Views: 19,850,218 |
Home
| Forums
| Uploader
| Wiki
| Object databases
| IRC
Rules/FAQ | Memberlist | Calendar | Stats | Online users | Last posts | Search |
03-28-24 09:05 AM |
Guest: |
0 users reading OSDriver kernel exploit released | 1 bot |
Main - WiiU game hacking and emulation - OSDriver kernel exploit released | Hide post layouts | New reply |
Marionumber1 |
| ||
Wii U hacker Level: 55 Posts: 439/709 EXP: 1235317 Next: 78872 Since: 07-07-12 Last post: 2188 days ago Last view: 564 days ago |
The recent 5.5.0 update patched one of the kernel exploits that I developed, so I decided to release it yesterday. This is an exploit in the OSDriver functions, a race attack that takes advantage of improper locking. OSDriver_CopyToSaveArea() drops a spinlock before copying data into the kernel save area, allowing another core to delete the driver during the copy. You can then put something else in its place and the copy will overwrite it.
Source code is in the libwiiu repo, and shibboleet made a GBATemp guide for the end-user. Once the kernel exploit successfully runs, you can use apps that require kernel access, like TCPGecko and Cafiine. Greater technical details of how the exploit works are available here, for those who are interested. Thanks to comex and Hykem the Demon for helping develop this exploit. |
Main - WiiU game hacking and emulation - OSDriver kernel exploit released | Hide post layouts | New reply |
Page rendered in 0.013 seconds. (2048KB of memory used) MySQL - queries: 27, rows: 107/107, time: 0.008 seconds. Acmlmboard 2.064 (2018-07-20) © 2005-2008 Acmlm, Xkeeper, blackhole89 et al. |