Newest Post: Ner'zhul.Seraphim: More Speed and Defense / Patch Note No. 1A

Good evening, readers. I see Ner'zhul.Seraphim got a nice reception a fter having released her some weeks ago, but  the VoidShell library's CPU intensive use makes her nearly unusable, even for high-end computers.  ... Therefore, I have plans on releasing an optimization update that improves the character's average framerate, while trying to reduce the general CPU average used by the main library. General code optimization in the character's state files and a new version of VoidShell are featured in this patch update, so do not expect visible visual improvements in her skill set, but you will see them smoothly now. Cool, right? Art asset created by SlenderFreak17 This character update can be downloaded by clicking on the main thumbnail, and  the download link of her main entry will eventually be updated, so no worries. After seeing the current state of VoidShell, I really never thought that single Eikidankai Framework module would be finally completed, so I do not know ...
0

M.U.G.E.N 1.00: Command Trigger - Buffer Overflow Attack

Good afternoon, friends.
Hmm, I never thought I would be talking about this vulnerability again, but well, let us go straight to the point.

As you can guess, this vulnerability also exists in M.U.G.E.N 1.00, but due to the NX Bit protection being active in the program, shellcodes cannot be directly executed, so it is required to use an exploit technique, known as Return-Oriented Programming, to circumvent said protection.

I have recently made an exploit that takes advantage of such vulnerability, but as there are several pointer limitations to build a ROP chain that jumps the engine back to default processing, it is currently limited to SuperNull ~ Reloader characters.

Sample image of Eikidankai using the CTBOF vulnerability in 1.00

Note:
As this exploit requires ROP chains to execute its shellcode, do not expect it to work on all the computers, so beware of it.

Well, that is all for today, have a nice day.