Homebrew [WIP] fully functioning custom eShop

[ItsDeMeNT]

Servers are now open source


https://github.com/PretendoNetwork/SOAP <- The SOAP server which serves titles
https://github.com/PretendoNetwork/Grove <- The server which handles the WiiU eShop UI
https://github.com/PretendoNetwork/Hokage <- Prototype Ninja and Samurai server replacements for the 3DS (only 3DS, not required for WiiU). Very rough and unstable at the moment

OOOOOOHHHHHH B O O O O O O I , okay , i can localhost this right?

 

[Xpl0it]

You can connect to the custom servers in multiple ways. You can either use a proxy or patch the URLs with homebrew. Using a proxy is probably the easiest way, so I'll just give a step-by-step guide on how to use Fiddler to connect to the custom servers, though you might be able to apply these steps to Charles as well with some tweaking. An important note though, that when Pretendo fully launches we will be using SSL+URL patches via homebrew to remove the need for a proxy, so these steps are really only used for development purposes

1. Setup Fiddler and your WiiU to allow for MITMing. You can find steps to set things up here https://github.com/PretendoNetwork/Pretendo/blob/master/CONTRIBUTING.md#getting-started
2. In the above steps, change account.nintendo.net to geisha-wup.cdn.nintendo.net
3. In the above steps, change address.of.account.server to http://eshop.pretendo.cc
4. Edit your systems hosts file (For Windows this is located at C:\Windows\System32\drivers\etc and most be opened with admin perms to save changes) and add the following line: 192.168.0.12 eshop.pretendo.cc
5. Change 192.168.0.12 to whatever the IP address is that hosts the Grove server (192.168.0.12 is just my local IP)

What this basically did was allow your console to send traffic to Fiddler that it can fully understand. Fiddler is then told "hey, if the address is geisha-wup.cdn.nintendo.net then set the address to http://eshop.pretendo.cc". Editing your hosts file then told your computer "hey, if you get a request to eshop.pretendo.cc then use this IP address"

It is important that the servers are requested with domains that they understand. Each server is designed to only handle certain subdomains (meaning, the Grove server will only return the eShop UI when requested with a domain with the subdomain "eshop", hence changing the hosts file)

When you connect your WiiU to the Fiddler server and open the eShop, it should try to request geisha-wup.cdn.nintendo.net but it should then get redirected to http://eshop.pretendo.cc which in turn uses the IP address you set earlier to point to your local Grove server

It's important to note though that you must pack your homebrew apps to use title IDs of legitimate titles, at the moment. This is because of a required request made to the IDBE server which will fail when using a non-legitimate title ID. A patch was made for this by one of our developers but it is still in development and has not been released yet. Until then, you can use NUSPacker to pack your homebrew using a title ID of a legitimate title and it should work fine

If you, or anyone else, needs further help setting up any of these servers you can reach us on the Pretendo Discord server

It can't login to NN, so I can't get past of that screen, how did you manage to get it working?

 

[RedDucks]

It can't login to NN, so I can't get past of that screen, how did you manage to get it working?

The fact that you can't login is a separate issue. I did all my testing while logged in to NN. Without knowing exactly what you did I cannot help you. The steps I provided have nothing to do with NN or authentication.

 

[Xpl0it]

The fact that you can't login is a separate issue. I did all my testing while logged in to NN. Without knowing exactly what you did I cannot help you. The steps I provided have nothing to do with NN or authentication.

I did exactly what the post and the guide said, I think I replaced the cert that allows connecting to NN, but the guide told me to do that, so idk

 

[RedDucks]

I did exactly what the post and the guide said, I think I replaced the cert that allows connecting to NN, but the guide told me to do that, so idk

Replacing the certificate should not prevent you from logging in, so long as you replaced it with the correct certificate from Fiddler and used the correct client certificates. Replace the certificate on the console with the Fiddler certificate only serves to let Fiddler decrypt the SSL traffic, and the client certificate is used to allow Fiddler to properly make requests to Nintendo's servers

 

[Xpl0it]

Replacing the certificate should not prevent you from logging in, so long as you replaced it with the correct certificate from Fiddler and used the correct client certificates. Replace the certificate on the console with the Fiddler certificate only serves to let Fiddler decrypt the SSL traffic, and the client certificate is used to allow Fiddler to properly make requests to Nintendo's servers

well, fiddler doesn't seem to use the cert tho it is there

edit: fiddler detects and uses the cert, but it throws an error when trying to connect, error 102-2135

 

[RedDucks]

well, fiddler doesn't seem to use the cert tho it is there

edit: fiddler detects and uses the cert, but it throws an error when trying to connect, error 102-2135

I have seen instances where using the client certificates as-is may not work (though I have not experienced this). A solution could be to convert the client certificate to X.509. You can do this on Windows by importing the certificate into your certificate store and then exporting it again using the "Base-64 encoded X.509" option

Here is another, more generic, guide on setting up Fiddler with the WiiU https://www.reddit.com/r/WiiUHacks/...setting_up_mitm_to_log_and_preserve_services/ which goes over the conversion of the client certificates. The guide I originally linked was more tailored to Pretendo specifically, but this guide on Reddit should also work just fine

Without knowing your exact setup I can only really guess as to what the issue may be, I'm sorry. Maybe give that Reddit guide a chance? I know people who have followed it and got things working

 

[Xpl0it]

I have seen instances where using the client certificates as-is may not work (though I have not experienced this). A solution could be to convert the client certificate to X.509. You can do this on Windows by importing the certificate into your certificate store and then exporting it again using the "Base-64 encoded X.509" option

Here is another, more generic, guide on setting up Fiddler with the WiiU https://www.reddit.com/r/WiiUHacks/...setting_up_mitm_to_log_and_preserve_services/ which goes over the conversion of the client certificates. The guide I originally linked was more tailored to Pretendo specifically, but this guide on Reddit should also work just fine

Without knowing your exact setup I can only really guess as to what the issue may be, I'm sorry. Maybe give that Reddit guide a chance? I know people who have followed it and got things working

I get a 400 error at fiddler, "400 no required SSL certificate was sent", btw, the guide didn't work too

 

[RedDucks]

I get a 400 error at fiddler, "400 no required SSL certificate was sent", btw, the guide didn't work too

I'm not too sure. I have never experienced that error, and I can confirm that guide on Reddit does work. I reset my console certificates back to stock, uninstalled Fiddler and used that Reddit guide from scratch to test if it works and it worked perfectly. I'm afraid I can't help any further, I'm sorry

 

[Xpl0it]

I'm not too sure. I have never experienced that error, and I can confirm that guide on Reddit does work. I reset my console certificates back to stock, uninstalled Fiddler and used that Reddit guide from scratch to test if it works and it worked perfectly. I'm afraid I can't help any further, I'm sorry

Oh, well, thanks anyways

 

[n00bsaib0t]

This might sound like a dumb question, but does installing stuff like Nintendon't with this eliminate the need for CFW or cold boot haxchi to launch it? Or does it just bypass having to download it on my PC, put it on my SD card, and use WUP installer?

Either way, it's very cool to see this in action. There aren't a lot of us left here but I know this kind of support for the WiiU is appreciated by everyone here.

 

[RedDucks]

This might sound like a dumb question, but does installing stuff like Nintendon't with this eliminate the need for CFW or cold boot haxchi to launch it? Or does it just bypass having to download it on my PC, put it on my SD card, and use WUP installer?

Either way, it's very cool to see this in action. There aren't a lot of us left here but I know this kind of support for the WiiU is appreciated by everyone here.

This depends on what you install. You will always need signature patches to run unsigned applications, so you'd still need CFW for that. Any type of homebrew or non-official title from Nintendo will not be properly signed. However it's entirely possible to serve titles which are legitimately signed and those will not need signature patches/CFW. But this is limited to legitimate titles from the eShop, which means it would be piracy to serve them

So yes, basically this skips the steps of installing a title from the SD card and instead uses the consoles built in method of title installing