Kernel Keys for Wii U IOSU 5.5.1 revealed
Developer Hykem has generated some controversy with his upcoming IOSU exploit, but published additional proof that the exploit is real: Wii U Kernel keys. The release date for Hykem’s IOSU exploit has been delayed a few times. Some people have been doubting that the exploit even exists, but knowing Hykem’s history on pretty much all gaming consoles, it’s safe to say naysayers couldn’t be more wrong.
Nevertheless, to shut people off, Hykem published a screenshot showing the Wii U ancast and vWii common keys, or at least a huge part of them. Accompanying the picture was a “happy bruteforcing” message, a way to say that people with the right tools and knowledge will be able to confirm his keys are the real deal, with some level of effort.
Developer Crediar has published the full keys on his twitter account on reply to Hykem, who acknowledged the result with a smiley.
This is also Hykem’s confirmation that his IOSU exploit works on the recently released Wii U firmware 5.5.1.
All my Wii keys are belong to U… pic.twitter.com/y4hePde2Rn
— Hykem (@hykemthedemon) January 18, 2016
Hykem has recently followed up on his release on GBATemp. He had recently promised a release by end of January, but it seems this might get delayed again, as he is looking for ways to obfuscate his code, in an attempt to delay Nintendo patching the exploit. Hykem also decided to use Yellows8’s recently released MP4 exploit, which has been confirmed to work up to the latest firmware 5.5.1. This allows Hykem to keep his own userland exploit for future use.
Hykem advises people to not update their Wii U and block future update from Nintendo, as they will most likely implement patches in their next firmware update. Blocking updates is done by blocking some specific IP addresses at your router level, this is easier than it sounds and you can google for it.
Hykem’s full statement:
In case you were afraid to deduce it from the screen I posted, yes, the hack works up to 5.5.1. However, I strongly recommend everyone to start blocking updates. That’s why I announced I was working on IOSU in the first place, to raise awareness.
I reached IOSU in 5.5.1 using a different bug (another lame UAF in WebKit) than yellows8‘s, but the libstagefright one is much more reliable and it’s already public. Which means that the release for 5.5.1 will be using yellows8‘s exploit while I keep the crappy one I used private.Beware that Nintendo will likely push a big update to the Internet Browser anytime soon (I believe it’s logical to deduce that), which will quite likely patch (properly) both the libstagefright bugs and other previously unpatched WebKit bugs (the one I mentioned included).
Marionumber1 also made a solid point about investigating userland bugs in areas not related to the browser (like Mii data, for example), which is something we will likely investigate soon.
Aside from all that, the exploit just needs obfuscation to be released. Like I stated before, the obfuscation layers will be complex which will take time to implement properly. If any delays follow, they will be strictly related to the obfuscation of the exploit.
Also, I mentioned that my “vacations” are extended to the end of February, but that doesn’t mean the exploit will only be released by then. I’m guessing it will be done quite before that, but right now it’s just a matter of getting it right so Nintendo won’t patch it as soon as it comes out.
first? well im waiting for the 5.5.0 kexploit hope that come out soon
It’s a lot easier to block Nintendo updates by setting your WiiU/3DS DNS setting to the one of Tubehax (107.211.140.065). No fuss involved with messing with your router, and it works like a charm.
If I’m still on 5.3.2 should I update?
No. It should work on anything up to and including 5.51. If for some strange reason you do need to update for something you can just rent a disc from Redbox with the right update on it for a couple bucks
I won’t be able to rent a disc. That’s why I’m asking.
w00t 1st do i win a price?
El Cagon your price is $1000000 to download. You F U K T A R D
El Cagon has a tiny weener!
woot woot!!! El Cagon has no cojones!!!
And C&D in 5..4..3..
The MIB will come after you bruh lloll
Yup you guys are all correct 🙂
Not that it’s a big deal, but is hackinformer in a different time zone? They had this news up almost 24 hours before wololo. It’s good for both sites to report on this wonderful news either way.
So the only work that needs to be done now is to make development tools for the Wii U and we’ll have native Homebrew/backups that can be ran from the Wii U homechannel thanks to these keys or are keys unique to a console?
has anyone got their wii u 5.5.1 to play backed up games on external hdd yet?
Yep, I can play all the Wii and GameCube backups I want from a USB HDD. 😀
Seriously though, I wonder what will become of the full IOSU exploit for 5.5.1 now that Hykem has stepped out of the scene.