It’s been just a bit over a year since the Wii U was released along with the extremely impressive Wii U controller. With a D-pad, analog sticks, accelerometer, gyroscope, magnetometer, camera and 6.2 inch touchscreen, this controller is ripe for a million and one projects ranging from FPV quadcopters and robots to things we can’t even think of yet. At this year’s Chaos Communication Congress, [booto], [delroth], and [shuffle2] demonstrated how they cracked open the Wii U controller’s encryption allowing for Wii U controller ’emulation’ and giving us full documentation on how the whole thing works.
The guys started on their reverse engineering journey by dumping all the flash chips found on the controller’s board. In those binary blobs, they found Nintendo used a truly ingenious way of obfuscating the WiFi keys used to connect the controller to the Wii: rotate left by three. To be fair to Nintendo engineers, it was secure until someone figured it out.
Connecting the controller to a PC over WiFi is only half the battle, though. Initial information from the Wii U launch suggested Nintendo used Miracast for all the I/O between the controller and the console. This isn’t the case; instead the video, audio, camera, and button input are non-standard but very simple protocols. The hardest to break into was the video display for the touchscreen, but the guys discovered it’s pretty much H.264. After getting around some Nintendo weirdness, it’s possible to display video on the controller.
The guys have put together a small, extremely alpha library that comes with all the demos, documentation, and reverse engineering information. There’s a large wish list of what this library should include, but now that the information is public, it might be the time to pick up a Wii U.
Video of the talk below, here’s the presentation slides, and a demo of emulating a Wii U game pad on a PC.
I guess someone should do something with it…
Well done!
Why?
weeu controller is ~$200, this is twice the price of a decent chinese tablet
@rasz
Will that tablet have “a D-pad, analog sticks, accelerometer, gyroscope”?
It’d probably have the accelerometer and gyroscope. It might even have GPS.
you mean like this?
http://www.willgoo.com/jxd-s7800b-game-pad-quad-core-rockchip-3188-ips-lcd-8gb-p-356.html
it even has real cpu, with 4 cores, that tablet is probably faster than WHOLE weeu
Now that looks like it has a lot of potential.
Now the key is to make this work as a wii u controller since its way cheaper and has a nicer screen. (although hopefully the controls don’t suck)
Actually very impressive.
@rasz
Given that it has ARM for both CPU and GPU I really, really doubt that.
In any case, it seems really obvious to me that the point of this isn’t “lol buy a Wii U pad to use as a remote.” It’s targeted at people who already own a Wii U. That this isn’t a terribly large group is a separate issue.
just watched the talk, pretty impressive , that stuff has taken a lot of time to do.
But IMHO this has limited application seen the wifi problems , it seams you need to get certain wifi modules in order to use it.
And i also doubt if it’s cost effective , a wii u gamepad is about the same price as an JXD S7800B (199usd) and double of an JXD S5110B (99usd), which are android tablets that have all the buttons and 2 analog controllers (+better screens).
So if you want a tablet to be used as a remote for a robot i assume these are far more interesting to play with/make some custom android app.
I hate Wii U haters! Y U HATE ON PERFECTLY GOOD SYSTEM
Humm so what will people do with this? Universal remote?
I’m thinking use it to control the Parrot AR drone or any other RC goodies with cameras on them.
Or use it as a controller on other consoles with its screen being used to display your wife’s “find my iphone” whereabouts so you know appox how much fun time remains.
Now this is how you document a hack. Once they get their library perfected so it’s not locking up the WiiU gamepad, if they can get it to work with multiple units to the same PC, then things get really interesting.
Yea, that’s exactly what I hope they achieve, otherwise it’s not as useful as it potentially can be.
>demonstrated how they cracked open the Wii U controller’s encryption
They didn’t break any encryption. Nintendo obfuscated WPS to make sure it only connects to the Wii U. If they were really concerned they would have done crazy stuff like putting ROMs inside of random chips instead of leaving the SPI flash out in the open and all the data in plain text.
@delroth: Please start “hacking” your spoken English and start using subtle breaks between words so you can be understood. I’m not a public speaker myself but I heard taking a breath once in a while also helps with the presentation
I wish they would speak in their native languages instead if they aren’t adept or native english speakers.
Part of ‘Hacking your spoken english’ includes actually speaking english a lot. I was able to understand the point he was trying to convey even in a room full running equipment.
I would say your inability to understand English spoken with an accent is your own deficiency. Perhaps spend some time hacking your English comprehension.
Ooo that would be nice with a custom FW and build a robot that you can control with it :)
So the encryption is like ROT13 minus the 10? ;-)
no, it’s something “hislike t”
It’s not encryption .. it’s obfuscation.
ROT13 is an encoding method, not an encryption method. :L
Brain dying. Jk. Let me know if they ever figure this out for android would love to conduct my web store from grocery store parking loot with better controls and better portability than a laptop.