Posted: 6/23/2015 4:29 AM
Post subject: ZSNES exploit: ACE in the host PC by loading a malicious ROM
Quote
Amaraticando
It/Its
Editor, Player (158)
Joined: 1/10/2012
Posts: 673
Location: Brazil
TAS of 2015 SNES TAS of 2015
ZSNES v1.51 exploit: it's possible to execute native x86 code embedded inside SNES ROM images. https://twitter.com/byuu_san/status/613004775773347840 Demo: https://www.youtube.com/watch?v=Q3SOYneC7mU "ZSNES contains several bugs that allow the ROM to escape from the emulator and do whatever it want on the host computer. We have found three different bugs of this nature, which will be fixed in ZSNES 1.52, but it is likely that more remain."
Posted: 6/23/2015 8:49 AM
Quote
FractalFusion
Editor, Skilled player (1941)
Joined: 6/15/2005
Posts: 3247
Glitchy TAS of 2013 Gameboy TAS of 2013 PSX TASer of 2010
Also discussed at smwcentral.net. Edit: Also at reddit.
Posted: 6/23/2015 9:16 AM
Quote
Nach
Emulator Coder
Joined: 3/9/2004
Posts: 4588
Location: In his lab studying psychology to find new ways to torture TASers and forumers
I'd like to add that Windows is the most susceptible, Linux much less so. We've had patches for this in our tree for a while now, and I found a few more of these bugs (and patched them) than the three discovered here. New builds should be out soon.
Warning: Opinions expressed by Nach or others in this post do not necessarily reflect the views, opinions, or position of Nach himself on the matter(s) being discussed therein.