wilbrand-rust

Rust (+WebAssembly) port of Wilbrand, a program used to build the mailbox bomb exploit for the Wii system menu.

Why does this exist?

I noticed that the web version of Wilbrand runs on PHP, and executes the binary to generate the exploit.

I thought it would be fun to port the C++ code to Rust, then compile it into WebAssembly, which makes it possible to generate the exploit payload from your browser; no servers needed.

Running the CLI

Requirements:

• rustup

# show cli usage help
cargo run -- --help

# example
# cargo run <MAC_ADDRESS> <DATE> <SYS_VERSION> <OUT_DIR>
cargo run aa-bb-cc-dd-ee-ff 02-05-2022 4.3e /path/to/sdcard

Development

Requirements:

• rustup
• volta
• wasm-pack
• just (optional)

volta and wasm-pack are required to build the UI

# running the CLI
cargo run

# running the UI
just dev

# or alternatively
cd wasm && wasm-pack build
cd ui && npm install && npm run dev

Project Structure

• cli: cli runner (WIP)
• lib: core library to construct the cdb payload
• wasm: WebAssembly bindings
• ui: UI code for the website
• data: loader.bin and envelope.bin
• docs: documentation for misc stuff, like envelope.bin

TODOs

• Test on 4.3E, bit identical binary produced, runs on my RVL-001 and boots HackMii installer
• Implement clap args parser in cli
• Binary diff all supported versions with original Wilbrand impl
• Check padding of loader.bin when being included in the exploit

Disclaimer

I am not responsible for your console bricking, or any form of software/hardware damage that may be caused by the software provided. Use at your own risk!

Credits

• giantpune - mailboxbomb as the reference implementation for porting to Rust, as well the original person who discovered the exploit
• HackMii team - savezelda's loader.bin is used
• emilydaemon - web version of Wilbrand
• leahanderson1 - for extracting the image from envelope.bin