[News / Maintenance]

#WiiU warriors, rejoice!

You no longer need to hook up to @pretendo to play your favourites online, Nintendo has officially announced at 2am BST tomorrow, you will finally be able to play Splatoon 1 and #MarioKart8 tomorrow again online!

I'm planning to join in on a live stream tomorrow, probably around 7pm, I'll have more information on my main account if you want to join in with me (I'm currently using @experiencer).

It looks like to play online, you will need to probably download the 4.1.1 update (might be 4.2.0 idk) for Mario Kart 8 (I'm purely going off of memory for version numbers) and the 2.13.0 update for Splatoon 1, they'll be released at the time stated at the beginning.

Are you excited to finally play them online for the first time in 5 months? Let us know in the replies below!

See announcement page in Japanese: https://www.nintendo.co.jp/support/information/2023/0802.html

#スプラトゥーン1 #スプラトゥーン #Splatoon1 #Splatoon #Nintendo #NintendoWiiU #ENLBufferPwn #NintendoNetwork #MK8 #MK8DX #MarioKart8Deluxe @[email protected]

#Nintendo takes down game servers impacted by hack

Nintendo has taken down the #WiiU Servers for #MarioKart8 and #Splatoon1. Officially for temporary Network maintenance, but it's likely they are (finally) looking into the impact of the #ENLBufferPwn, an unpatched exploit on #3DS / #Wii that allows attackers to take remote control of your console simply by joining the same online game as you.

#NintendoOnline
https://wololo.net/2023/03/06/nintendo-takes-down-game-servers-impacted-by-hack/

Nintendo Japan's Tweet:

https://twitter.com/nintendo_cs/status/1631514260353298434

Just thinking a bit more about #ENLBufferPwn for #WiiU, and I actually just went back to wondering why the Mario Kart 8 exploit video was privated, and this could be possibly #Nintendo having no plans to patch it?

The authors seem like nice people (I've had a few conversations with one of the authors), and I could see them removing it because Nintendo has no plans to patch it, and to protect users who play these games.

Purely nothing factual rn, but it would make sense.

I'm giving Nintendo until January 10th. If they don't patch the ENLBufferPwn vulnerability on Wii U, then I will release this video.

https://1drv.ms/w/s!AgNafXziV9SskkkIVF1e2zgoSdFs

I'm currently trying to work with PabloMK7, and I hope it ends up happening, but if not, I'd appreciate it if someone with a good knowledge of coding could help me explain this better to those who don't, I'd be happy to leave attribution.

#rce #cve #vulnerability #coding #wiiu #3ds #switch #pretendo #enlbufferpwn #bufferoverflow

ENLBufferPwn (CVE-2022-47949)

// by @[email protected]

"The #ENLBufferPwn vulnerability exploits a buffer #overflow in the C++ class NetworkBuffer present in the network library enl (Net in Mario Kart 7) used by many first party #Nintendo games. This class contains two methods Add and Set which fill a network buffer with data coming from other players. However, none of those methods check that the input data actually fits in the network buffer. Since the input data is controllable, a buffer overflow can be triggered on a remote console by just having an online game session with the attacker."

https://github.com/PabloMK7/ENLBufferPwn