Posts

Newest Post: An Uncertain Future

Good evening, my readers. As some of you have already noticed, I am working on a personal project I had created several years ago lately, a space where my original creations would be featured. However, as my old self being was unable to deal with the workload and expectations back then, small progress was made before being put side and focusing on the engine instead. I certainly wonder why I did not give this project the attention it deserved, but well, time is irreversible, so I will have to work with the  bare-bones I had left... At present, I got heavily motivated and finally resumed my project after months of reworking the core parts, so this is going to be the main entry where the latest information will be posted. The main plot will not be the big deal, of course, but I will try making it different from the usual. The project has been divided into parts in order to fasten the release process, as I would be stuck in it for longer otherwise, so relevant content will be shown wh...
0

M.U.G.E.N Engine Researches: State Filepath Overflow

Good evening, readers.  It has been a while since the last blog entry was created, but well, life things. For this occassion, we are going to talk about the latest vulnerability discovered in M.U.G.E.N Engine, which has been used by SuperNull characters like " On The Verge of Death " or " Qvorda ",  so let's begin. State Filepath Overflow, also known as " STBOF " or " ST.Path ", is an engine vulnerability that allows for arbitrary code execution during character selection, making it a good alternative to use for SuperNull characters. The discovery of this vulnerability was born out of Nomi 's ideas about trying to overflow the ST Filepath textline in WinMUGEN, which was impossible to perform, as only 255 bytes can be used per text string. However, it could  feasibly be used on the 1.xx engine versions due to their increased textline size limit(4095 bytes), so I decided to investigate it further. "St" is the entry filepath the en...
0