Posts

Newest Post: An Uncertain Future

Good evening, my readers. As some of you have already noticed, I am working on a personal project I had created several years ago lately, a space where my original creations would be featured. However, as my old self being was unable to deal with the workload and expectations back then, small progress was made before being put side and focusing on the engine instead. I certainly wonder why I did not give this project the attention it deserved, but well, time is irreversible, so I will have to work with the  bare-bones I had left... At present, I got heavily motivated and finally resumed my project after months of reworking the core parts, so this is going to be the main entry where the latest information will be posted. The main plot will not be the big deal, of course, but I will try making it different from the usual. The project has been divided into parts in order to fasten the release process, as I would be stuck in it for longer otherwise, so relevant content will be shown wh...
6

M.U.G.E.N Engine - VoidShell Library

Hello my fellow readers! Well, before starting to talk about VoidShell, I will try refreshing your memory... Does the word "Eikidankai" remind you of something? This portrait will definitively make you remember it then: Said word has been reserved for my personal projects from now on. Characters who  previously  used it were already given a new name, and  VoidShell  has come to replace t he namesake module , so let us get started! What is even VoidShell? It is a  general-purpose library for M.U.G.E.N Engine that allows  Void characters to  protect their main PlayerCache data while providing them a simple but vast toolkit  interface to use in said engine. Characters loaded through this library will have their primary data remotely  protected besides providing basic contingency plans against certain enemies. They are also granted the capability of remotely tampering with the enemy to weaken them further, called as "Player Arts", which can be a...
0

M.U.G.E.N 1.00: ST Filepath - Buffer Overflow Attack

Good evening, friends. It has been a while since I have not talked about engine vulnerabilities, but I think this is the right time to start talking about this new vulnerability. This research was born from Nomi 's ideas about trying to overflow the ST filepath line in WinMUGEN, which motivated me to investigate said insight in M.U.G.E.N 1.00; a nd as expected, it is possible to perform a buffer overflow attack from there by creating a very long filepath string that overwrites the character loader's buffer region including the return address, allowing us to execute our ROP chain. This exploit can be used on both M.U.G.E.N 1.00 and 1.1b, but the main downside is not default-processing reversible, which currently restricts its use to SuperNull:Reloader characters only. (> Full information about this engine vulnerability can be found here . <) Note: Due to nature of the ROP exploit technique, do not expect this exploit to work on all the computers, so beware of it. Well, tha...

M.U.G.E.N 1.00: Command Trigger - Buffer Overflow Attack

Good afternoon, friends. Hmm, I never thought I would be talking about this vulnerability again, but well, let us go straight to the point. As you can guess, this vulnerability also exists in M.U.G.E.N 1.00, but due to the NX Bit protection being active in the program, shellcodes cannot be directly executed, so it is required to use an exploit technique, known as Return-Oriented Programming , to circumvent said protection. I have recently made an exploit that takes advantage of such vulnerability, but as there are several pointer limitations to build a ROP chain that jumps the engine back to default processing, it is currently limited to SuperNull ~ Reloader characters. (> PoC can be downloaded here <) Note: As this exploit requires ROP chains to execute its shellcode, do not expect it to work on all the computers, so beware of it. Well, that is all for today, have a nice day.

Cookie Clicker - WinMUGEN Edition: Development Log No. 1

Hello friends. It has been a while since I do not post new content in my blog, but for this ocassion, I will be posting some development logs about this game adapation for M.U.G.E.N Engine: Cookie Clicker As you can guess, incremental type games like this one are virtually impossible to adapt in a fighting engine like M.U.G.E.N without the help of exploits, as the latter allows me to enable mouse support besides implementing some code patches for optimization purposes. Due to engine limitations, I will have to integrate new game mechanics to compensate, so you can have a unique and different experience when playing this game adaption. It is currently in W.I.P state, but it will eventually be released to the public after fine-tuning the last details, so stay tuned for new posts. Have a nice day.
0