Go to file
orboditilt b173a77a33 Improve heap spraying of the payload.
Added support for the ropchaintype 3 (print a value). When selected, it prints the current offset of the sprayed. Can be used to tweak the payload_src_addr.
2019-01-08 16:14:56 +01:00
index.php Improve heap spraying of the payload. 2019-01-08 16:14:56 +01:00
README.md Reducing the amount of hardcoded (rop)values and payloads. Now you can just put in your payload in form of a "code.bin". 2019-01-07 00:32:47 +01:00
wiiuhaxx_common_cfg.php Reducing the amount of hardcoded (rop)values and payloads. Now you can just put in your payload in form of a "code.bin". 2019-01-07 00:32:47 +01:00

JsTypeHax

Wii U browser exploit for system version 5.5.2 and 5.5.3.
Requires a valid payload ("code550.bin") in the root dir and the release files from the wiiuhaxx_common repo inside a subfolder "wiiuhaxx_common".

Tested with the homebrew launcher 1.4 payload

Requirements

A webserver with php support.

The bug

CVE-2013-2857, Use after free https://bugs.chromium.org/p/chromium/issues/detail?id=240124 .