Currently, we have a userspace exploit that can be compiled and run via the Internet Browser. It currently works on versions 4.0.0 to 5.1.0. This isn’t very useful at all for anyone who isn’t a developer, however. All it allows is basic code execution, including access to certain parts of memory (assuming it isn’t protected) and basic library functions. We cannot access anything the browser cannot access, such as an SD card. You have to run the exploit every time you want to do something.
Frequently Asked Questions
Q: How do I install the Homebrew Channel?
A: Wrong place to be looking, you’re thinking of the sandboxed vWii (virtual Wii).
Q: What is this?
A: As mentioned before, it’s an exploit that uses a bug in the (very old) version of WebKit that Nintendo is using for the Internet Browser to execute our code.
Q: What is “Userspace” and what can I do with it?
A: Userspace allows for basic access to running code, and accessing memory. You cannot access anything the original program cannot access. For example, you cannot access the SD card since the browser doesn’t have access to that.
Q: Why doesn’t it work on anything after 5.1.0?
A: We only ever found and developed one bug, and (I assume) Nintendo caught wind of the bug and patched it in 5.1.1. We would have to find another exploitable bug and develop it to run code on the latest version, which is being looked into.
Q: What’s the latest version the exploit works on?
A: See above answer, it works on 4.0.0 through 5.1.0, and there are 3 separate versions for 4.0.X, 4.1.0 and 5.X. It was first made for 4.1.0 and then later back-ported to 4.0.X, since some addresses had changed. Later, the update that added the Quick Boot Menu (5.0.0) changed the code structure enough that we had to blindly find our addresses again and rebuild the ROP chain to get code execution again.
Q: I don’t want to miss out on potential homebrew, how should I update to a safe version?
A: If you don’t care about running code right now, feel free to update to the latest version. We are currently looking into more Webkit bugs to exploit that work on the latest version.
If you do care about running code, try to find Mario Kart 8 version A (look at the serial on the back) which should have 4.1.0, or if that doesn’t work out look for NES Remix Pack which has 4.0.2.
Q: I want to update to the latest version but I don’t want to miss out, am I safe in doing so?
A: Feel free to update if you don’t care about running code right now, a new Webkit bug is being looked into.
Q: Should I be looking for a specific version Wii U?
A: No, we’re working on a new Webkit exploit that should work on all versions. Even if you update, you’re still fine.
Q: If I want to block Nintendo’s updates, what should I block?