Posts

Newest Post: WinMUGEN: NomiShell - Library MultiLoader

Good afternoon, readers.  Do you need a SuperNull exploit file that allows you to load multiple libraries at a time? Well then, this NomiShell loader variant will  allow you to do so until a maximum of 32 library files per load, while not having to use several SuperNull exploits for it. For libraries that explictly require code interaction with NomiShell, please read this blog entry , as it offers you a clean version of the latter to use. Current Version: V1.00s (> Download Here <) After downloading this exploit template, you will have to read the "ReadMe" text file to implement it in your character properly, before executing the NomiShell code loade r. Well, I guess that is all for now, so have a nice day!

Einherjar...

"Some things appear to be real, but how are you sure they actually exist?" Words provided by Einherjar. This is a SuperNull character, that is also a Proof-of-Concept, I have worked in collaboration with the author Nomi .  Einherjar uses the CTBOF engine vulnerability, which is not so used due to its ROP limitations, to load her shellcode in M.U.G.E.N 1.00.  Download link can be found either  here  or in Nomi's website. Caution: It may not work on some computers, due to the way the ROP technique works, so beware of that matter. It has been a very while since I have created a character like her, but well, this is all for now.

M.U.G.E.N 1.00: Command Trigger - Buffer Overflow Attack

Good afternoon, friends. Hmm, I never thought I would be talking about this vulnerability again, but well, let us go straight to the point. As you can guess, this vulnerability also exists in M.U.G.E.N 1.00, but due to the NX Bit protection being active in the program, shellcodes cannot be directly executed, so it is required to use an exploit technique, known as Return-Oriented Programming , to circumvent said protection. I have recently made an exploit that takes advantage of such vulnerability, but as there are several pointer limitations to build a ROP chain that jumps the engine back to default processing, it is currently limited to SuperNull ~ Reloader characters. (> PoC can be downloaded here <) Note: As this exploit requires ROP chains to execute its shellcode, do not expect it to work on all the computers, so beware of it. Well, that is all for today, have a nice day.