Newest Post: An Uncertain Future

Good evening, my readers. As some of you have already noticed, I am working on a personal project I had created several years ago lately, a space where my original creations would be featured. However, as my old self being was unable to deal with the workload and expectations back then, small progress was made before being put side and focusing on the engine instead. I certainly wonder why I did not give this project the attention it deserved, but well, time is irreversible, so I will have to work with the  bare-bones I had left... At present, I got heavily motivated and finally resumed my project after months of reworking the core parts, so this is going to be the main entry where the latest information will be posted. The main plot will not be the big deal, of course, but I will try making it different from the usual. The project has been divided into parts in order to fasten the release process, as I would be stuck in it for longer otherwise, so relevant content will be shown wh...
0

M.U.G.E.N 1.00: ST Filepath - Buffer Overflow Attack

Good evening, friends.
It has been a while since I have not talked about engine vulnerabilities, but I think this is the right time to start talking about this new vulnerability.

This research was born from Nomi's ideas about trying to overflow the ST filepath line in WinMUGEN, which motivated me to investigate said insight in M.U.G.E.N 1.00; and as expected, it is possible to perform a buffer overflow attack from there by creating a very long filepath string that overwrites the character loader's buffer region including the return address, allowing us to execute our ROP chain.

This exploit can be used on both M.U.G.E.N 1.00 and 1.1b, but the main downside is not default-processing reversible, which currently restricts its use to SuperNull:Reloader characters only.

(> Full information about this engine vulnerability can be found here. <)

Sample Picture - Barkiel vs Einherjar

Note:
Due to nature of the ROP exploit technique, do not expect this exploit to work on all the computers, so beware of it.

Well, that is all for today, have a nice day.
Active Introspection State