Wii U: hacker hexkyz publishes boot1 code execution exploit
For those of you who still care about the Wii U, hacker Hexkyz has published a write up on a vulnerability that gives him arbitrary code execution in Boot1.
He states that this could be leveraged to create a safe (as in, safer than what is currently done) Light Custom Firwmare (a CFW that does not survive a cold boot) for Wii U owners. He writes:
Leveraging this bug from the vWii environment, for example, could grant a nice boot(ish) time CFW by combining some form of contenthax in a way that entering vWii mode would launch the boot1hax payload, reset the console and send you right into a CFW. The total time spent on this would be minimal and it would create a dual-boot environment where you could hold down the “B” button on boot to jump into CFW or do nothing to land on the vanilla OS. That is, of course, if you wouldn’t mind sacrificing your vWii channel for a while (it would then be possible to restore it from within the CFW environment, so that’s not really an issue).
Hexkyz says that it’s very easy for Nintendo to patch this vulnerability, but since the Wii U is now not maintained anymore, hackers felt it was the right time to disclose the exploit.
I’ll avoid making a fool of myself as I don’t know anything about the Wii U, and invite you to read the full writeup here.