Wii U 5.5 Kernel exploit has been leaked
The Wii U Kernel exploit for 5.5 that has been left right and center of discussions on the Wii U scene recently, was just leaked a couple of hours ago on GBATemp. This exploit lets you run Loadiine (Wii U backup launcher), Cafiine, and a bunch of other cool tools. The exploit is compatible with (at least) firmwares 5.5.0 and 5.5.1
Developer @NWPlayer1234, one of the people behind the exploit (along with Marionumber1) has confirmed the leak is the real thing. It’s a full fledged exploit and people have already been confirming they can run Loadiine and other tools with it.
The leak happens a few days after NWPlayer1234 “suggested” someone leaked the exploit. It turns out one of the exploit’s handful of beta testers who had access to the file probably took the suggestion a bit too seriously.
Download and use
You can download the Wii U 5.5 Kernel exploit here.
Instructions are sparse, but here’s what we could gather from NWPlayer1234:
1) reverse folder names
2) delete that dumb WithLove.png
3) install java 8+
4) java -jar HaxServer.jar
And, last but not least, NWPlayer1234 posted video instructions on how to access the file from your console and run the exploit, then how to run loadiine from there:
I’m dying but here y’all nerds go pic.twitter.com/5AEvK5faAU
— Twi ✨ (@NWPlayer1234) May 3, 2016
pic.twitter.com/HS8hxoNSi8 — Twi ✨ (@NWPlayer1234) May 3, 2016
To summarize:
- Reverse folder names from the download
- Install Java 8 or above
- Make sure port 80 is not in use (e.g. make sure to quit Skype if you have it on your computer!)
-
Run hackserver.jar, and make sure it runs correctly
- in a Dos command line (“cmd”), type “ipconfig” to get your computer’s ip address
-
on your Wii: enter your IP address followed by /hax?kexploit31, for example http://192.168.0.1/hax?kexploit31
- Click on done and load the page to run the Wii U 5.5 kernel exploit
To run a tool such as Loadiine:
- Get the latest Loadiine nightly from the repository
- Copy the content on your SD Card in wiiU/apps/loadiine.gx2
- Backups on your SDCard need to be prepared as explained on the Loadiine Readme
- Run the kexploit10 binary (http://youripaddress/hax?kexploit10)
- Run loadiine
Please report success/failure!
NWPlayer1234 is releasing “how to” videos as I type this so check out the developer’s twitter account below for more details.
Source: NWPlayer1234
5.5.1 or 5.5.0?
I think both 5.5.0 and 5.5.1 are supported. Maybe we should wait until tomorrow to see the bricking statistics?
Brick statistics? Lol i agree with you, i want to take safe route, not too hasty 😀
Both
Sweet
Don’t mean to double post but I wonder since we are using Java if this will work on Linux and Mac OS.
Yes, it should
I couldn’t get it working on either OS X or Ubuntu 14.04. Just keeps giving the can’t lock port 80 error. Oh well, the open source gods created virtualbox for a reason.
Only root can bind to ports below 1024
Ohhhhh. Derp. Didn’t realize that. Thank you.
if you have apache or some other webserver in your pc that’s the reason
oops, I didn’t saw the other answer (the root reason)
I followed the steps, but when i run the url, my wiiu frozens, then i had no choice to hard reset my console, my frw is 5.5.1 what is happening
i had erased all the data from the browser, and then it worked, maybe some else may have the same issue, just erase all data beforee doing this
Thanks fot the tips 😉
thank you, that helped me
even after clearing data, on a few systems I’ve run into freezing a few times trying to initiate the exploit. I think it depends on your network traffic on whether this triggers or not… every so often with a few machines I’ve run this on, they will crash 4-5 times, then it seems to run just fine. Think it’s funny that it’s a leaked kexploit, and it’s greatest disguise is reversed folder names. So happy this is in java also, it’s one of the few languages I know.. So far seems to be running great, with the minimal amount of homebrew out there there isn’t much to test it with. I’m not a good enough programmer for making homebrew.. How the files are setup, I think that there will have to be more *.bin files that support loading certain elements before there is a larger homebrew database, as well as tweaking the files within the payloads. loadiine.bin rpccode.bin etc. All in all it’s not as unstable as people are saying, I am really thinking that the failures to load are all due to network traffic. This or old/bad router, distance from wireless netowrk, or people not knowing how to check port 80 and make sure it remains open.. Everywhere that has updated on this exploit have mentioned making sure skype is closed. I had to manually go into task manager on windows 10 and kill a skype service before this would connect. I don’t even use skype and the service was running. So even if you don’t use skype and you are having issues, open task manager and check out your services. That may be another problem people have with this not working. On my two wiiU’s, my kids, and mine, they both run, and trigger flawlessly. I am very greatful of this now, two young curious boys.. Do not like letting them have the discs.. Have already had a few titles I’ve had to re-buy several times, but now I’ve got a pile of SDcards.. I’d rather USB support for thumb drives and external hdds..
Nintendo is illuminati confirmed!
Puedo usar cualquier juego original de wiiu para cargar mis backups con loadiine? o tengo específico?
No es necesario, pero solo puedes usar el smash bros de wiiu, aun que ahora lo carga solo con el mii creator, se puede usar el smash tambien como loader, pero soslo ese, no otro juego.
thank you
tried it, I get the illuminati payload running either kexploit10 or kexploit31. tried “wiiU/apps/loadiine.gx2/loadiine_gx2.elf” AND “wiiU/apps/loadiine_gx2/loadiine_gx2.elf”, both 32gb MicroSD in adapter and 2gb SanDist SD. anyone have GOOD instructions?
did more research, these instructions are incomplete! after you see the illuminati payload run, use “http://youriphere/hax?loadiine” to launch loadiine. sadly the current loadiine nightly’s payload fails to complete it’s load.
also, loadiine’s payload is number 10 not 31, 31 is the payload for the homebrew launcher.
It works if you tell it to do payload 10.
youre my hero! i had the same problem and this help me, now playing nsmbu. thank you so much.
So does this mean the Wii U is fully hackable?
As in people will now pirate commercial games?
Sorry just come back to the scene after a year or so out.
Tzosin
Yup, fully hacked. loadiine loads commercial games so yes, this runs commercial games. not that you SHOULD, in fact you shouldn’t, but you CAN.
Does this mean the WiiU is fully hackable?
Can now run commercial roms or solely home brew?
Sorry been out of the scene for just over a year.
Kind regards
Tzosin
you can run Backups yes, its pre easy
Finally it worked for me, i’ve downloaded Nes Remix Pack, playing with the folder structure i made it work, and now i’n downloadin more games to test, but for now i need some sleep,
I wonder how many people haven’t read and noticed the folders were named backwards and reversed it like it says? One of those things that I hope everyone noticed when the looked at the files right away, if not -hmmm.
me to begin with, then i realiszed
nice!!!!!!!!!!!
When I run the java command I get the window but it says
Exploits: 0
Data: 0
Payloads: 0
I’ve reversed the folder names and I’m running Java 8, anyone else have this problem?
I’m getting the same thing?
that’s perfect
just run the exploit. numbers show how many times exploit was triggered
thats what ya meant to get, now load HBL or Loadiine(or both) on the SD card then go to http://192.128.XXX.XXX/hax?kexploit10
XXX is your IPV4 adress, find it by opening CMD then type “ipconfig”
For anyone using windows 10 if the hackserver isn’t working at first you might want to run…
net stop http
Which should free up port 80.
Just wanted to let everyone know I couldn’t get this working with the lan adapter it’s got a different mac address so that might have something to do with it. Anyways I just connected to the same router my computer was connected to but instead via wireless and everything went fine.
No luck. the JAR only gives errors…
http://gbatemp.net/threads/tutorial-running-kernel-exploit-loadiine-etc-the-easy-way.424967/
Please Help. When I run HaxServer.jar, It says 0 exploits and 0 data and 0 errors. Skype is not running and nothing is taken up by port 80. I dont know what to do!
it will always say O O O until you type in the IP address given in the instructions in these comments several times on your wiiU browser. On 5.5.1 I ran the kexploit31 then kexploit10, and launched instantly, and then your exploits # and data # should go up. If you are having trouble launching SomeDud, check out (http://loadiine.ovh) on your wiiU browser, it will detect your FW, and trigger the exploit if you check the box and hit submit. There’s are a lot of hosted tools there, and the hosted server to trigger kexploit
I’m on firmware 5.3.2E… anywhere I can update to 5.5.0 or 5.5.1?
what is the best for compatibility and general wellbeing of the console?
Kind Regards
Tzosin
STAY on 5.3.2. , dont listen to anyone saying you should update or anything like that. 5.3.2 is the perfect firmware right now
Yeah, get it from Nintendo the official way (5.5.1 is the latest firmware).
None of this *** *** works.
Correct me if I’m wrong you need the exploit server running every time you want to run Loadliine?
just every reboot or turn off
correct
“You need to *always* run the Kernel Exploit before you try to open an app (Loadiine, etc.). That includes between reboots, after you already launched another app, a game…”
from a link in another comment.
Cant wait to pirate it all
I hope the exploit evolves to a coldboot and a CFW integration, that would be awesome.
Keep getting error code: 112-1404 could not display page. I do not have skype or any other program using port 80.. java 8 installed. The hack server.jar runs fine with all 0’s. Suggestions please?
All 0’s looks like the problem here. Try to run the server with admin rights, also what folder did you put all of that in? Typical problems occur when you’re loading such a tool from a folder name with spaces. Also did you rename the folders properly?
yes I name s the folders properly. (data, payloads, loaders) . No spaces. name of the folder is exploits.
Could not bind port 80 is what I get in the command window.. I don’t have skype installed and I have the port open
It was a windows 10 issue… had to run net stop http to free up port 80.. worked after that. Another user in the comments said the say thing.
So, I have it working now… it crashes frequently. It’s totally not ready for a release yet. But when the games DO launch, they work perfectly.
Most games had to crash once before initializing properly.
I tested Xenoblade Chronicles X, New Mario Bros. and 2 DS games: Valkyrie Profile and Elite Beat Agents.
They all worked eventually, but the DS games took like 3 failures before they started working.
Not working. Either the exploit triggers and the entire system freezes with a hard reboot required, or the exploit address doesn’t trigger at all and the system reports an error code: 112-1028.
Found an alternative way for this to work 🙂
https://gbatemp.net/threads/videos-how-to-run-5-5-x-kernel-exploit-set-up-sd-card.425040/
Not Work For My
The Kexploits yes Work But
when i try load the loadiine
FSGetMoutSource Failed
I Get this error all time
I’m trying but only appear this error
My WiiU is in 5.5.1 U,
i Format the Sd Card in Fat 32 (16GB),i use another Sd card (16GB) but is desame error :\
if i try with kexploit31 appear Race attack all times too
Sorry my bad english
I don’t get it. I opened Port 80, I have the folders spelled out normally, have Java 8, have the JAR running fine, I reset the save data and delete the cookies in the browser, and have the IP address correct and put the address in right, and I have 5.5.1U, but same thing: It just freezes.
The Jar just shows the following:
Exploits: 2
Data: 0
Errors: 0
And thats all it shows everytime I run it. I tried everything. I don’t know why it won’t execute the exploit.
Hey Worked For Me Now
I Tryed again now and I Select Kexploit10 and the wii U Freezes
I Forced Turn Down The Wii U and tryed again with Kexploit 10 and after i tryed open loadine and Loadiine Works 😀
Worked for me. Though I had a few snags along the way, so I thought I’d post what I did in case anyone else had the same issues.
-Port 80 – I didn’t have any programs that used it, but I couldn’t get the java hack to work until I port forwarded it to ensure it was open.
-Launching loadiine is a three step process. I didn’t quite get that when I read the instructions, but here is what I do:
1. http://youripaddress/hax?kexploit31
2. http://youripaddress/hax?kexploit10
3. http://youripaddress/hax?loadliine
So, you’re going into the web browser three times. I have three bookmarks saved for this. Looking at the comments, it seems that I’m not alone in missing this at first, since many of the reported errors are what you get when you do not do this three step process. Once I figured this out, it has worked perfectly every time. And yes, you need to do all three steps every time you wish to access loadiine this way.
Hope this helps. To the rest, thanks for providing this.
P.S. A note on SD cards – I just learned this, but the wiiU apparently only supports FAT32, not ExFat or anything else. Currently running a 64gb card.
So what is the max size SD card can we use in the Wii? does it matter when it comes to loadiine?
no as long as you can format the card FAT32.
PS4 PS Vita hack continue??
Just want to say that from time to time loadiine won’t start and freeze the wii u, meanwhile kexploit didn’t freeze it.
my wii u froze 50% of the time, but everything is fine, that’s not very stable right now, like the past exploit in fact
What does reverse folder names mean?
atad->data and so on
Can i host the kernal server on my android?
I would like to know that to.
Any help guys?
can someone help? as soon the wiiu connects i get an error and cmd shows me this: java.io.FileNotFoundException: .\data\hax?kexploit31 (Die Syntax für den Dateinamen, Verzeichnisnamen oder die Datenträgerbezeichnung ist falsch)
at java.io.FileInputStream.open0(Native Method)
at java.io.FileInputStream.open(Unknown Source)
at java.io.FileInputStream.(Unknown Source)
at com.gudenau.haxserver.Util.readFile(Util.java:29)
at com.gudenau.haxserver.HaxClient.serveFile(HaxClient.java:87)
at com.gudenau.haxserver.HaxClient.run(HaxClient.java:62)
at java.lang.Thread.run(Unknown Source)
When I load the Illuminati thing it just goes to cannot load video
You’re port 80 is closed. Go into your router’s port forwarding settings and open it up for your IP address.
loadiine works really well. Console freezes sometimes when running the exploit, but thats to be expect. Once more people get involved in the scene it will become more stable and hopefully CFW will emerge. Thanks to everyone involved 🙂
I’m seriously starting to lose my patience on this after say…40 attempts and nothing but console freezing. I have followed the required instructions from both videos and comment advice, but nothing has broken down this freezing BS. It doesn’t matter if I chose kexploit10 or 31 the results are the same while Hackserver keeps showing 2 exploits running. Also loadline is always failing to load. I really wish the dev team focused more on CFW rather than these light hacks its already bad enough the instructions are a complete mess and incomplete to deal with. Sorry for my rambling
I finally got it to work!!! The way I did it was use “k?exploit10” with “k?launcher”
Basically using Homebrew Launcher to boot up loadline
There are several videos missing on this site which is probably the main reason only a few of us got it working.
Other than that Star Fox is working beautifully
Can you elaborate on were did you use the k?exploit10? as in changing the url?? please help
Is there a way to install the homebrew loader on the Wii U home/boot screen so I dont have to connect to the internet every time I want to boot the homebrew launcher?
Thanks for any info.
Not yet
Well this is cool i guess, i’m still waiting for an IOSU exploit thats current 😛