Posts

Newest Post: VoidShell Library: Destiny Notes

Good afternoon, readers. Oh yeah, this is going to be the first blog entry of 2026, so let us begin by talking about the VoidShell library's future. As many of you can guess, this library initially started as an ASM x86 program inside a ST file, which was loaded by the engine through a SuperNull exploit (The StateDef Overflow engine vulnerability was used as main vector back then), and despite you could expect, it was simpler than the current version. "Eikidankai" was the first name given to said library and early build versions were used on a few known characters (such as x00x00x or Void.Schmelze) to withstand most SuperNull enemies from the past decade. However, there was no real defense behind it, as it just seals most of the engine vulnerabilities while hooking some primary functions, causing their exploits to be effectively blocked but also rendering them unstable. They were eventually left as PoC characters while the Eikidankai program had to be reworked from scrat...
0

M.U.G.E.N Engine Researches: State Filepath Overflow

Good evening, readers.  It has been a while since the last blog entry was created, but well, life things. For this occassion, we are going to talk about the latest vulnerability discovered in M.U.G.E.N Engine, which has been used by SuperNull characters like " On The Verge of Death " or " Qvorda ",  so let's begin. State Filepath Overflow, also known as " STBOF " or " ST.Path ", is an engine vulnerability that allows for arbitrary code execution during character selection, making it a good alternative to use for SuperNull characters. The discovery of this vulnerability was born out of Nomi 's ideas about trying to overflow the ST Filepath textline in WinMUGEN, which was impossible to perform, as only 255 bytes can be used per text string. However, it could  feasibly be used on the 1.xx engine versions due to their increased textline size limit(4095 bytes), so I decided to investigate it further. "St" is the entry filepath the en...
0