The Wii U GamePad has been reverse-engineered by the developers behind the Dolphin GameCube/Wii emulator, with the controller's functions completely simulated on PC. When we heard the news (https://twitter.com/delroth_/status/332179135411654656) on Twitter, we contacted developer Pierre Bourdon to find out more. In hacking the GamePad, we reasoned that the developers would have extensive information on how Nintendo's innovative controller actually works."We started working on the Wii U GamePad as soon as we (me and two other hackers) got our hands on it," Bourdon tells us. "The GamePad is actually not a very secure device (compared to the Wii U). The device firmware is stored in an unencrypted Flash, which allowed us to reverse engineer the binary code pretty easily. It is also using almost standard 802.11n, which made things easy to experiment on a PC."The GamePad itself isn't anywhere near as complex as even the most basic Android tablet - essentially it's a standard game controller, with a touch-screen and a WiFi card, paired up with a decoder chip for the incoming video stream. Controller inputs themselves are beamed back to the Wii U via the same WiFi channel (180 times per second no less), in contrast to the Bluetooth employed by the Wiimote."We started our work by sniffing a Wii U/GamePad pairing, assuming WiFi encryption keys would be transferred during pairing. It turns out the pairing is (almost) standard WPS [a standard WiFi encryption protocol], with just a little obfuscation added to the crypto," Bourdon continues. "We modified wpa_supplicant/hostapd to have it work with the non-standard things, and were able to pair a PC with a Wii U that way. This took us less than a week - our time since then has been spent reverse engineering the custom communication protocol used between the Wii U and the GamePad."
http://www.eurogamer.net/articles/digitalfoundry-secrets-of-the-wii-u-gamepad