Exploit for games which load savegame at start
Exploit for games which load savegame at start
When I see all those exploits which load code at different stages it makes me wonder if it would be possible to execute them even earlier. There are games like Resident Evil 1 and 0 which both read the savegame right at the start (even before the intro screen shows up).
Are all those exploits based upon one fatal flaw found in all of them or is everyone of them very specific?
Are all those exploits based upon one fatal flaw found in all of them or is everyone of them very specific?
Own a couple PAL and JPN cubes. And three BBAs. Homeland and PSO I/II.
Re: Exploit for games which load savegame at start
The ones so far exploit unchecked string vulnerabilities which happen when you don't terminate a string with NULL. If a savegame is loaded at the start AND it tries to immediately print the string then the exploit might trigger, otherwise it'll usually trigger when it attempts to print the string.
Re: Exploit for games which load savegame at start
So that's probably the reason, why there is no exploit which overflows in the memory card menu of the original BIOS, isn't it?
Re: Exploit for games which load savegame at start
I see. Yeah well, that kills the thought I had about Resident Evil 0 and 1. It just checks the memorycard to look for a savegame.emu_kidid wrote:The ones so far exploit unchecked string vulnerabilities which happen when you don't terminate a string with NULL. If a savegame is loaded at the start AND it tries to immediately print the string then the exploit might trigger, otherwise it'll usually trigger when it attempts to print the string.
Thanks for the explanation, emu_kidid. I'll look out for games which do that.
That would be the ultimate exploit.andzlay wrote:So that's probably the reason, why there is no exploit which overflows in the memory card menu of the original BIOS, isn't it?
Own a couple PAL and JPN cubes. And three BBAs. Homeland and PSO I/II.
Re: Exploit for games which load savegame at start
The IPL has already been checked and there are apparently no vulnerabilities. It would have been done ages ago otherwise.
As far as the gamecube is concerned, arbitrary code execution = full control on the entirety of the console so there are no superior exploits besides how practical they are to use.
As far as the gamecube is concerned, arbitrary code execution = full control on the entirety of the console so there are no superior exploits besides how practical they are to use.
Re: Exploit for games which load savegame at start
Would the IPL be exploitable you wouldn't need any kind of game to get into swiss (softmod wise). I would find that superior to the need to have and boot a game and wait until you are able to execute the exploit. Sad that there aren't any, but it seems that Nintendo invested some work into the IPL, huh?
off-topic:
that reminds me that the wii has issues with gamecube savegames which are missing the second line of description. You would see just random letters or if you looked at a different savegame before the exact same text this other savegame used. funny nintendo would fail to catch this
off-topic:
that reminds me that the wii has issues with gamecube savegames which are missing the second line of description. You would see just random letters or if you looked at a different savegame before the exact same text this other savegame used. funny nintendo would fail to catch this
Own a couple PAL and JPN cubes. And three BBAs. Homeland and PSO I/II.
Re: Exploit for games which load savegame at start
It's not that they took care in the IPL, they just kept it dead simple.
Too bad they didn't leave some backdoor in the boot sequence for themselves to load code like ps2 has.
Too bad they didn't leave some backdoor in the boot sequence for themselves to load code like ps2 has.
Re: Exploit for games which load savegame at start
I wonder if we could exploit the fact it makes you set certain settings when the clock battery is removed, it writes to sram then right?
Re: Exploit for games which load savegame at start
SRAM is 64 bytes worth of flags, nothing really interesting.
Re: Exploit for games which load savegame at start
The device they were less careful with is DVD discs but it's not like you can author those and even if you could why bother when you could make a bootable disc anyway
Re: Exploit for games which load savegame at start
What if you have something else than a DVD drive attached to di though.
Re: Exploit for games which load savegame at start
Then you can do whatever you want already anyway!Streetwalker wrote:What if you have something else than a DVD drive attached to di though.