Posts

Newest Post: Ner'zhul.Seraphim: More Speed and Defense / Patch Note No. 1A

Good evening, readers. I see Ner'zhul.Seraphim got a nice reception a fter having released her some weeks ago, but  the VoidShell library's CPU intensive use makes her nearly unusable, even for high-end computers.  ... Therefore, I have plans on releasing an optimization update that improves the character's average framerate, while trying to reduce the general CPU average used by the main library. General code optimization in the character's state files and a new version of VoidShell are featured in this patch update, so do not expect visible visual improvements in her skill set, but you will see them smoothly now. Cool, right? Art asset created by SlenderFreak17 This character update can be downloaded by clicking on the main thumbnail, and  the download link of her main entry will eventually be updated, so no worries. After seeing the current state of VoidShell, I really never thought that single Eikidankai Framework module would be finally completed, so I do not know ...
0

M.U.G.E.N 1.xx: Engine Patches

Oh, hello, readers. I never thought I would end up creating a blog entry for this, as the latter was not even in my plans, but well... I have created these engine patches, which allow you to create simul matches with a maximum of 4 characters instead of 2, while some additional code fixes were implemented in said patches. Engine Version Download Links: (> 1.00 - 4v4/3v3 Simul <)  or  (> 1.1b - EX+ Type <) Warning:  As expected from engine patches, unpredictable results could occur if known exploits are triggered in this program version, so keep it in mind while selecting your characters. I already know engine patches that implement this have already been released, but these patch versions also fixes some primary code defects. Additionally, the 1.1b patch version has been updated to make it compatible with one of the most known add-ons, MUGENHook. ... There is also a  WinMUGEN  patch version in case you need it.

M.U.G.E.N 1.1b: EikiLoader.EX - Postman Reloader

Good evening, readers.  On this occassion, I have created a Reloader template from the EikiLoader.EX program for this engine version, that allows you to load a full version of your character while creating another instance of the process in a similar way to the Postman method. This exploit template uses the STBOF  vulnerability, which we have already talked about previously, to execute its shellcode. (> Download Here <) After downloading this exploit template, you will have to read the "ReadMe" text file to implement it in your character properly, before executing the Reloader shellcode.  You can use this to create your SuperNull/Reloader characters easily without the need of creating complex ROP chains to execute similar code. This is all for now. Have a nice day.

M.U.G.E.N 1.00: ST Filepath - Buffer Overflow Attack

Good evening, friends. It has been a while since I have not talked about engine vulnerabilities, but I think this is the right time to start talking about this new vulnerability. This research was born from Nomi 's ideas about trying to overflow the ST filepath line in WinMUGEN, which motivated me to investigate said insight in M.U.G.E.N 1.00; a nd as expected, it is possible to perform a buffer overflow attack from there by creating a very long filepath string that overwrites the character loader's buffer region including the return address, allowing us to execute our ROP chain. This exploit can be used on both M.U.G.E.N 1.00 and 1.1b, but the main downside is not default-processing reversible, which currently restricts its use to SuperNull:Reloader characters only. (> Full information about this engine vulnerability can be found here . <) Note: Due to nature of the ROP exploit technique, do not expect this exploit to work on all the computers, so beware of it. Well, tha...