you'll be editing; That is the delta. You have the option to change it from 0x00000000 to the following numbers:

0x00000000
0x01000000
0x02000000
0x03000000
0x04000000

What works or not seems to be random, but I found that for me, 0x04000000 has been consistent in its success. Ideally, what you want to see that'll let you know you've successfully got in, is the browser fading somewhat, and then a transition to the Wii U logo on the bottom right, similar to how the Browser Exploit transitioned to the Homebrew Launcher. If it doesn't do that, in that the browser just freezes with no fade at all, it's a failure, so try it again.

 

[Lallo]

I finally got mine working. I'll try to explain the best I can.

First, in regards to what you should use to self-host, use the folder from this link: https://github.com/JumpCallPop/WiiUTest/archive/b558dffdf0fa6dbb5989e26132573b9677785602.zip

Unzip that, and then do what you've been doing, startServer.bat.

If it doesn't work, try changing the delta. You can do that by going to the "payload" folder, and opening exploit.html with an editing software like Notepad.

Near the very top you'll see something like this.

<script>
function UaF(a)
{
    //Warning, the delta was modified !
    var delta                   = 0x00000000; //from 0x0 to 0x04000000 step by 0x01000000
    var pivotAdress             = 0x010ADDCC;
    var pivotAdressAdress       = 0x1B100000; //r6
    var payloadAdress           = 0x1D000000 + delta;
    var codegenAddress          = 0x01800000;
    var sizeWebCoreImageLoader  = 0x18;
    var sprayCount              = 0x1900;
    var _4K                     = 0x1000;
    var _16K                    = 0x4000;

The line "var delta = 0x00000000;" is what you'll be editing; That is the delta. You have the option to change it from 0x00000000 to the following numbers:

0x00000000
0x01000000
0x02000000
0x03000000
0x04000000

What works or not seems to be random, but I found that for me, 0x04000000 has been consistent in its success. Ideally, what you want to see that'll let you know you've successfully got in, is the browser fading somewhat, and then a transition to the Wii U logo on the bottom right, similar to how the Browser Exploit transitioned to the Homebrew Launcher. If it doesn't do that, in that the browser just freezes with no fade at all, it's a failure, so try it again.

Changed it to 0x00000000 and it worked instantly. Also installed haxchi now. Thank you very much!

 

[Rokon2]

Changed it to 0x00000000 and it worked instantly. Also installed haxchi now. Thank you very much!

Glad I could help! 8D

 

[pangster79]

Getting so damn tired of this...
Yes I'm self hosting. AND I'm using the older version so that I dont get the "verify popup".
But yeah still just freeze after 20 tries.
What is this "delta" thing everyone keeps talking about?

And I'm getting so damn tired of people having hissy fits because they can't be bothered to read the information in this thread!!!!!!!

Literally, EVERYTHING you need is in this thread and has probably been repeated several times!! Stop expecting people to spoon feed you because you're too lazy to read!!!!!

 

[Ziggyhacks]

And I'm getting so damn tired of people having hissy fits because they can't be bothered to read the information in this thread!!!!!!!

Literally, EVERYTHING you need is in this thread and has probably been repeated several times!! Stop expecting people to spoon feed you because you're too lazy to read!!!!!

If anyone's having a "hissy fit", it's you. There's no reason to deny people information, even if they haven't read prior posts. If Lallo doesn't understand the terminology of this exploit, he could receive help from people who want to help him. Instead, he's being harassed about his misunderstanding.

 

[AzerothArg]

So nice to wake up and read all the success histories! I've first tried all in linux, its so much easier to do, when I wrothe those instructions on http://gbatemp.net/threads/webhack-on-5-5-2.480938/page-50#post-7519961 , i tried them on win 10 and got it working in the 6th try... the delta that worked for me was 0x03000000, homebrew launcher 1.4...

 

[kls701]

never worked for me using the website but I got it working an haxchi installed using local on the 2nd try. thanks everyone.

 

[Santos82]

Sleepii.ovh is working good i made at the 5 time and try again load at the 4

 

[Abdulaziz]

Sleepii.ovh is working good i made at the 5 time and try again load at the 4

You mean delta 4?