Reply to thread
GBAtemp.net - The Independent Video Game Community
Search
Search titles only
By:
Search titles only
By:
Reply to thread
GBAtemp.net - The Independent Video Game Community
Home
Log in
Terms & Rules
Donate
Forums
New posts
Search forums
Groups
Public Events
New
New posts
New resources
New blog entries
New profile posts
New blog entry comments
New threadmarks
Latest activity
Cheats
Cheat Codes Add and Request group
The Legend of Zelda: Tears of the Kingdom cheat codes
Pokémon Legends: Arceus cheat codes
Xenoblade Chronicles 3 cheat codes
Fire Emblem Engage cheat codes
Request a cheat...
Tutorials
Nintendo Switch tutorials
Nintendo 3DS tutorials
Nintendo Wii U tutorials
Reviews
Overview
Official reviews
Downloads
Latest reviews
Search resources
Blogs
New entries
New comments
Blog list
Search blogs
Chat
Top chatters
Search
Search titles only
By:
Search titles only
By:
Log in
Register
New posts
Search forums
Log in
Register
Home
Forums
PC, Console & Handheld Discussions
Nintendo 3DS
Possible CaveStory Exploit
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Reply to thread
Message
<blockquote data-quote="Deleted member 370283" data-source="post: 6321907" data-attributes="member: 370283"><p><span style="font-size: 18px"><strong>I AM NOT SAYING IN ANY WAY THAT THERE IS A DEFINITE EXPLOIT.</strong></span></p><p></p><p><span style="font-size: 18px"><span style="font-size: 12px">Okay, now that I got that out of the way, allow me to explain myself.</span></span></p><p></p><p><span style="font-size: 18px"><span style="font-size: 12px">Back in the VVVVVV exploit release thread, someone mentioned about other Nicalis games possibly containing exploits (as a joke, I assume) so I decided that for my first very technical 3DS project I'd try to pick apart one of the games and see if they <em>could</em> actually be exploited.</span></span></p><p></p><p><span style="font-size: 18px"><span style="font-size: 12px">CaveStory, I think, can be. But I don't really know, because I've come to a slight roadstop. Allow me to explain my case thus far.</span></span></p><p></p><p style="text-align: center"><img src="http://i.imgur.com/YttaI17.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /> </p> <p style="text-align: center">CaveStory's save slots contain a date and time that the slot was updated. This is stored in plaintext within the save file.</p> <p style="text-align: center"></p> <p style="text-align: center"><img src="http://i.imgur.com/Yt2ilnM.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p> <p style="text-align: center">There seemed to be no save protection or checksum at all upon inspecting multiple files, so for kicks and giggles, I edited the date to be something... not a date. To my surprise:</p> <p style="text-align: center"></p> <p style="text-align: center"><img src="http://i.imgur.com/a1qjH2U.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /> </p> <p style="text-align: center">IT WORKED! So, considering that the date and time is a string, and that the end of this string seems to be symbolized by a $00 hexadecimal character, there already seemed to be a clear overflow at hand here. Upon continually lengthening the string, the game did crash. However, here is my roadblock...</p> <p style="text-align: center"></p><p>I'm just starting off, so I've got no idea of any good way that I can debug the game and see what is happening in real time order to pinpoint things and be able to formulate proper ROP (if at all possible in this case).</p><p>I understand the basic concept of an exploit (getting a way to manipulate the stack, using ROP gadgets to load our code, and then running it) but, once again, I don't know of the right tools to get this off of the ground and allow me to continue what little research I've put into CaveStory.</p><p></p><p>Any help would be greatly appreciated here. Thank you!</p><p></p><p><span style="font-size: 9px">inb4 "another one of these threads hur hur"</span></p></blockquote><p></p>
[QUOTE="Deleted member 370283, post: 6321907, member: 370283"] [SIZE=5][B]I AM NOT SAYING IN ANY WAY THAT THERE IS A DEFINITE EXPLOIT.[/B][/SIZE] [SIZE=5][SIZE=3]Okay, now that I got that out of the way, allow me to explain myself.[/SIZE][/SIZE] [SIZE=5][SIZE=3]Back in the VVVVVV exploit release thread, someone mentioned about other Nicalis games possibly containing exploits (as a joke, I assume) so I decided that for my first very technical 3DS project I'd try to pick apart one of the games and see if they [I]could[/I] actually be exploited.[/SIZE][/SIZE] [SIZE=5][SIZE=3]CaveStory, I think, can be. But I don't really know, because I've come to a slight roadstop. Allow me to explain my case thus far.[/SIZE][/SIZE] [CENTER][IMG]http://i.imgur.com/YttaI17.png[/IMG] CaveStory's save slots contain a date and time that the slot was updated. This is stored in plaintext within the save file. [IMG]http://i.imgur.com/Yt2ilnM.png[/IMG] There seemed to be no save protection or checksum at all upon inspecting multiple files, so for kicks and giggles, I edited the date to be something... not a date. To my surprise: [IMG]http://i.imgur.com/a1qjH2U.png[/IMG] IT WORKED! So, considering that the date and time is a string, and that the end of this string seems to be symbolized by a $00 hexadecimal character, there already seemed to be a clear overflow at hand here. Upon continually lengthening the string, the game did crash. However, here is my roadblock... [/CENTER] I'm just starting off, so I've got no idea of any good way that I can debug the game and see what is happening in real time order to pinpoint things and be able to formulate proper ROP (if at all possible in this case). I understand the basic concept of an exploit (getting a way to manipulate the stack, using ROP gadgets to load our code, and then running it) but, once again, I don't know of the right tools to get this off of the ground and allow me to continue what little research I've put into CaveStory. Any help would be greatly appreciated here. Thank you! [SIZE=1]inb4 "another one of these threads hur hur"[/SIZE] [/QUOTE]
Insert quotes…
Verification
Post reply
Home
Forums
PC, Console & Handheld Discussions
Nintendo 3DS
Possible CaveStory Exploit
General chit-chat
Help
Users
Settings
Notifications
Miscellaneous
Inverse message direction
Display editor on top
Enable maximized mode
Display images as links
Hide bot messages
Hide statuses
Hide chatter list
Show messages from ignored users
Temporarily disable chat
Receive mention alerts
Sound notifications
Normal messages
Private messages
Whisper messages
Mention messages
Bot messages
Desktop notifications
Normal messages
Private messages
Whisper messages
Mention messages
Bot messages
Options
Options
View top chatters
Sonic Angel Knight
Loading…
K3Nv2
Loading…
Xdqwerty
Loading…
what are you looking at?
@
Psionic Roshambo
:
I like that games can be fixed after the fact, hate that it's being abused via beta tests... And DLC... I was a 7800 owner back in the day and loved Impossible Mission, turns out I couldn't beat it because it was actually impossible lol
Today at 12:14 AM
@
Psionic Roshambo
:
I never knew about it at the time but a fixed version was available but you had to mail in your broken copy lol
Today at 12:15 AM
@
Psionic Roshambo
:
So that version is semi rare
Today at 12:15 AM
@
Xdqwerty
:
@Psionic Roshambo
, I have a rom of the ds version of impossible mission
+1
Today at 12:25 AM
@
Psionic Roshambo
:
https://www.youtube.com/watch?v=S4GojQTu7iI
Today at 12:41 AM
@
Xdqwerty
:
And sorry but i actually didnt like the game that much
Today at 12:44 AM
@
Psionic Roshambo
:
https://www.youtube.com/watch?v=6wsm5y07qDs
Today at 12:44 AM
B
@
btjunior
:
i love sigma meals,
skibidi slicers!!
Today at 12:44 AM
@
Xdqwerty
:
@btjunior
, u sure you arent a preteen?
Today at 12:48 AM
@
Psionic Roshambo
:
https://www.youtube.com/watch?v=A7XDFstVaHA
Today at 12:49 AM
B
@
btjunior
:
@xdquerty im 16
Today at 12:50 AM
@
Xdqwerty
:
@btjunior
, you act like if you were about 10
Today at 12:52 AM
@
K3Nv2
:
Age on profile 23
Today at 12:55 AM
@
Psionic Roshambo
:
https://www.youtube.com/watch?v=8FFQ_g8OoQM&list=RD8FFQ_g8OoQM&start_radio=1
Today at 12:55 AM
@
Xdqwerty
:
@K3Nv2
, they are faking their age
Today at 12:58 AM
B
@
btjunior
:
@Xdqwerty
59 minutes ago
B
@
btjunior
:
i am 16 but set my birthday to 9/11 lmao
59 minutes ago
@
Psionic Roshambo
:
https://www.youtube.com/watch?v=74nTzbgDGWM
58 minutes ago
@
Psionic Roshambo
:
https://youtu.be/Gy3BOmvLf2w?list=OLAK5uy_k27izUIERfT-RIE1qN1CHIOIkW4h5A9BY
Play this song if Hippies are bothering you! lol
56 minutes ago
@
Xdqwerty
:
Yawn
41 minutes ago
@
K3Nv2
:
Brush your teeth
40 minutes ago
@
Xdqwerty
:
@K3Nv2
, i only do that in the mornings
39 minutes ago
@
Xdqwerty
:
https://youtu.be/2byHyqiZVS8?si=Qr7te3eS9u0xQYDh
24 minutes ago
@
K3Nv2
:
https://youtu.be/owEOnspRpVk?si=rEd1m4Yi0aTKvjiv
13 minutes ago
@
Sonic Angel Knight
:
1 minute ago
Submit
@
Sonic Angel Knight
:
1 minute ago
Chat
3