Wii U update 5.5.1 out, 5.5.0 MP4 exploit released
Nintendo released an update for the Wii system firmware, putting the Wii U up to 5.5.1. Among other things, it seems this “stability” update patches a bunch of security issues with the device, including a vulnerability in libstagefright (used for video decoding).
Wii U Firmware 5.5.1 fixes libstagefright vulnerability, Mathew_Wi releases patched exploit
This patches an exploit that developer Mathew_Wi and a bunch of other hackers had been working on for firmware 5.5.0, and as a result Mathew_Wi decided to release their work in progress.
The released exploit isn’t in a very “usable” state for the end user right now, an it will be up to homebrew developers to follow the vague instructions that have been released:
We have been incredibly lazy about fixing this. However, I have a hint for you. Use the code spray code from previous HTML exploits, and embed the MP4 exploit to run code that way.
In template540 and template550, at offset 0x79 to 0x7C contains the value that is in r30 when it crashes, which is an address to a point in the ROP buffer. Essentially leave the rest of the MP4 file unchanged if you plan on doing it via HTML/JS. If you want to use another ROP gadget, then the address that is spammed at the end of the file is the gadget that we initially jump to.
Mathew_Wi credits the following people for the MP4 exploit:
– Credits –
zhuowei – Pointing out the bug to Marionumber1 and I.
Marionumber1 – All the fantastic ROP chain work. Plus all around masterful work. Wouldn’t have been possible without him.
Mathew_Wi – *** initial exploitation/debugging/5.5.0 ROP Gadgets
MrRean – Helping in a way I can’t quite remember.
NWPlayer123 – Something!
Hykem – I think he did something too, I can’t remember, sue me.
Original Crew – comex, Relys, TheKit, and of course Mr. Chadderz himself.
– Special Thanks –
NWPlayer123 for convincing Marionumber1 to allow me to participate in the group. <3
What about the IOSU exploit from Hykem?
Developer Hykem has not released any statement recently about his upcoming exploit for IOSU 5.5.0, and if that exploit has been patched or not by the new 5.5.1 firmware.
Download the 5.40/5.5.0 MP4 Exploit for Wii U
You can download The Wii U 5.50 MP4 Exploit here