PoC exploit for Super Smash Brothers Wii U to get arbitrary ROP execution under userland
Can go over any fighter (and possibly article) to gain arbitrary code execution (Only ROP atm). This is a variation of contenthax based around MSC (the main character scripting language) exploiting a heap overflow to gain arbitrary read/write within the MSC script. Use pymsc to build.
- Python 3.6 or greater in path as python3 (Edit Makefile for other configs)
- A copy of the wiiuhaxx_common release files (>=0.3 inside a folder
git clone --recurse-submodules https://github.com/jam1garner/ROBChain.git && \ cd ROBChain/poc && \ make clean && make
Take the generated exploit.mscsb and install it in a patch over
then install via SDCafiine or fs contents replacement.