[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y ] [Search | Extra juicy! | Home]

Obfuscated hardware/software hacking/glitching thread

This is a blue board which means that it's for everybody (Safe For Work content only). If you see any adult content, please report it.

Thread replies: 96
Thread images: 11

File: 1429713004345.png (1KB, 160x144px) Image search: [iqdb] [SauceNao] [Google]
1KB, 160x144px
Last thread: >>47636588

Use this thread to discuss the intricacies and fun in exploring hardware and software that simply doesn't want you to do so, whether by purpose or just through sheer bad design.
The focus is usually videogame hardware and software, but anything else that fits the criteria is more than welcome.

With that said, these threads have a special focus on the low level, especially assembler language.







File: 1394507890619.gif (164KB, 256x256px) Image search: [iqdb] [SauceNao] [Google]
164KB, 256x256px
If I wasn't so tired I'd post something of actual worth. It's a shame this thread is empty since the topic is interesting as fuck.
File: ican.jpg (24KB, 480x360px) Image search: [iqdb] [SauceNao] [Google]
24KB, 480x360px
Modern Binary Exploitation

Course Description
>Cybersecurity is one of the fastest growing fields in computer science, though its study is rarely covered in academia due to its rapid pace of development and its technical specificity. Modern Binary Exploitation will focus on teaching practical offensive security skills in binary exploitation and reverse engineering. Through a combination of interactive lectures, hands on labs, and guest speakers from industry, the course will offer students a rare opportunity to explore some of the most technically involved and fascinating subjects in the rapidly evolving field of security.

>The course will start off by covering basic x86 reverse engineering, vulnerability analysis, and classical forms of Linuxbased userland binary exploitation. It will then transition into protections found on modern systems (Canaries, DEP, ASLR, RELRO, Fortify Source, etc) and the techniques used to defeat them. Time permitting, the course will also cover other subjects in exploitation including kernelland and Windows based exploitation.

Student Learning Outcomes

Upon successful completion of this course, students will:
>1. Possess the skills necessary to carry out independent vulnerability research against binary applications.
>2. Have an intimate understanding of executable formats, program control flow at the assembly level, and other low level concepts.
>3. Understand classic and contemporary vulnerabilities and exploitation techniques.
>4. Apply both source code auditing and binary reverse engineering to the vulnerability discovery process.
>5. Be capable of exploiting vulnerabilities found in real world software as defined by MITRE’s Critical Vulnerabilities and Exposures (CVE) system.



Let's do this.

nice choice of pic for OP
The OP is way too long. Put some links in a pastebin instead.

From last thread
The card encryption is broken so these cards can be used like real cards IIRC. As for GBA, it's not running in GBA mode so it can't load those directly.

Some information
>Reprogramming SD card controllers

>GBA / DS / DSi information. Very long and detailed. Written by No$GBA (DS/GBA/DSi emulator in x86 ASM) developer. (Donate to him btw)

>Latest pokemon games data mining notes.
>for you fine gentlemen
>you fine gentlemen
>fine gentlemen
Fuck off reddit.
Also that thread, lel.
What did he say?
And hating on reddit, really? Grow up.
>Grow up
>in 4chan
reddit pls go
Not everyone here is 12, you know, but I don't wanna derail the thread with some pointless discussion.
wow #respect
Bump. Maybe we should talk retro consoles this time.

Bonus if it's some obscure thing.
Sure, just choose some console you find interest.
you find interesting*
Maybe the Virtual Boy?
There is actually a scene for it even now.
Hi there!
You seem to have made a bit of a mistake in your post. Luckily, the users of 4chan are always willing to help you clear this problem right up! You appear to have posted videogame thread on technology board! Whoops! You should always remember there is dedicated board for video games called /v/
Now, there's no need to thank me - I'm just doing my bit to help you get used to the various boards here!
Here you can discuss all your videogames!
File: 1425177278715.gif (484KB, 200x149px) Image search: [iqdb] [SauceNao] [Google]
484KB, 200x149px
>embedded hardware
>not technology
Im surprised by the decreasing number of anons telling Op to relocate this thread to /vr/ or /v/.
When this was first up at least half of the thread was about moving this thread.Im glad that those people are learning how to use the hide button.
Actually go back to >>>/v/

Some other things
>Nintendo OSS usage

>Sony OSS
ok here we go,they are still here.
I dont get the parroting type of people,repeating the same shit over and over and they somehow dont get bored.Have fun guise i have work to do.
Just don't reply when someone tells to move the thread to /v/.
I wish this thread wasn't as dead, we had really interesting discussions on the previous ones.

>tfw know everything
>tfw finding even a simple bug takes so long its not even worth starting
Modern software is more secure than some people think
I don't think there's much of a point in bumping.
If the thread dies we can make one when we actually want to discuss something, or move the thread to some other slower board.
File: Untitled.png (497KB, 1920x1080px) Image search: [iqdb] [SauceNao] [Google]
497KB, 1920x1080px
U guys wanna tell me everything you know about emulation? i just got into it yesterday. Bringing back some rad memories
>move the thread to some other slower board
no please dont do that
This is one of the few threads that are actually dedicated to technology and the spirit of curiosity and tinkering. Keep it up
What do you wanna know?

This reminds me, I have some links about writing emulators if anybody finds it interesting:

Oh, and there are some open source emulators, PPSSPP comes to mind but there are others.
trying to emulate life before the civil war so maybe like a slavery simulator?
File: 1364462871771.gif (2MB, 350x258px) Image search: [iqdb] [SauceNao] [Google]
2MB, 350x258px
A certain capcom game.

From what I remember, over the period of several days...

>hook up game to a debugger
>put breakpoint on system file read function
>examine stack
>slowly begin to identify what each function does and give it some descriptive name
>after a while, discover a call to a function which appears to decrypt the read data (i.e. the data was gibberish then it turned into something intelligible after returning from said function)
>step into function
>eventually find a rather curious looking loop which does a load of shift, xors, and fiddles around with the bits
>look around for algorithms which do similar things
>eventually determine it looks suspiciously similar to an ECB blowfish encryption loop
>look around the area of said function in disassembly
>put some more breakpoints in at startup, naming functions as I go along
>eventually discover the "init" function
>determine the actual key via more sleuthing (turns out it wasn't plaintext)
>write some code to decrypt file with blowfish using said key
>holy shit, archive decrypted!

So basically, a few weeks worth of deduction. It would have probably been longer if I hadn't also disassembled the whole thing for reference using hopper (it can generate pseudo code and such, as well as name functions). The actual ripping out of the generated key was done in the debugger.

1999 was the best year of my life
I don't get it?
tfw no one will care for these threads since /g/ is essentially /v/'s lounge, and no one knows more about technology than what a GPU is

I feel for you op
Complaining about it doesn't contribute to the thread.
I'm kinda sad I missed out on the moment cause my parents were reluctant on buying a gameboy.
Even though pretty much everyone was playing pokémon back then.

Oh well, it's no big deal.
Will you fuck off nigger I've seen this post five times. We're breaking down ancient code from the ROM level up in these threads, this isn't /v/ fag Skyrim modding kiddie shit.

yes I mad
Chill, this isn't /b/.
There's no point getting mad over it.
chill your nipples hombre, I'm saying most of /g/ is too dumb to understand what you're doing here, not that this thread belongs on /v/
Use bgb for gameboy and mgba for GBA. Also that version of vba you are using is old as balls.
I remember in 2000 when gold and silver version came out if you didn't buy either or for your kid, child support would be knocking soon.

Christmas hit and when I plugged that game cartridge in I almost had a stroke. The South Park episode was spot on, kids were ready to bomb pearl harbor a second time if they didn't get their god damn pokemans.
What's a pokemon game with lots of glitches?
I've only played one of the pokemon games some years ago, on a ds emulator, guess I'm probably the youngest person ITT.
My first Pokemon is B/W. You're not.

Master race wins again.
I'm so sorry
Most of the first gen; Red, Blue and Yellow. Iirc the japanese Green was the worst tho, people can beat it in 3 minutes: https://youtu.be/C_GQrzgQq7o

Also read this: http://tasvideos.org/forum/viewtopic.php?t=13489
>3 minutes
You can beat all the first gen games by saving and turning off the power at the right time which corrupts the item counter to give you 255 items.
As the actual memory area where items are stored is only 40 bytes long (you can have 20 item, there's 1 byte for the quantity and 1 for the identifier), you can edit other parts of your memory via the item menu.
If you use this method to change your pokemon count, you can edit even more memory in the same way. People have made it so that that the staircase in your room warps you directly to the last room of the pokemon league, meaning you can beat the game in under a minute.
Is the last part what http://tasvideos.org/forum/viewtopic.php?t=13489 is doing or are you still referring to reset corruption?
Holy fuck this guy is mad

File: 1425582281999.jpg (10KB, 228x218px) Image search: [iqdb] [SauceNao] [Google]
10KB, 228x218px
Super Mario 64 was a little broken.
Or maybe you are delusional about your skills.
Thanks that's pretty cool.
Wtf pikmin came with software to run on windows
Probably a stupid question but, when emulators ask for BIOS, why is the BIOS needed and how to dump it? Furthermore why only some emulators need it?
I guess they don't include it in the emulators for legal reasons.
This guy left a porn site HTML in a compiled ROM.

1990's porn anyone?


Dumping is different for each system.
As for why it's needed, part of the code in the BIOS needs to emulated so the game can communicate with it properly.
I've heard of bgb before but I've never heard of mgba. I've been using no$gba. Both bgb and no$gba are nice because they allow you to poke around in memory and set up break points if memory is read or written to. You can also setup ASM breakpoints. Pretty cool because these two emulators cover GB, GBC, GBA and DS games. I'll have to check out mgba though since I am curious.

In the meantime, I found this interesting article about the NES GBA ports. A lot of effort to prevent GBA emulation when you could just emulate the NES straight.


I love TCRF.
Not sure if this is a good thread for this, but I'd love to try hacking my ps2 exclusively from linux or through wine if I have to.
Is this doable?

It's become more addictive than TVTropes, and that's saying something for me.
No. You'll need some hardware.

I just mash the Random page button.
Did he left it there intentionally?
How did it happen then?
Does anyone have any info on the N64 RI registers? n64info is nice and all, but its descriptions are lacking.
We'll never know unless the dev who did it comes forward which I doubt. In my mind, that isn't something that you leave in a game by mistake. Perhaps the devs were joking around; who knows. The game never saw a retail release for whatever reason. Chances are that if the game made it to store shelves then that content probably would have been deleted. Although some devs are messy as fuck when cleaning up their games so maybe not.
It's literally said right there that it's caused by uninitialized memory in the compiler's memory.

Guy had this in his system's memory then the compiler threw it in during compilation.
But it wasn't supposed to happen right?
File: mariohax.0.png (74KB, 400x225px) Image search: [iqdb] [SauceNao] [Google]
74KB, 400x225px
I'd like to learn how to do something like this eventually:
Can you program?
Yes, but I have not yet dived into low-level programming such as assembly.
I love this video. There is also a similar one to it where the player "beats" the game.

I don't even know how you would begin to figure out what is done in the video.
Read this: http://tasvideos.org/3957S.html
And this: http://tasvideos.org/4156S.html

The creator explains it fairly well.
Aren't programs memory isolated from each other, how did his web browser memory end up there?
And isn't it dangerous for a program memory to get mixed with another program, can't it end up messing stuff or crashing the program.
>page 5
What kind of data was contained in the archives?
<Look for the pokemon yellow butthole pack
How do people make mods for games? I'm not talking about games with built in mod creation tools like minecraft, how is it possible for people to completely change levels or change textures, take a look at san andreas online servers, the maps are completely altered, how is that possible?
'sup n3wbs IDA master reporting in
hooly shit my sides
What does IDA have to do with anything?
Hey guys, how exactly would comments like this end up in an EXE file? Like would this come from comments in source code? Would it be thrown in after the source code is compiled?

printf("print something"); // fucking print something
That's fucking hilarious haha.
this is illegal
Your mom's illegal.
Depends on the compiler used. I know when I was working for one of the big 3 tech companies they had a pre commit/release check that enforced strict non swearing commenting/coding
Did you happen to know how >>47691445
That happened?
It's not memory space that's actually in use of another program, rather memory that was released from another program and the OS assigned to a new program
Apparently the OS doesn't initialize reassigned memory to 0, it's just leaving everything in it
Thanks, but shouldn't the os clear memory before letting other programs use it? This was a pretty funny thing tho, is it common for this to happen
yeah, would sound like a sane thing to do, wouldn't it?
I've heard that some Nintendo games have strange things in them because memory wasn't cleared and whatnot.
Don't have one. I forgot where I read it.
Too bad, seemed interesting.
Do you recall which game was it?
No. I think it was some of their early games on the NES where they were using C and the implementation of malloc or whatever they were using fucked something up.
this is what cancer looks like
As this Anon said >>47694307 not all OSs do memory allocation safety. I know when I was working on a simple string processing homework for a class in C it worked fine on my computer, but the test computer was freaking out. Apparently linux knowing how bad most users were allocating memory 0'd the whole block for me and the server had been set to not do this. As such the string didn't "end" until it randomly found a zero byte or null hence the phrase null terminated.
Thread posts: 96
Thread images: 11

[Boards: 3 / a / aco / adv / an / asp / b / bant / biz / c / can / cgl / ck / cm / co / cock / d / diy / e / fa / fap / fit / fitlit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mlpol / mo / mtv / mu / n / news / o / out / outsoc / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / spa / t / tg / toy / trash / trv / tv / u / v / vg / vint / vip / vp / vr / w / wg / wsg / wsr / x / y] [Search | Top | Home]
Please support this website by donating Bitcoins to 16mKtbZiwW52BLkibtCr8jUg2KVUMTxVQ5
If a post contains copyrighted or illegal content, please click on that post's [Report] button and fill out a post removal request
All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the content originated from that site. This means that 4Archive shows an archive of their content. If you need information for a Poster - contact them.