Go to file
2019-01-06 18:25:59 +01:00
codebin2js.py Fix the codebin2js.py script 2019-01-06 18:23:37 +01:00
index.html Add a full sample using the HBL 1.4 payload. 2019-01-06 18:23:31 +01:00
README.md Add a readme 2019-01-06 18:23:43 +01:00
startServer.bat Update the startSever.bat to use python 3 2019-01-06 18:25:59 +01:00

JsTypeHax

Wii U browser exploit for system version 5.5.2 and 5.5.3.
This PoC currently uses the homebrew launcher 1.4 payload, you can find the original file here .
To create a own usable payload, grab any code550.bin and wiiuhaxx_loader.bin from the wiiuhaxx_common repo and place it in root of this repo. Afterwards you can convert it to a JS arrays using codebin2js.py, replace line 53-56 on the index.html with this output.

The bug

CVE-2013-2857, Use after free https://bugs.chromium.org/p/chromium/issues/detail?id=240124 .